Analysis

Category Package Started Completed Duration Options Log(s) MalScore
FILE eml 2025-12-08 15:06:01 2025-12-08 15:09:15 194 seconds Show Options Show Analysis Log 9.2 
vnc_port=5900
2025-12-06 18:31:41,707 [root] INFO: Date set to: 20251208T07:06:01, timeout set to: 180
2025-12-06 18:31:41,707 [root] DEBUG: Starting analyzer from: C:\tmpw7hn3wdo
2025-12-06 18:31:41,707 [root] DEBUG: Storing results at: C:\UMqzgRcss
2025-12-06 18:31:41,707 [root] DEBUG: Pipe server name: \\.\PIPE\pdpVBYn
2025-12-06 18:31:41,707 [root] DEBUG: Python path: C:\Python38
2025-12-06 18:31:41,707 [root] INFO: analysis running as a normal user
2025-12-06 18:31:41,707 [root] INFO: analysis package specified: "eml"
2025-12-06 18:31:41,707 [root] DEBUG: importing analysis package module: "modules.packages.eml"...
2025-12-06 18:31:41,707 [root] DEBUG: imported analysis package "eml"
2025-12-06 18:31:41,707 [root] DEBUG: initializing analysis package "eml"...
2025-12-06 18:31:41,707 [lib.common.common] INFO: wrapping
2025-12-06 18:31:41,707 [lib.core.compound] INFO: C:\Users\user\AppData\Local\Temp already exists, skipping creation
2025-12-06 18:31:41,707 [root] DEBUG: New location of moved file: C:\Users\user\AppData\Local\Temp\49768fe73895b939.unknown
2025-12-06 18:31:41,722 [root] INFO: Analyzer: Package modules.packages.eml does not specify a DLL option
2025-12-06 18:31:41,722 [root] INFO: Analyzer: Package modules.packages.eml does not specify a DLL_64 option
2025-12-06 18:31:41,722 [root] INFO: Analyzer: Package modules.packages.eml does not specify a loader option
2025-12-06 18:31:41,722 [root] INFO: Analyzer: Package modules.packages.eml does not specify a loader_64 option
2025-12-06 18:31:41,738 [root] DEBUG: Imported auxiliary module "modules.auxiliary.browser"
2025-12-06 18:31:41,738 [root] DEBUG: Imported auxiliary module "modules.auxiliary.curtain"
2025-12-06 18:31:41,738 [root] DEBUG: Imported auxiliary module "modules.auxiliary.disguise"
2025-12-06 18:31:41,738 [root] DEBUG: Imported auxiliary module "modules.auxiliary.during_script"
2025-12-06 18:31:41,738 [root] DEBUG: Imported auxiliary module "modules.auxiliary.end_noisy_tasks"
2025-12-06 18:31:41,754 [root] DEBUG: Imported auxiliary module "modules.auxiliary.evtx"
2025-12-06 18:31:41,754 [root] DEBUG: Imported auxiliary module "modules.auxiliary.human"
2025-12-06 18:31:41,754 [root] DEBUG: Imported auxiliary module "modules.auxiliary.pre_script"
2025-12-06 18:31:41,754 [lib.api.screenshot] DEBUG: Importing 'PIL.ImageChops'
2025-12-06 18:31:41,769 [lib.api.screenshot] DEBUG: Importing 'PIL.ImageGrab'
2025-12-06 18:31:41,769 [lib.api.screenshot] DEBUG: Importing 'PIL.ImageDraw'
2025-12-06 18:31:41,785 [root] DEBUG: Imported auxiliary module "modules.auxiliary.screenshots"
2025-12-06 18:31:41,785 [root] DEBUG: Imported auxiliary module "modules.auxiliary.sysmon"
2025-12-06 18:31:41,785 [root] DEBUG: Imported auxiliary module "modules.auxiliary.tlsdump"
2025-12-06 18:31:41,785 [root] DEBUG: Imported auxiliary module "modules.auxiliary.usage"
2025-12-06 18:31:41,785 [root] DEBUG: Initialized auxiliary module "Browser"
2025-12-06 18:31:41,785 [root] DEBUG: attempting to configure 'Browser' from data
2025-12-06 18:31:41,785 [root] DEBUG: module Browser does not support data configuration, ignoring
2025-12-06 18:31:41,785 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.browser"...
2025-12-06 18:31:41,785 [root] DEBUG: Started auxiliary module modules.auxiliary.browser
2025-12-06 18:31:41,785 [root] DEBUG: Initialized auxiliary module "Curtain"
2025-12-06 18:31:41,785 [root] DEBUG: attempting to configure 'Curtain' from data
2025-12-06 18:31:41,785 [root] DEBUG: module Curtain does not support data configuration, ignoring
2025-12-06 18:31:41,785 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.curtain"...
2025-12-06 18:31:41,785 [root] DEBUG: Started auxiliary module modules.auxiliary.curtain
2025-12-06 18:31:41,785 [root] DEBUG: Initialized auxiliary module "Disguise"
2025-12-06 18:31:41,785 [root] DEBUG: attempting to configure 'Disguise' from data
2025-12-06 18:31:41,785 [root] DEBUG: module Disguise does not support data configuration, ignoring
2025-12-06 18:31:41,785 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.disguise"...
2025-12-06 18:31:41,785 [root] WARNING: Cannot execute auxiliary module modules.auxiliary.disguise: [WinError 5] Access is denied
2025-12-06 18:31:41,785 [root] DEBUG: Initialized auxiliary module "End_noisy_tasks"
2025-12-06 18:31:41,785 [root] DEBUG: attempting to configure 'End_noisy_tasks' from data
2025-12-06 18:31:41,785 [root] DEBUG: module End_noisy_tasks does not support data configuration, ignoring
2025-12-06 18:31:41,785 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.end_noisy_tasks"...
2025-12-06 18:31:41,785 [modules.auxiliary.end_noisy_tasks] DEBUG: taskkill /f /IM wuauclt.exe
2025-12-06 18:31:41,785 [root] DEBUG: Started auxiliary module modules.auxiliary.end_noisy_tasks
2025-12-06 18:31:41,785 [root] DEBUG: Initialized auxiliary module "Evtx"
2025-12-06 18:31:41,785 [root] DEBUG: attempting to configure 'Evtx' from data
2025-12-06 18:31:41,785 [root] DEBUG: module Evtx does not support data configuration, ignoring
2025-12-06 18:31:41,785 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.evtx"...
2025-12-06 18:31:41,785 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Security State Change" /success:enable /failure:enable
2025-12-06 18:31:41,785 [root] DEBUG: Started auxiliary module modules.auxiliary.evtx
2025-12-06 18:31:41,785 [root] DEBUG: Initialized auxiliary module "Human"
2025-12-06 18:31:41,785 [root] DEBUG: attempting to configure 'Human' from data
2025-12-06 18:31:41,785 [root] DEBUG: module Human does not support data configuration, ignoring
2025-12-06 18:31:41,785 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.human"...
2025-12-06 18:31:41,785 [root] DEBUG: Started auxiliary module modules.auxiliary.human
2025-12-06 18:31:41,785 [root] DEBUG: Initialized auxiliary module "Pre_script"
2025-12-06 18:31:41,785 [root] DEBUG: attempting to configure 'Pre_script' from data
2025-12-06 18:31:41,785 [root] DEBUG: module Pre_script does not support data configuration, ignoring
2025-12-06 18:31:41,785 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.pre_script"...
2025-12-06 18:31:41,785 [root] DEBUG: Started auxiliary module modules.auxiliary.pre_script
2025-12-06 18:31:41,785 [root] DEBUG: Initialized auxiliary module "Screenshots"
2025-12-06 18:31:41,785 [root] DEBUG: attempting to configure 'Screenshots' from data
2025-12-06 18:31:41,785 [root] DEBUG: module Screenshots does not support data configuration, ignoring
2025-12-06 18:31:41,785 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.screenshots"...
2025-12-06 18:31:41,801 [root] DEBUG: Started auxiliary module modules.auxiliary.screenshots
2025-12-06 18:31:41,801 [root] DEBUG: Initialized auxiliary module "Sysmon"
2025-12-06 18:31:41,801 [root] DEBUG: attempting to configure 'Sysmon' from data
2025-12-06 18:31:41,801 [root] DEBUG: module Sysmon does not support data configuration, ignoring
2025-12-06 18:31:41,801 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.sysmon"...
2025-12-06 18:31:41,879 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Security System Extension" /success:enable /failure:enable
2025-12-06 18:31:41,910 [modules.auxiliary.end_noisy_tasks] DEBUG: taskkill /f /IM wusa.exe
2025-12-06 18:31:41,926 [root] WARNING: Cannot execute auxiliary module modules.auxiliary.sysmon: In order to use the Sysmon functionality, it is required to have the SMaster(64|32).exe file and sysmonconfig-export.xml file in the bin path. Note that the SMaster(64|32).exe files are just the standard Sysmon binaries renamed to avoid anti-analysis detection techniques.
2025-12-06 18:31:41,926 [root] DEBUG: Initialized auxiliary module "TLSDumpMasterSecrets"
2025-12-06 18:31:41,926 [root] DEBUG: attempting to configure 'TLSDumpMasterSecrets' from data
2025-12-06 18:31:41,926 [root] DEBUG: module TLSDumpMasterSecrets does not support data configuration, ignoring
2025-12-06 18:31:41,926 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.tlsdump"...
2025-12-06 18:31:41,926 [modules.auxiliary.tlsdump] INFO: lsass.exe found, pid 668
2025-12-06 18:31:41,926 [lib.api.process] WARNING: failed to open process 668
2025-12-06 18:31:41,926 [lib.api.process] WARNING: failed to open process 668
2025-12-06 18:31:41,926 [lib.api.process] WARNING: failed to open process 668
2025-12-06 18:31:41,926 [lib.api.process] DEBUG: Failed getting image name for pid 668
2025-12-06 18:31:41,926 [lib.api.process] WARNING: failed to open process 668
2025-12-06 18:31:41,926 [lib.api.process] DEBUG: Failed getting image name for pid 668
2025-12-06 18:31:41,926 [lib.api.process] DEBUG: Failed getting exit code for <Process 668 ???>
2025-12-06 18:31:41,926 [lib.api.process] WARNING: failed to open process 668
2025-12-06 18:31:41,926 [lib.api.process] DEBUG: Failed getting image name for pid 668
2025-12-06 18:31:41,926 [lib.api.process] WARNING: failed to open process 668
2025-12-06 18:31:41,926 [lib.api.process] DEBUG: Failed getting image name for pid 668
2025-12-06 18:31:41,926 [lib.api.process] WARNING: the <Process 668 ???> is not alive, injection aborted
2025-12-06 18:31:41,926 [root] DEBUG: Started auxiliary module modules.auxiliary.tlsdump
2025-12-06 18:31:41,926 [root] DEBUG: Initialized auxiliary module "Usage"
2025-12-06 18:31:41,926 [root] DEBUG: attempting to configure 'Usage' from data
2025-12-06 18:31:41,926 [root] DEBUG: module Usage does not support data configuration, ignoring
2025-12-06 18:31:41,926 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.usage"...
2025-12-06 18:31:41,926 [root] DEBUG: Started auxiliary module modules.auxiliary.usage
2025-12-06 18:31:41,926 [root] DEBUG: Initialized auxiliary module "During_script"
2025-12-06 18:31:41,926 [root] DEBUG: attempting to configure 'During_script' from data
2025-12-06 18:31:41,926 [root] DEBUG: module During_script does not support data configuration, ignoring
2025-12-06 18:31:41,926 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.during_script"...
2025-12-06 18:31:41,926 [root] DEBUG: Started auxiliary module modules.auxiliary.during_script
2025-12-06 18:31:41,926 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"System Integrity" /success:enable /failure:enable
2025-12-06 18:31:41,973 [modules.auxiliary.end_noisy_tasks] DEBUG: taskkill /f /IM WindowsUpdate.exe
2025-12-06 18:31:41,973 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"IPsec Driver" /success:disable /failure:disable
2025-12-06 18:31:42,019 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Other System Events" /success:disable /failure:enable
2025-12-06 18:31:42,051 [modules.auxiliary.end_noisy_tasks] DEBUG: taskkill /f /IM GoogleUpdate.exe
2025-12-06 18:31:42,066 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Logon" /success:enable /failure:enable
2025-12-06 18:31:42,097 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Logoff" /success:enable /failure:enable
2025-12-06 18:31:42,113 [modules.auxiliary.end_noisy_tasks] DEBUG: taskkill /f /IM MicrosoftEdgeUpdate.exe
2025-12-06 18:31:42,128 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Account Lockout" /success:enable /failure:enable
2025-12-06 18:31:42,160 [root] INFO: Restarting WMI Service
2025-12-06 18:31:42,175 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"IPsec Main Mode" /success:disable /failure:disable
2025-12-06 18:31:42,207 [root] DEBUG: package modules.packages.eml does not support configure, ignoring
2025-12-06 18:31:42,207 [root] WARNING: configuration error for package modules.packages.eml: error importing data.packages.eml: No module named 'data.packages'
2025-12-06 18:31:42,207 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"IPsec Quick Mode" /success:disable /failure:disable
2025-12-06 18:31:42,207 [lib.core.compound] INFO: C:\Users\user\AppData\Local\Temp already exists, skipping creation
2025-12-06 18:31:42,238 [modules.auxiliary.end_noisy_tasks] DEBUG: Command executed with exit code 1: reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" /v DisableWindowsUpdateAccess /t REG_DWORD /d 1 /f
2025-12-06 18:31:42,238 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"IPsec Extended Mode" /success:disable /failure:disable
2025-12-06 18:31:42,285 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Other Logon/Logoff Events" /success:enable /failure:enable
2025-12-06 18:31:42,285 [modules.auxiliary.end_noisy_tasks] DEBUG: Command executed with exit code 1: reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DataCollection" /v AllowTelemetry /t REG_DWORD /d 0 /f
2025-12-06 18:31:42,316 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Network Policy Server" /success:enable /failure:enable
2025-12-06 18:31:42,332 [modules.auxiliary.end_noisy_tasks] DEBUG: Command executed with exit code 1: reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v EnableICMPRedirect /t REG_DWORD /d 0 /f
2025-12-06 18:31:42,347 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Special Logon" /success:enable /failure:enable
2025-12-06 18:31:42,379 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"File System" /success:enable /failure:enable
2025-12-06 18:31:42,394 [lib.api.process] INFO: Successfully executed process from path "C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE" with arguments "/eml "C:\Users\user\AppData\Local\Temp\49768fe73895b939.unknown"" with pid 2160
2025-12-06 18:31:42,394 [lib.api.process] INFO: Monitor config for <Process 2160 OUTLOOK.EXE>: C:\tmpw7hn3wdo\dll\2160.ini
2025-12-06 18:31:42,394 [lib.api.process] INFO: 32-bit DLL to inject is C:\tmpw7hn3wdo\dll\bzpqGRz.dll, loader C:\tmpw7hn3wdo\bin\NfRTtMG.exe
2025-12-06 18:31:42,394 [root] DEBUG: Loader: Injecting process 2160 (thread 2268) with C:\tmpw7hn3wdo\dll\bzpqGRz.dll.
2025-12-06 18:31:42,394 [root] DEBUG: InjectDllViaIAT: Successfully patched IAT.
2025-12-06 18:31:42,394 [root] DEBUG: Successfully injected DLL C:\tmpw7hn3wdo\dll\bzpqGRz.dll.
2025-12-06 18:31:42,410 [lib.api.process] INFO: Injected into 32-bit <Process 2160 OUTLOOK.EXE>
2025-12-06 18:31:42,410 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Registry" /success:enable /failure:enable
2025-12-06 18:31:42,441 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Kernel Object" /success:enable /failure:enable
2025-12-06 18:31:42,473 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"SAM" /success:disable /failure:disable
2025-12-06 18:31:42,488 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Certification Services" /success:enable /failure:enable
2025-12-06 18:31:42,520 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Handle Manipulation" /success:disable /failure:disable
2025-12-06 18:31:42,551 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Application Generated" /success:enable /failure:enable
2025-12-06 18:31:42,582 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"File Share" /success:enable /failure:enable
2025-12-06 18:31:42,613 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Filtering Platform Packet Drop" /success:disable /failure:disable
2025-12-06 18:31:42,629 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Filtering Platform Connection" /success:disable /failure:disable
2025-12-06 18:31:42,660 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Other Object Access Events" /success:disable /failure:disable
2025-12-06 18:31:42,691 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Sensitive Privilege Use" /success:disable /failure:disable
2025-12-06 18:31:42,723 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Non Sensitive Privilege Use" /success:disable /failure:disable
2025-12-06 18:31:42,738 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Other Privilege Use Events" /success:disable /failure:disable
2025-12-06 18:31:42,770 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"RPC Events" /success:enable /failure:enable
2025-12-06 18:31:42,800 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Audit Policy Change" /success:enable /failure:enable
2025-12-06 18:31:42,832 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Authentication Policy Change" /success:enable /failure:enable
2025-12-06 18:31:42,863 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"MPSSVC Rule-Level Policy Change" /success:disable /failure:disable
2025-12-06 18:31:42,894 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Filtering Platform Policy Change" /success:disable /failure:disable
2025-12-06 18:31:42,910 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Other Policy Change Events" /success:disable /failure:enable
2025-12-06 18:31:42,941 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"User Account Management" /success:enable /failure:enable
2025-12-06 18:31:42,972 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Computer Account Management" /success:enable /failure:enable
2025-12-06 18:31:43,004 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Security Group Management" /success:enable /failure:enable
2025-12-06 18:31:43,035 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Distribution Group Management" /success:enable /failure:enable
2025-12-06 18:31:43,050 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Application Group Management" /success:enable /failure:enable
2025-12-06 18:31:43,082 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Other Account Management Events" /success:enable /failure:enable
2025-12-06 18:31:43,113 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Directory Service Access" /success:enable /failure:enable
2025-12-06 18:31:43,144 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Directory Service Changes" /success:enable /failure:enable
2025-12-06 18:31:43,176 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Directory Service Replication" /success:disable /failure:enable
2025-12-06 18:31:43,191 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Detailed Directory Service Replication" /success:disable /failure:disable
2025-12-06 18:31:43,222 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Credential Validation" /success:enable /failure:enable
2025-12-06 18:31:43,254 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Kerberos Service Ticket Operations" /success:enable /failure:enable
2025-12-06 18:31:43,285 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Other Account Logon Events" /success:enable /failure:enable
2025-12-06 18:31:43,301 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Kerberos Authentication Service" /success:enable /failure:enable
2025-12-06 18:31:43,332 [modules.auxiliary.evtx] DEBUG: Wiping Application
2025-12-06 18:31:43,363 [modules.auxiliary.evtx] DEBUG: Wiping HardwareEvents
2025-12-06 18:31:43,394 [modules.auxiliary.evtx] DEBUG: Wiping Internet Explorer
2025-12-06 18:31:43,410 [modules.auxiliary.evtx] DEBUG: Wiping Key Management Service
2025-12-06 18:31:43,441 [modules.auxiliary.evtx] DEBUG: Wiping OAlerts
2025-12-06 18:31:43,473 [modules.auxiliary.evtx] DEBUG: Wiping Security
2025-12-06 18:31:43,504 [modules.auxiliary.evtx] DEBUG: Wiping Setup
2025-12-06 18:31:43,519 [modules.auxiliary.evtx] DEBUG: Wiping System
2025-12-06 18:31:43,551 [modules.auxiliary.evtx] DEBUG: Wiping Windows PowerShell
2025-12-06 18:31:43,582 [modules.auxiliary.evtx] DEBUG: Wiping Microsoft-Windows-Sysmon/Operational
2025-12-06 18:31:44,426 [lib.api.process] INFO: Successfully resumed <Process 2160 OUTLOOK.EXE>
2025-12-06 18:31:44,457 [root] DEBUG: 2160: Python path set to 'C:\Python38'.
2025-12-06 18:31:44,457 [root] INFO: Disabling sleep skipping.
2025-12-06 18:31:44,457 [root] DEBUG: 2160: Dropped file limit defaulting to 100.
2025-12-06 18:31:44,504 [root] DEBUG: 2160: Microsoft Office settings enabled.
2025-12-06 18:31:44,504 [root] DEBUG: Error 5 (0x5) - AmsiDumper: Is CAPE agent running elevated? Initialisation failed: Access is denied.
2025-12-06 18:31:44,504 [root] DEBUG: 2160: Monitor initialised: 32-bit capemon loaded in process 2160 at 0x73450000, thread 2268, image base 0x800000, stack from 0x2cf5000-0x2d00000
2025-12-06 18:31:44,504 [root] DEBUG: 2160: Commandline: "C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE" /eml "C:\Users\user\AppData\Local\Temp\49768fe73895b939.unknown"
2025-12-06 18:31:44,519 [root] DEBUG: 2160: hook_api: Warning - CoCreateInstance export address 0x76C0569D differs from GetProcAddress -> 0x756395D0 (combase.dll::0xd95d0)
2025-12-06 18:31:44,519 [root] DEBUG: 2160: hook_api: Warning - CoCreateInstanceEx export address 0x76C056DC differs from GetProcAddress -> 0x7561C540 (combase.dll::0xbc540)
2025-12-06 18:31:44,519 [root] DEBUG: 2160: hook_api: Warning - CoGetClassObject export address 0x76C05C6C differs from GetProcAddress -> 0x756051A0 (combase.dll::0xa51a0)
2025-12-06 18:31:44,519 [root] DEBUG: 2160: hook_api: Warning - CreateRemoteThreadEx export address 0x7598866C differs from GetProcAddress -> 0x75BD7630 (KERNELBASE.dll::0x137630)
2025-12-06 18:31:44,519 [root] DEBUG: 2160: hook_api: Warning - CLSIDFromProgID export address 0x76C04ED6 differs from GetProcAddress -> 0x755D16A0 (combase.dll::0x716a0)
2025-12-06 18:31:44,519 [root] DEBUG: 2160: hook_api: Warning - CLSIDFromProgIDEx export address 0x76C04F13 differs from GetProcAddress -> 0x755D0500 (combase.dll::0x70500)
2025-12-06 18:31:44,519 [root] DEBUG: 2160: Hooked 434 out of 434 functions
2025-12-06 18:31:44,519 [root] DEBUG: 2160: Syscall hook installed, syscall logging level 1
2025-12-06 18:31:44,519 [root] DEBUG: 2160: WoW64fix: Windows version 10.0 not supported.
2025-12-06 18:31:44,519 [root] INFO: Loaded monitor into process with pid 2160
2025-12-06 18:31:44,848 [root] DEBUG: 2160: DLL loaded at 0x769F0000: C:\Windows\System32\oleaut32 (0x96000 bytes).
2025-12-06 18:31:44,863 [root] DEBUG: 2160: DLL loaded at 0x72A10000: C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984\Comctl32 (0x210000 bytes).
2025-12-06 18:31:44,863 [root] DEBUG: 2160: DLL loaded at 0x74CF0000: C:\Windows\SYSTEM32\version (0x8000 bytes).
2025-12-06 18:31:44,895 [root] DEBUG: 2160: DLL loaded at 0x73810000: C:\Windows\SYSTEM32\CRYPTUI (0x3f000 bytes).
2025-12-06 18:31:44,895 [root] DEBUG: 2160: DLL loaded at 0x74E90000: C:\Windows\SYSTEM32\IPHLPAPI (0x33000 bytes).
2025-12-06 18:31:44,895 [root] DEBUG: 2160: DLL loaded at 0x72380000: C:\Program Files (x86)\Common Files\Microsoft Shared\Office16\mso20win32client (0x68a000 bytes).
2025-12-06 18:31:44,910 [root] DEBUG: 2160: DLL loaded at 0x74B00000: C:\Windows\system32\uxtheme (0x74000 bytes).
2025-12-06 18:31:44,910 [root] DEBUG: 2160: DLL loaded at 0x74ED0000: C:\Windows\System32\bcryptPrimitives (0x5f000 bytes).
2025-12-06 18:31:44,910 [root] DEBUG: 2160: DLL loaded at 0x74CF0000: C:\Windows\SYSTEM32\version (0x8000 bytes).
2025-12-06 18:31:44,972 [root] DEBUG: 2160: DLL loaded at 0x737C0000: C:\Windows\SYSTEM32\wevtapi (0x49000 bytes).
2025-12-06 18:31:44,972 [root] DEBUG: 2160: DLL loaded at 0x718A0000: C:\Program Files (x86)\Common Files\Microsoft Shared\Office16\mso30win32client (0xadc000 bytes).
2025-12-06 18:31:45,019 [root] DEBUG: 2160: DLL loaded at 0x70B80000: C:\Program Files (x86)\Common Files\Microsoft Shared\Office16\mso40uiwin32client (0xd1e000 bytes).
2025-12-06 18:31:45,019 [root] DEBUG: 2160: DLL loaded at 0x73370000: C:\Windows\SYSTEM32\wintypes (0xdb000 bytes).
2025-12-06 18:31:45,035 [root] DEBUG: 2160: set_hooks_by_export_directory: Hooked 0 out of 434 functions
2025-12-06 18:31:45,035 [root] DEBUG: 2160: DLL loaded at 0x74CE0000: C:\Windows\SYSTEM32\kernel.appcore (0xf000 bytes).
2025-12-06 18:31:45,035 [root] DEBUG: 2160: DLL loaded at 0x76640000: C:\Windows\System32\clbcatq (0x7e000 bytes).
2025-12-06 18:31:45,050 [root] DEBUG: 2160: DLL loaded at 0x708E0000: C:\Windows\SYSTEM32\msi (0x298000 bytes).
2025-12-06 18:31:45,050 [root] DEBUG: 2160: DLL loaded at 0x73D00000: C:\Windows\SYSTEM32\srpapi (0x25000 bytes).
2025-12-06 18:31:45,066 [root] DEBUG: 2160: DLL loaded at 0x079D0000: C:\Windows\System32\SFC (0x3000 bytes).
2025-12-06 18:31:45,066 [root] DEBUG: 2160: DLL loaded at 0x74330000: C:\Windows\SYSTEM32\sfc_os (0x10000 bytes).
2025-12-06 18:31:45,097 [root] DEBUG: 2160: DLL loaded at 0x74320000: C:\Windows\SYSTEM32\WTSAPI32 (0xf000 bytes).
2025-12-06 18:31:45,097 [root] DEBUG: 2160: DLL loaded at 0x703B0000: C:\Program Files (x86)\Microsoft Office\root\Office16\OLMAPI32 (0x7c1000 bytes).
2025-12-06 18:31:45,113 [root] DEBUG: 2160: DLL loaded at 0x702C0000: C:\Program Files (x86)\Common Files\Microsoft Shared\Office16\mso50win32client (0xef000 bytes).
2025-12-06 18:31:45,191 [root] DEBUG: 2160: DLL loaded at 0x73D20000: C:\Windows\SYSTEM32\HTTPAPI (0xb000 bytes).
2025-12-06 18:31:45,207 [root] DEBUG: 2160: DLL loaded at 0x6EDE0000: C:\Windows\SYSTEM32\PROPSYS (0xc2000 bytes).
2025-12-06 18:31:45,207 [root] DEBUG: 2160: DLL loaded at 0x07E20000: C:\Program Files (x86)\Common Files\Microsoft Shared\Office16\mso98win32client (0x1407000 bytes).
2025-12-06 18:31:45,316 [root] DEBUG: 2160: DLL loaded at 0x6D110000: C:\Program Files (x86)\Common Files\Microsoft Shared\Office16\mso (0x1cc1000 bytes).
2025-12-06 18:31:45,332 [root] DEBUG: 2160: DLL loaded at 0x76C40000: C:\Windows\System32\MSCTF (0xd4000 bytes).
2025-12-06 18:31:45,347 [root] DEBUG: 2160: DLL loaded at 0x6CE70000: C:\Windows\SYSTEM32\msi (0x298000 bytes).
2025-12-06 18:31:45,347 [root] INFO: Added new file to list with pid None and path C:\Users\user\AppData\Local\Temp\{C0284404-4C96-4C20-9901-21DB24609CF1} - OProcSessId.dat
2025-12-06 18:31:45,379 [root] DEBUG: 2160: DLL loaded at 0x6C950000: C:\Windows\SYSTEM32\d2d1 (0x515000 bytes).
2025-12-06 18:31:45,379 [root] DEBUG: 2160: DLL loaded at 0x73770000: C:\Windows\SYSTEM32\WINSTA (0x4e000 bytes).
2025-12-06 18:31:45,394 [root] DEBUG: 2160: DLL loaded at 0x6C880000: C:\Windows\SYSTEM32\dxgi (0xc2000 bytes).
2025-12-06 18:31:45,394 [root] DEBUG: 2160: DLL loaded at 0x73D10000: C:\Windows\SYSTEM32\resourcepolicyclient (0xf000 bytes).
2025-12-06 18:31:45,441 [root] DEBUG: 2160: DLL loaded at 0x101C0000: C:\Program Files (x86)\Microsoft Office\root\Office16\1033\OUTLLIBR (0x18f000 bytes).
2025-12-06 18:31:45,472 [root] DEBUG: 2160: set_hooks_by_export_directory: Hooked 0 out of 434 functions
2025-12-06 18:31:45,472 [root] DEBUG: 2160: DLL loaded at 0x10350000: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLLIBR.COMMON (0x96e000 bytes).
2025-12-06 18:31:45,488 [root] DEBUG: 2160: DLL loaded at 0x73D10000: C:\Windows\SYSTEM32\Secur32 (0xa000 bytes).
2025-12-06 18:31:45,504 [root] DEBUG: 2160: DLL loaded at 0x76940000: C:\Windows\System32\shcore (0x87000 bytes).
2025-12-06 18:31:45,504 [root] DEBUG: 2160: DLL loaded at 0x6C780000: C:\Windows\System32\Windows.Security.Authentication.Web.Core (0xf9000 bytes).
2025-12-06 18:31:45,519 [root] DEBUG: 2160: DLL loaded at 0x6C570000: C:\Windows\SYSTEM32\DWrite (0x20c000 bytes).
2025-12-06 18:31:45,519 [root] DEBUG: 2160: DLL loaded at 0x73730000: C:\Windows\System32\netprofm (0x32000 bytes).
2025-12-06 18:31:45,519 [root] DEBUG: 2160: DLL loaded at 0x732A0000: C:\Windows\SYSTEM32\mscoree (0x52000 bytes).
2025-12-06 18:31:45,535 [root] DEBUG: 2160: DLL loaded at 0x6C4E0000: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei (0x88000 bytes).
2025-12-06 18:31:45,535 [root] DEBUG: 2160: DLL loaded at 0x73D00000: C:\Windows\System32\npmproxy (0xa000 bytes).
2025-12-06 18:31:45,535 [root] DEBUG: 2160: DLL loaded at 0x744A0000: C:\Windows\SYSTEM32\Wldp (0x25000 bytes).
2025-12-06 18:31:45,535 [root] DEBUG: 2160: DLL loaded at 0x744D0000: C:\Windows\SYSTEM32\windows.storage (0x60d000 bytes).
2025-12-06 18:31:45,550 [root] DEBUG: 2160: DLL loaded at 0x6C300000: C:\Windows\SYSTEM32\d3d11 (0x1e0000 bytes).
2025-12-06 18:31:45,550 [root] DEBUG: 2160: DLL loaded at 0x73CD0000: C:\Windows\SYSTEM32\profapi (0x18000 bytes).
2025-12-06 18:31:45,566 [root] DEBUG: 2160: DLL loaded at 0x6C230000: C:\Program Files (x86)\Microsoft Office\root\Office16\MsoAria (0xcd000 bytes).
2025-12-06 18:31:45,582 [lib.api.process] WARNING: failed to open process 792
2025-12-06 18:31:45,582 [lib.api.process] WARNING: failed to open process 792
2025-12-06 18:31:45,582 [lib.api.process] WARNING: failed to open process 792
2025-12-06 18:31:45,582 [lib.api.process] DEBUG: Failed getting image name for pid 792
2025-12-06 18:31:45,582 [lib.api.process] WARNING: failed to open process 792
2025-12-06 18:31:45,582 [lib.api.process] DEBUG: Failed getting image name for pid 792
2025-12-06 18:31:45,582 [lib.api.process] DEBUG: Failed getting exit code for <Process 792 ???>
2025-12-06 18:31:45,582 [lib.api.process] WARNING: failed to open process 792
2025-12-06 18:31:45,582 [lib.api.process] DEBUG: Failed getting image name for pid 792
2025-12-06 18:31:45,582 [lib.api.process] WARNING: failed to open process 792
2025-12-06 18:31:45,582 [lib.api.process] DEBUG: Failed getting image name for pid 792
2025-12-06 18:31:45,582 [lib.api.process] WARNING: the <Process 792 ???> is not alive, injection aborted
2025-12-06 18:31:45,597 [root] DEBUG: 2160: DLL loaded at 0x6BC60000: C:\Windows\SYSTEM32\d3d10warp (0x5c2000 bytes).
2025-12-06 18:31:45,597 [root] DEBUG: 2160: DLL loaded at 0x75D10000: C:\Windows\System32\Normaliz (0x7000 bytes).
2025-12-06 18:31:45,597 [root] DEBUG: 2160: set_hooks_by_export_directory: Hooked 0 out of 434 functions
2025-12-06 18:31:45,597 [root] DEBUG: 2160: DLL loaded at 0x73350000: C:\Windows\SYSTEM32\sppcs (0x1c000 bytes).
2025-12-06 18:31:45,613 [root] DEBUG: 2160: DLL loaded at 0x73CC0000: C:\Windows\SYSTEM32\sppc (0x9000 bytes).
2025-12-06 18:31:45,613 [root] DEBUG: 2160: DLL loaded at 0x73C80000: C:\Windows\SYSTEM32\slc (0x1f000 bytes).
2025-12-06 18:31:45,613 [root] DEBUG: 2160: DLL loaded at 0x75420000: C:\Windows\System32\cfgmgr32 (0x3b000 bytes).
2025-12-06 18:31:45,613 [root] DEBUG: 2160: DLL loaded at 0x73270000: C:\Windows\SYSTEM32\dxcore (0x2c000 bytes).
2025-12-06 18:31:45,629 [root] DEBUG: 2160: DLL loaded at 0x6BB90000: C:\Windows\SYSTEM32\WINHTTP (0xca000 bytes).
2025-12-06 18:31:45,629 [root] DEBUG: 2160: DLL loaded at 0x6BAF0000: C:\Windows\SYSTEM32\CoreMessaging (0x9b000 bytes).
2025-12-06 18:31:45,629 [root] DEBUG: 2160: DLL loaded at 0x73C80000: C:\Windows\system32\OnDemandConnRouteHelper (0x12000 bytes).
2025-12-06 18:31:45,644 [root] DEBUG: 2160: DLL loaded at 0x6B980000: C:\Windows\System32\dcomp (0x164000 bytes).
2025-12-06 18:31:45,644 [root] DEBUG: 2160: DLL loaded at 0x74D60000: C:\Windows\system32\mswsock (0x52000 bytes).
2025-12-06 18:31:45,644 [root] DEBUG: 2160: DLL loaded at 0x76910000: C:\Windows\System32\NSI (0x7000 bytes).
2025-12-06 18:31:45,644 [root] DEBUG: 2160: DLL loaded at 0x73CC0000: C:\Windows\SYSTEM32\WINNSI (0x8000 bytes).
2025-12-06 18:31:45,691 [root] DEBUG: 2160: DLL loaded at 0x6B4B0000: C:\Windows\SYSTEM32\twinapi.appcore (0x194000 bytes).
2025-12-06 18:31:45,691 [root] DEBUG: 2160: DLL loaded at 0x6B800000: C:\Windows\System32\WindowManagementAPI (0x73000 bytes).
2025-12-06 18:31:45,691 [root] DEBUG: 2160: DLL loaded at 0x73340000: C:\Windows\SYSTEM32\ntmarta (0x29000 bytes).
2025-12-06 18:31:45,691 [root] DEBUG: 2160: DLL loaded at 0x6B230000: C:\Windows\System32\CoreUIComponents (0x27e000 bytes).
2025-12-06 18:31:45,707 [root] DEBUG: 2160: DLL loaded at 0x6B740000: C:\Windows\System32\TextInputFramework (0xb9000 bytes).
2025-12-06 18:31:45,707 [root] DEBUG: 2160: DLL loaded at 0x6B650000: C:\Windows\System32\InputHost (0xed000 bytes).
2025-12-06 18:31:45,707 [root] DEBUG: 2160: DLL loaded at 0x6B880000: C:\Windows\System32\Windows.UI (0xf3000 bytes).
2025-12-06 18:31:45,707 [root] DEBUG: 2160: DLL loaded at 0x74E70000: C:\Windows\SYSTEM32\dhcpcsvc6 (0x14000 bytes).
2025-12-06 18:31:45,722 [root] DEBUG: 2160: DLL loaded at 0x6B140000: C:\Windows\System32\Windows.UI.Immersive (0xec000 bytes).
2025-12-06 18:31:45,722 [root] DEBUG: 2160: DLL loaded at 0x74E50000: C:\Windows\SYSTEM32\dhcpcsvc (0x16000 bytes).
2025-12-06 18:31:45,738 [root] DEBUG: 2160: DLL loaded at 0x6AD60000: C:\Windows\SYSTEM32\iertutil (0x22d000 bytes).
2025-12-06 18:31:45,754 [root] DEBUG: 2160: DLL loaded at 0x73C80000: C:\Windows\SYSTEM32\srvcli (0x1d000 bytes).
2025-12-06 18:31:45,754 [root] DEBUG: 2160: DLL loaded at 0x73720000: C:\Windows\SYSTEM32\netutils (0xb000 bytes).
2025-12-06 18:31:45,754 [root] DEBUG: 2160: DLL loaded at 0x6AF90000: C:\Windows\SYSTEM32\urlmon (0x1a8000 bytes).
2025-12-06 18:31:45,754 [root] DEBUG: 2160: set_hooks_by_export_directory: Hooked 0 out of 434 functions
2025-12-06 18:31:45,754 [root] DEBUG: 2160: DLL loaded at 0x6AD40000: C:\Windows\SYSTEM32\sppcs (0x1c000 bytes).
2025-12-06 18:31:45,754 [root] DEBUG: 2160: api-rate-cap: RtlSetCurrentTransaction hook disabled due to rate
2025-12-06 18:31:45,754 [root] DEBUG: 2160: DLL loaded at 0x73260000: C:\Windows\SYSTEM32\sppc (0x9000 bytes).
2025-12-06 18:31:45,754 [root] DEBUG: 2160: api-rate-cap: NtQueryKey hook disabled due to rate
2025-12-06 18:31:45,769 [lib.common.results] INFO: Uploading file C:\Users\user\AppData\Local\Microsoft\Office\16.0\Personalization\Content\Anonymous\Insights.json to files\fafb3b8db54b6d2b64c782ccc5550c1df58ef9bf02d87cf9047275d32079bed4; Size is 390; Max size: 100000000
2025-12-06 18:31:45,785 [root] DEBUG: 2160: DLL loaded at 0x6A8E0000: C:\Windows\SYSTEM32\WININET (0x455000 bytes).
2025-12-06 18:31:45,800 [root] DEBUG: 2160: DLL loaded at 0x6A650000: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\RICHED20 (0x283000 bytes).
2025-12-06 18:31:45,800 [root] DEBUG: 2160: DLL loaded at 0x6A630000: C:\Windows\SYSTEM32\ondemandconnroutehelper (0x12000 bytes).
2025-12-06 18:31:45,816 [root] DEBUG: 2160: DLL loaded at 0x158C0000: C:\Program Files (x86)\Microsoft Office\root\Office16\1033\mapir (0x2b7000 bytes).
2025-12-06 18:31:45,816 [root] DEBUG: 2160: DLL loaded at 0x6A5B0000: C:\Windows\SYSTEM32\webio (0x73000 bytes).
2025-12-06 18:31:45,816 [root] DEBUG: 2160: DLL loaded at 0x6A580000: C:\Windows\SYSTEM32\srpapi (0x25000 bytes).
2025-12-06 18:31:45,832 [root] DEBUG: 2160: DLL loaded at 0x74DC0000: C:\Windows\SYSTEM32\DNSAPI (0x90000 bytes).
2025-12-06 18:31:45,832 [root] DEBUG: 2160: DLL loaded at 0x6A570000: C:\Windows\System32\rasadhlp (0x8000 bytes).
2025-12-06 18:31:45,847 [root] DEBUG: 2160: DLL loaded at 0x6A480000: C:\Windows\SYSTEM32\webservices (0xef000 bytes).
2025-12-06 18:31:45,863 [root] DEBUG: 2160: DLL loaded at 0x6A440000: C:\Windows\System32\OneCoreCommonProxyStub (0x3d000 bytes).
2025-12-06 18:31:45,863 [root] INFO: Added new file to list with pid None and path C:\Users\user\AppData\Local\Microsoft\FORMS\FRMCACHE.DAT
2025-12-06 18:31:45,879 [root] DEBUG: 2160: DLL loaded at 0x6A400000: C:\Windows\System32\vaultcli (0x37000 bytes).
2025-12-06 18:31:45,894 [root] DEBUG: 2160: DLL loaded at 0x6A3D0000: C:\Windows\System32\aadWamExtension (0x23000 bytes).
2025-12-06 18:31:46,066 [root] DEBUG: 2160: api-rate-cap: NtReadVirtualMemory hook disabled due to rate
2025-12-06 18:31:46,066 [root] DEBUG: 2160: DLL loaded at 0x74D40000: C:\Windows\SYSTEM32\CRYPTSP (0x13000 bytes).
2025-12-06 18:31:46,082 [root] DEBUG: 2160: DLL loaded at 0x74D10000: C:\Windows\system32\rsaenh (0x2f000 bytes).
2025-12-06 18:31:46,160 [root] DEBUG: 2160: DLL loaded at 0x6A330000: C:\Windows\System32\Windows.Web (0x92000 bytes).
2025-12-06 18:31:46,269 [root] DEBUG: 2160: DLL loaded at 0x6A320000: C:\Windows\SYSTEM32\DPAPI (0x8000 bytes).
2025-12-06 18:31:46,269 [root] DEBUG: 2160: DLL loaded at 0x6A2B0000: C:\Windows\System32\MicrosoftAccountWAMExtension (0x61000 bytes).
2025-12-06 18:31:46,285 [root] INFO: Added new file to list with pid None and path C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5475cb191e478c39370a215b2da98a37e9dc813d.tbres
2025-12-06 18:31:46,301 [root] DEBUG: 2160: api-rate-cap: NtEnumerateValueKey hook disabled due to rate
2025-12-06 18:31:46,301 [root] INFO: Error dumping file from path "C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres": [Errno 13] Permission denied: 'C:\\Users\\user\\AppData\\Local\\Microsoft\\TokenBroker\\Cache\\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres'
2025-12-06 18:31:46,301 [root] INFO: Error dumping file from path "C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres": [Errno 13] Permission denied: 'C:\\Users\\user\\AppData\\Local\\Microsoft\\TokenBroker\\Cache\\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres'
2025-12-06 18:31:46,316 [root] INFO: Error dumping file from path "C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e0495fde257df2ef62ee7e3fdb1ebb9d7ff72300.tbres": [Errno 13] Permission denied: 'C:\\Users\\user\\AppData\\Local\\Microsoft\\TokenBroker\\Cache\\e0495fde257df2ef62ee7e3fdb1ebb9d7ff72300.tbres'
2025-12-06 18:31:46,316 [root] INFO: Error dumping file from path "C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e0495fde257df2ef62ee7e3fdb1ebb9d7ff72300.tbres": [Errno 13] Permission denied: 'C:\\Users\\user\\AppData\\Local\\Microsoft\\TokenBroker\\Cache\\e0495fde257df2ef62ee7e3fdb1ebb9d7ff72300.tbres'
2025-12-06 18:31:46,332 [root] INFO: Error dumping file from path "C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres": [Errno 13] Permission denied: 'C:\\Users\\user\\AppData\\Local\\Microsoft\\TokenBroker\\Cache\\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres'
2025-12-06 18:31:46,332 [root] INFO: Error dumping file from path "C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres": [Errno 13] Permission denied: 'C:\\Users\\user\\AppData\\Local\\Microsoft\\TokenBroker\\Cache\\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres'
2025-12-06 18:31:46,332 [root] DEBUG: 2160: hook_api: NetUserGetInfo export address 0x6A29E1DE obtained via GetFunctionAddress
2025-12-06 18:31:46,332 [root] DEBUG: 2160: hook_api: NetGetJoinInformation export address 0x6A29D233 obtained via GetFunctionAddress
2025-12-06 18:31:46,332 [root] DEBUG: 2160: hook_api: NetUserGetLocalGroups export address 0x6A29E20A obtained via GetFunctionAddress
2025-12-06 18:31:46,332 [root] DEBUG: 2160: hook_api: DsEnumerateDomainTrustsW export address 0x6A29BC9F obtained via GetFunctionAddress
2025-12-06 18:31:46,332 [root] DEBUG: 2160: DLL loaded at 0x6A290000: C:\Windows\SYSTEM32\netapi32 (0x14000 bytes).
2025-12-06 18:31:46,348 [root] DEBUG: 2160: DLL loaded at 0x6A110000: C:\Windows\SYSTEM32\msvcp110_win (0x65000 bytes).
2025-12-06 18:31:46,348 [root] DEBUG: 2160: DLL loaded at 0x6A180000: C:\Windows\SYSTEM32\DSREG (0x110000 bytes).
2025-12-06 18:31:47,473 [root] DEBUG: 2160: api-rate-cap: NtQueryPerformanceCounter hook disabled due to rate
2025-12-06 18:31:47,473 [root] DEBUG: 2160: DLL loaded at 0x6A1E0000: C:\Windows\System32\Windows.Networking.Connectivity (0x8f000 bytes).
2025-12-06 18:31:47,488 [root] INFO: Added new file to list with pid None and path C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-journal
2025-12-06 18:31:47,488 [lib.common.results] INFO: Uploading file C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-journal to files\45651c82a27c1d70b392e3be3318c2a11cc8ee4a6e5752da04e714466f7b19ac; Size is 512; Max size: 100000000
2025-12-06 18:31:47,504 [root] INFO: Added new file to list with pid None and path C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-journal
2025-12-06 18:31:47,504 [lib.common.results] INFO: Uploading file C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-journal to files\1847a5de7be8cf7da649e88b05192ea2d1d4b5def601852d77d83fa7b5dac2c3; Size is 4616; Max size: 100000000
2025-12-06 18:31:47,519 [root] DEBUG: 2160: DLL loaded at 0x6A110000: C:\Windows\System32\Windows.Security.Authentication.OnlineId (0xc1000 bytes).
2025-12-06 18:31:47,535 [root] DEBUG: 2160: DLL loaded at 0x69D50000: C:\Windows\System32\OneCoreUAPCommonProxyStub (0x3b9000 bytes).
2025-12-06 18:31:47,598 [lib.api.process] WARNING: failed to open process 2664
2025-12-06 18:31:47,598 [lib.api.process] WARNING: failed to open process 2664
2025-12-06 18:31:47,598 [lib.api.process] WARNING: failed to open process 2664
2025-12-06 18:31:47,598 [lib.api.process] DEBUG: Failed getting image name for pid 2664
2025-12-06 18:31:47,598 [lib.api.process] WARNING: failed to open process 2664
2025-12-06 18:31:47,598 [lib.api.process] DEBUG: Failed getting image name for pid 2664
2025-12-06 18:31:47,598 [lib.api.process] DEBUG: Failed getting exit code for <Process 2664 ???>
2025-12-06 18:31:47,598 [lib.api.process] WARNING: failed to open process 2664
2025-12-06 18:31:47,598 [lib.api.process] DEBUG: Failed getting image name for pid 2664
2025-12-06 18:31:47,598 [lib.api.process] WARNING: failed to open process 2664
2025-12-06 18:31:47,598 [lib.api.process] DEBUG: Failed getting image name for pid 2664
2025-12-06 18:31:47,598 [lib.api.process] WARNING: the <Process 2664 ???> is not alive, injection aborted
2025-12-06 18:31:48,238 [root] DEBUG: 2160: api-cap: NtQueryInformationFile hook disabled due to count: 5000
2025-12-06 18:31:48,332 [root] DEBUG: 2160: api-cap: NtSetInformationFile hook disabled due to count: 5000
2025-12-06 18:31:48,550 [root] DEBUG: 2160: api-cap: NtAllocateVirtualMemory hook disabled due to count: 5000
2025-12-06 18:31:48,613 [root] DEBUG: 2160: api-cap: NtClose hook disabled due to count: 5000
2025-12-06 18:31:48,660 [root] DEBUG: 2160: api-cap: NtReadFile hook disabled due to count: 5000
2025-12-06 18:31:48,941 [root] DEBUG: 2160: DLL loaded at 0x667B0000: C:\Program Files (x86)\Microsoft Office\root\Office16\oart (0xc68000 bytes).
2025-12-06 18:31:48,941 [root] DEBUG: 2160: DLL loaded at 0x67420000: C:\Program Files (x86)\Microsoft Office\root\Office16\wwlib (0x2930000 bytes).
2025-12-06 18:31:48,957 [root] DEBUG: 2160: DLL loaded at 0x66780000: C:\Program Files (x86)\Microsoft Office\root\Office16\contab32 (0x2a000 bytes).
2025-12-06 18:31:48,972 [root] DEBUG: 2160: DLL loaded at 0x66780000: C:\Program Files (x86)\Microsoft Office\root\Office16\contab32 (0x2a000 bytes).
2025-12-06 18:31:49,003 [root] DEBUG: 2160: DLL loaded at 0x666E0000: C:\Windows\SYSTEM32\TextShaping (0x94000 bytes).
2025-12-06 18:31:49,019 [root] DEBUG: 2160: DLL loaded at 0x666B0000: C:\Windows\SYSTEM32\dwmapi (0x26000 bytes).
2025-12-06 18:31:49,082 [root] DEBUG: 2160: hook_api: Warning - ScriptIsComplex export address 0x66691714 differs from GetProcAddress -> 0x765F0FB0 (gdi32full.dll::0xa0fb0)
2025-12-06 18:31:49,082 [root] DEBUG: 2160: DLL loaded at 0x66690000: C:\Windows\SYSTEM32\usp10 (0x17000 bytes).
2025-12-06 18:31:49,097 [root] DEBUG: 2160: DLL loaded at 0x664F0000: C:\Windows\System32\Bcp47Langs (0x48000 bytes).
2025-12-06 18:31:49,113 [root] DEBUG: 2160: DLL loaded at 0x664C0000: C:\Windows\System32\bcp47mrm (0x22000 bytes).
2025-12-06 18:31:49,113 [root] DEBUG: 2160: DLL loaded at 0x66540000: C:\Windows\System32\Windows.Globalization (0x145000 bytes).
2025-12-06 18:31:49,113 [root] DEBUG: 2160: DLL loaded at 0x664A0000: C:\Windows\SYSTEM32\globinputhost (0x1c000 bytes).
2025-12-06 18:31:49,175 [root] DEBUG: 2160: DLL loaded at 0x66460000: C:\Windows\system32\dataexchange (0x31000 bytes).
2025-12-06 18:31:49,613 [root] DEBUG: 2160: DLL loaded at 0x663E0000: C:\Windows\SYSTEM32\wbemcomn (0x70000 bytes).
2025-12-06 18:31:49,613 [root] DEBUG: 2160: DLL loaded at 0x66450000: C:\Windows\system32\wbem\wbemprox (0xd000 bytes).
2025-12-06 18:31:49,628 [root] DEBUG: 2160: DLL loaded at 0x663D0000: C:\Windows\system32\wbem\wbemsvc (0x10000 bytes).
2025-12-06 18:31:49,644 [root] DEBUG: 2160: DLL loaded at 0x66300000: C:\Windows\system32\wbem\fastprox (0xc9000 bytes).
2025-12-06 18:31:49,644 [root] DEBUG: 2160: DLL loaded at 0x662E0000: C:\Windows\SYSTEM32\amsi (0x18000 bytes).
2025-12-06 18:31:49,660 [root] DEBUG: 2160: DLL loaded at 0x662A0000: C:\Program Files (x86)\Windows Defender\MpOav (0x38000 bytes).
2025-12-06 18:31:50,097 [modules.auxiliary.human] INFO: Found button "next >", clicking it
2025-12-06 18:31:50,504 [root] DEBUG: 2160: DLL loaded at 0x66250000: C:\Windows\system32\POWRPROF (0x44000 bytes).
2025-12-06 18:31:50,504 [root] DEBUG: 2160: DLL loaded at 0x66240000: C:\Windows\system32\UMPDC (0xd000 bytes).
2025-12-06 18:31:52,207 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:31:54,316 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:32:01,363 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:32:03,472 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:32:05,504 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:32:07,535 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:32:09,644 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:32:11,675 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:32:18,707 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:32:25,738 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:32:27,848 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:32:34,941 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:32:41,988 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:32:44,019 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:32:46,129 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:32:48,160 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:32:50,269 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:32:52,379 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:32:59,410 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:33:01,441 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:33:03,551 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:33:10,582 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:33:17,613 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:33:19,722 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:33:21,832 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:33:28,925 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:33:31,035 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:33:38,066 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:33:45,097 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:33:47,207 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:33:54,300 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:33:56,410 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:33:58,519 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:34:00,629 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:34:02,738 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:34:04,847 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:34:06,957 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:34:09,066 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:34:16,097 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:34:23,191 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:34:30,238 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:34:32,347 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:34:34,457 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:34:36,488 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:34:38,598 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:34:40,629 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:34:42,660 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:34:44,769 [modules.auxiliary.human] INFO: Found button "yes", clicking it
2025-12-06 18:34:45,207 [root] INFO: Analysis timeout hit, terminating analysis
2025-12-06 18:34:45,207 [lib.api.process] INFO: Terminate event set for <Process 2160 OUTLOOK.EXE>
2025-12-06 18:34:45,207 [root] DEBUG: 2160: Terminate Event: Attempting to dump process 2160
2025-12-06 18:34:45,222 [root] DEBUG: 2160: DoProcessDump: Skipping process dump as code is identical on disk.
2025-12-06 18:34:45,222 [root] DEBUG: 2160: Terminate Event: Current region empty
2025-12-06 18:34:45,238 [root] INFO: Added new file to list with pid None and path C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-shm
2025-12-06 18:34:45,238 [root] INFO: Added new file to list with pid None and path C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-wal
2025-12-06 18:34:45,238 [root] INFO: Added new file to list with pid None and path C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db
2025-12-06 18:34:45,238 [root] INFO: Added new file to list with pid None and path C:\Users\user\AppData\Local\Temp\Diagnostics\OUTLOOK\App1765080704639042700_C0284404-4C96-4C20-9901-21DB24609CF1.log
2025-12-06 18:34:45,238 [root] INFO: Added new file to list with pid None and path C:\Users\user\AppData\Local\Temp\Diagnostics\OUTLOOK\App1765080704637629400_C0284404-4C96-4C20-9901-21DB24609CF1.log
2025-12-06 18:34:45,238 [root] INFO: Added new file to list with pid None and path C:\Users\user\AppData\Local\Temp\Outlook Logging\OUTLOOK_16_0_16924_20150-20251206T2011440910-2160.etl
2025-12-06 18:34:45,238 [lib.api.process] INFO: Termination confirmed for <Process 2160 OUTLOOK.EXE>
2025-12-06 18:34:45,238 [root] DEBUG: 2160: Terminate Event: CAPE shutdown complete for process 2160
2025-12-06 18:34:45,238 [root] INFO: Terminate event set for process 2160
2025-12-06 18:34:45,238 [root] INFO: Created shutdown mutex
2025-12-06 18:34:46,253 [root] INFO: Shutting down package
2025-12-06 18:34:46,253 [root] INFO: Stopping auxiliary modules
2025-12-06 18:34:46,253 [root] INFO: Stopping auxiliary module: Browser
2025-12-06 18:34:46,253 [root] INFO: Stopping auxiliary module: Curtain
2025-12-06 18:34:46,253 [modules.auxiliary.curtain] ERROR: Curtain - Error collecting PowerShell events - [Errno 13] Permission denied: 'C:\\curtain.log'
2025-12-06 18:34:46,253 [modules.auxiliary.curtain] ERROR: Curtain log file not found!
2025-12-06 18:34:46,253 [root] INFO: Stopping auxiliary module: End_noisy_tasks
2025-12-06 18:34:46,253 [root] INFO: Stopping auxiliary module: Evtx
2025-12-06 18:34:46,253 [modules.auxiliary.evtx] DEBUG: Adding C:/windows/Sysnative/winevt/Logs\Application.evtx to zip dump
2025-12-06 18:34:46,253 [root] WARNING: Cannot terminate auxiliary module Evtx: [Errno 13] Permission denied: 'C:/windows/Sysnative/winevt/Logs\\Application.evtx'
2025-12-06 18:34:46,253 [root] INFO: Stopping auxiliary module: Human
2025-12-06 18:34:46,800 [root] INFO: Stopping auxiliary module: Pre_script
2025-12-06 18:34:46,800 [root] INFO: Stopping auxiliary module: Screenshots
2025-12-06 18:34:48,457 [root] INFO: Stopping auxiliary module: Usage
2025-12-06 18:34:49,347 [root] INFO: Stopping auxiliary module: During_script
2025-12-06 18:34:49,347 [root] INFO: Finishing auxiliary modules
2025-12-06 18:34:49,347 [root] INFO: Shutting down pipe server and dumping dropped files
2025-12-06 18:34:49,347 [lib.common.results] INFO: Uploading file C:\Users\user\AppData\Local\Microsoft\FORMS\FRMCACHE.DAT to files\3453ffe7fa0cbc5801931fd608c5f4e68ef026a8ac311e4f7e1fd70d2c39b308; Size is 245980; Max size: 100000000
2025-12-06 18:34:49,363 [lib.common.results] INFO: Uploading file C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5475cb191e478c39370a215b2da98a37e9dc813d.tbres to files\706b1e045154934788d19e671c94fa971f98bef9e089cc90fbbd266ad96b165a; Size is 2684; Max size: 100000000
2025-12-06 18:34:49,363 [lib.common.results] INFO: Uploading file C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-shm to files\aa2b80e25f86de5cab4e6eb8b0f966cb2dc435e6b318ddf8a37c5fd82fb28569; Size is 32768; Max size: 100000000
2025-12-06 18:34:49,378 [lib.common.results] INFO: Uploading file C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-wal to files\94f3b19e7dde83183042afe2a240a4a8b7690c4db0e89be07bc77f143d27b3d1; Size is 45352; Max size: 100000000
2025-12-06 18:34:49,378 [lib.common.results] INFO: Uploading file C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db to files\c712d6c7a60f170a0c6c5ec768d962c58b1f59a2d417e98c7c528a037c427ab6; Size is 4096; Max size: 100000000
2025-12-06 18:34:49,425 [lib.common.results] INFO: Uploading file C:\Users\user\AppData\Local\Temp\Diagnostics\OUTLOOK\App1765080704639042700_C0284404-4C96-4C20-9901-21DB24609CF1.log to files\cd52d81e25f372e6fa4db2c0dfceb59862c1969cab17096da352b34950c973cc; Size is 20971520; Max size: 100000000
2025-12-06 18:34:49,535 [lib.common.results] INFO: Uploading file C:\Users\user\AppData\Local\Temp\Diagnostics\OUTLOOK\App1765080704637629400_C0284404-4C96-4C20-9901-21DB24609CF1.log to files\0073f75858a9d68c311971fb69df47a16d7649c6a9f8b4bbe58b902f2ed6c36a; Size is 20971520; Max size: 100000000
2025-12-06 18:34:49,613 [lib.common.results] INFO: Uploading file C:\Users\user\AppData\Local\Temp\Outlook Logging\OUTLOOK_16_0_16924_20150-20251206T2011440910-2160.etl to files\66767b7a9e70b87de0449ef125edbd92f709e013136e321035845fb5e94aae66; Size is 40960; Max size: 100000000
2025-12-06 18:34:49,629 [root] WARNING: Folder at path "C:\UMqzgRcss\debugger" does not exist, skipping
2025-12-06 18:34:49,629 [root] WARNING: Folder at path "C:\UMqzgRcss\tlsdump" does not exist, skipping
2025-12-06 18:34:49,629 [root] INFO: Analysis completed


    

    

        

    

    

        

    

    

        

    





    

        

            

                
Machine

            
                
            

                

                    
                        

                            Name
                            Label
                            Manager
                            Started On
                            Shutdown On
                            
                        

                    
                    
                        

                            win10-64bit-tiny-3
                            win10-64bit-tiny-3
                            KVM
                            2025-12-08 15:06:01
                            2025-12-08 15:09:15
                            
                        

                    
                

            

        

    





    
File Details   

    
    



    


        

        
        
        

            File Name
            
                
                
49768fe73895b939.unknown

                
            		
        

        
            

                File Type
                SMTP mail, ASCII text
            

        
        
        

            File Size
            20646 bytes
        

        
        
            
            
                
                
                
            
        
        

            MD5
            fbe3cb4dfce740c3728c459b853e4249
        

        

            SHA1
            400dbbcdc16baadb2509263a434c0294e91b1d1b
        

        

            SHA256
            49768fe73895b9394d5c16130de7f3d390faaaa7d78fc4323fad3ab3f0761508
                [VT]
                [MWDB]
                [Bazaar]
            
        

        
        

            SHA3-384
            b49ff34023f33667d31356ac5de14c10e285c25b9f7baf2dd990f5cbfe8ee9e79f2542ac955e5bf069772d5959fa565f
        

        
        
        

            CRC32
            984EE1F9
        

        
        

            TLSH
            T13F92DF925C130EDD3BB35B973ED2E432D5B0C7C9A81B12BA5FAC2181188FFE075684A4
        

        
        

            Ssdeep
            384:vOFMo9f0nDsXD42crq1Hy1Sb2AAfNYx/F45IO5GWYekd3+iql3/8fyVcF:251HaI2AA1YxcIOlsN+iqlP8Z
        

        
        
        
        

        

        
        

            
                
                
                
                
                
                
                
                
                
            
            
                
                 
                 File
                
                
                    
                
                
                
                
                    
                     BinGraph
                    
                
                
                
                    
                         Vba2Graph
                    
                
                
                
                
                
                    
                
                
                
            
        

        
    


        
        
        

        
        
        
        
            
                
                

                    

                    
Return-Path: <>
Delivered-To: banned-quarantine
X-Envelope-From: <mobileapp@firstbank.ro>
X-Envelope-To: <cteodorovici@electroputere.ro>, <ndunga@electroputere.ro>,
	<psabaila@electroputere.ro>
X-Envelope-To-Blocked: <cteodorovici@electroputere.ro>,
	<ndunga@electroputere.ro>, <psabaila@electroputere.ro>
X-Quarantine-ID: <zIox0GRx84Nt>
X-Amavis-Alert: BANNED, message contains .exe,.exe-ms,Payment Advice swift
	mesaji.exe
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level:
X-Spam-Status: No, score=x tag=x tag2=x kill=x tests=[] autolearn=unavailable
Received: from unknown by localhost (amavisd-new, unix socket)
	id zIox0GRx84Nt; Wed, 23 Feb 2022 00:50:16 +0200 (EET)
Received: from mail.needion.com (unknown [213.128.71.137])
	by spin.electroputere.ro (amavisd-milter) with ESMTPS id 21MMo6hg000429;
	Tue, 22 Feb 2022 05:01:28 +0200
	(envelope-from <mobileapp@firstbank.ro>)
Received: from localhost (localhost [127.0.0.1])
	by mail.needion.com (Postfix) with ESMTP id EB3524A7E69;
	Wed, 23 Feb 2022 01:13:25 +0300 (+03)
Received: from mail.needion.com ([127.0.0.1])
	by localhost (mail.needion.com [127.0.0.1]) (amavisd-new, port 10032)
	with ESMTP id Qn9no5wseyi6; Wed, 23 Feb 2022 01:13:25 +0300 (+03)
Received: from localhost (localhost [127.0.0.1])
	by mail.needion.com (Postfix) with ESMTP id 8CCAB4A7E79;
	Wed, 23 Feb 2022 01:13:25 +0300 (+03)
X-Virus-Scanned: amavisd-new at needion.com
Received: from mail.needion.com ([127.0.0.1])
	by localhost (mail.needion.com [127.0.0.1]) (amavisd-new, port 10026)
	with ESMTP id ZbKz9EzOw07f; Wed, 23 Feb 2022 01:13:25 +0300 (+03)
Received: from zico.vvgcbdsales.example.com (unknown [87.249.139.161])
	by mail.needion.com (Postfix) with ESMTPSA id A81AE4A7E69;
	Wed, 23 Feb 2022 01:13:23 +0300 (+03)
Content-Type: multipart/mixed; boundary="===============1055680849=="
MIME-Version: 1.0
Subject: Confirmare OP ALL NUTS.
To: "mobileapp.firstbank" <mobileapp@firstbank.ro>
From: mobileapp.firstbank<mobileapp@firstbank.ro>
Date: Tue, 22 Feb 2022 14:45:51 -0800
Reply-To: asafbulutgunes@gmail.com
Message-Id: <20220222221323.A81AE4A7E69@mail.needion.com>

You will not see this in a MIME-aware mail reader.
--===============1055680849==
Content-Type: multipart/alternative; boundary="===============0533200053=="
MIME-Version: 1.0

--===============0533200053==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Description: Mail message body

Drag=103 client,
 Acesta este un mail automat generat de sistemul Internet/Mobile Banking Fi=
rst Bank trimis de clientul: ALL NUTS SRL
 Mesaj:
 =

Toate cele bune,
 First Bank

--===============0533200053==
Content-Type: text/html; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Description: Mail message body

<HTML><head><meta http-equiv=3D"Content-Type" content=3D"text/html; charset=
=3Dutf-8"/></head><BODY><P>Drag=C4=83 client,</P>
<P>Acesta este un mail automat generat de sistemul Internet/Mobile Banking =
First Bank trimis de clientul: ALL NUTS SRL</P>
<P>Mesaj:</P>
<P><BR>Toate cele bune,</P>
<P>First Bank</P></BODY></HTML>
--===============0533200053==--
--===============1055680849==
Content-Type: application/octet-stream
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="Payment Advice swift mesaji.uue"

UmFyIRoHAQATrjD8CwEFBwAGAQH14oAAP/XZZj0CAwuj4gAEgOgBIIleVsyAAwAfUGF5bWVudCBB
ZHZpY2Ugc3dpZnQgbWVzYWppLmV4ZQoDAnRt5W7PJ9gBzbkfMUB2VEQiRlcASIerLNKOoQRFRQR0
igiaVRUBQQVMRUUB2YtgWoKBYmx1CiIqKgg6DQ6BcBFcf4AKiooo4uK4rjtxxzHR7mn1xfVxXFSq
i6qznJqrsuwsfc97Hfe/Y+9jsdiO//oK0TM8nmiZ5PJ5PKko/F5mfJmfJmfJmfnz555MzU3RVGiC
IAsiCD8Bw2PmikZRRS6PJhhpSlIcYAo33Eoc2Rp41kK4Ng6dvpUT8HSBhoeNaouMTZaMSRLVCJIq
KTRzVBpWqMj4pqhw/XvEQDVEpoVK32OxsVxUiT++Gj8iAysLMb2cVDfiKXEVhROBwzGuRNx3nQ1a
lRusAh5riB7URdN1ToT6iB2wEsnsx/6rd1HCi6QRvEKR2hsatUr0JpYjmIEG0Ff6PAmjCo3YRl4Q
3dvjkslHESjKgEOq5XRWyjfGRsZCFKTYROY85Z1cLoT2AAGliE0IgdCHo8UjKv0vRSjnTOhuMIfW
y8Uy3Aa/CyoKikRov8FzN2/pcMjgFcWpCsYymwRYXw6rptXzW5szE2ml2a1xsFPLEVdjS2OAAoI7
hqIeNloJRleFeuY9Co0LHTFcowREWmtJKAPOwGxnNtpTWondstY9bncEBXdMA2WwZTY0KSWAyEv6
AKtlDuvD5IgOVWYc9IUPVs4zLZbRCRl3EbbLcnZWVM0j2jiUTEvpmolI+moeAmZZV+06ggsXJmbF
4UbbRNbyBxkNbCJOgOAkxuhGokZAEHVrNU1wJ0uJrG3JO1YdoXV5MKIxMXVu9YUX0RoA4ym1Wnto
2XQhtlRbiWjYRLq/YW0pgOAIATerPXxQFNl1ITN2INswU8evsE/YimFM2jLsbMyLrbjrAxrs+yAf
hjAsbjVkXwnGBtvTGvsYA2RhYwDV3IZhmNWxvJTAHrA3WcJ4LDxC1o3E5ZGJtu1WWnGhVh1ONTDu
XMAdRkrtWWAZFCNDYWAk9LAPYX22NirL7lzU+BRD0uFXw1XjZngtbLrKWFs25rKjG8S96ooRcPT4
mvA9I1wTgPEoQGgHrEA9sN2QVpYTVfPExYHT1XwV9KEkXZVTsBtRm8APriebbFxtjGvWxyGRHCZA
rhGbAwV4D5noK7RHUcISDo3uDe5uDm43xOAbiDn3Cde4Z6rIUa60QmUuEBHRkPFZaNUT8hLeFGv7
hBQBT9Yz2MXDBwT69muRGW9o071EJoNBfwJ3UWMtG0RWAhbe9E5iwITycjyePxEshStNsyCKVNtr
ymjXFPdQX1GdgDdUK5h14OtjRmzjol5espVEK3gr4or8unEquGyFNvrT06fup2RP+SK8DWSZ1wZ8
y3rmVRmjGv9I5wqI2fwjTpF9ROeUomGXThiKl0XiOdiJWcfOiIYqZdih641duY0t6RS6M4+w2mAI
GZ6S6zr5pvClETLoVwcaMo2fBeIKv9jyYtpUEocUdZQ1OPKvGzfHlq8L9XLSiNDjkCNnFEu1cxh5
3vWUekH1xKHi9949VAxImNdKVWfj7+WYrmo8SvvNZJuC+bhGbY9e5a8bGEjF//g5jxobECtr7UbM
AvFeQq1j1vxVuRP4t3xWqK9CNrRABHnydGz+4TKnEobZwrBI7mNH6zszi6bH+3m1hwyO7GtObgrS
Lt4Nco1rAsQ51lTcxxtCrpV1zNaY7PSKdTX7Tc9wp3NfAbdawty/gUS4V6lcaOPibdUzliZD1Vui
OwAv4OARwQK2oerEVdU4J+cTrfE7ynfU+JT45OkNbQB2z/PMqLJp9KeL2+NbWVxVF5ai/gatRWgO
vpK2CO7AZVEeiItoFv6rEa+TrIFOAGCJ1X72nRM69gCrei1C7gytmVClQRzIL+SA2Im1GEnVFc0r
MDM65di1AivCKWq24ItOB1UW/RzagEe52re+vbIQQIeowOqiwpRK4MR84evAXuiVPFdde6o0txXu
0GAgSfABsRZdf8QzOSX/OV0BOfqK/M872qRXEpdRAfM2VrVxvBjmRRB1ZCkprbCtEnuBWoTtptcy
uCa34rjJ8CV0U4FfaOYA+fyB1hCmURMD/PChjSsOuPpVAU6o4c2ypQflAuHEwJIcThr9BuQk/cuX
MMuxnit2V5iveGFEYXiXSZ8hXuYlHhAXc0y7hjn9isUPVwX8YiJSgDUFgHucMQMbAtSqgDzsQza6
Dv0ZiYCr+jPZe31fPZFVXFjRMpO1bm+kjU+RMJvPrx1dsMmhY+ISvAJSTjY5LEt77iComNhE0ZEQ
8GVAw0YlSQo0MVCB4poqHzSUJGDSx2GD9hkyghUuVSBXcc+xQVaQAolAy8VIJswHbFR8VHQ8SlgZ
OLS4QJ+FAfCVsSTggFaJUzMaaZPGQ4eSaRgI6TGW/hRAKkbGrE1lhC2HSRKATBQ4TJ8iASwkfGQ4
BQa0jgrZNEEG1QxRcCJtQCqFcKvMP2NTKACUVS0Dx6SACKeYuLBLUIkA+gI+AfI6OHI9nz+MSweK
CuIsJ2NPH+s88CFjSODs+QoGJNGPQGXkY1JBgbwD6knICBeT7OjyAtAcoOPGawIJ1ixP5GAK0UHQ
QSvRYOPh1iSqCgVrCpVaeewMzH5YEcxmHAvYIC+jFtSEKK03WzdLJm8XDxsOo8XmNAaiQmZOBCqW
88BtAJ+JSRmYVqKBCSFtfBBoXCWRTLFAqqhutYsDtATQH0WlIBiisrD5aPjCW31pTAgRsIE1F1qk
PtKn1rikod5I/xjVpXoKNIWPhI5bFvFyYTWWhlvRAOJIqTVqBBb4fPh4QYFYK21e6Udi0kRH1ZIH
9X/LRMlExMi3pZIh2CI7IsUf4rLKcJw9Q9Dq0wpGN6FlU+hjoxXChC7CfSgGAxNwS8RcvW1+qusf
GvTiJHB+HT2lIrql7+GBGFPSYK1Sj3gRLmAFLpQTgE+K/h7AmyeJ+DtGRglspmawzatdRVOYMHSg
JyHzSjxAzuVAloQ+ZPwun0K7TFIYaH+YT0TBgnU6oY7QYOkZHKpiLCjBH58iAAWksWQ3yDEiFdAh
cDcgH5MCMFj58gnYh+sUrJaSBgrgwexkhDhKf0wBaOrJtUh8K3FKjepxNCm8D6pidT+ykLvcOFbR
SYPIBKNKFldC34CN4WNrGfaNrd5o4CSKFFJdV2mVE9XadSfoJh7SZeMkm9CwvDnCtRN8Yq8UMdoF
LIqODzPoLlYdaiqpaHg8Bs6PUmBCNJZoa/wUQCIJiQZzU3EIrYeYzLR4H0A/AScRB5cLzyo7eHCj
KPSvFD4Dbp7Pb9yiXlT2lnMx4CxHKcB9AwKARGJJM+tFOG6UB1Mm+AHAU/x0mQ5Kb/Q5QmCEKiQz
5lXC8Bm2GoqLByQFng+IUqQqGCux/BzcTCGCrZgSo8qMUKUQQFy9nzqQ+tSrA/VacCLcpvoYaSOE
XARrfSgHkg9QohZvHqAcjTxdjB80ghWLrB9AMJD64SDLhk6BLRoz98ByPuZV5KdSnQpyHzvQ+LkM
twHqoAkuJqQMBS3lRl1NQrW9j1cquuhqSuADD+KPAHJIeQ/JESzLiZUJkqy4oSEgPMYJah1KtIS4
g830SM6B6SHMmRHl5ex88uIYkhrH8e6ZQkriOOUqcJ3FVdTEstQh/mVvmTruLznsI+fR5NxUfnKW
fkFLrUiRMKMNabXh8GNjJKshOi4EtcDxsh87Eo2AAS8Uoc6v1clJZhCRZ5TSh+6BfKGVqLGPYndf
YFyzvtnwwOVmz4mrNYIdALT1kDsuNDRbWgHjAnbG1LzRZAotgE/sxmhAtq8H4vkF6jEkAKSm3P67
ohGPYS/CmYWEBUs8FZLaFfMzBYQ64ZhD9HzUGJTwSeCXFwHN+BcjVjRn9cSnghRwA0UFMCGGBgRg
KqUPwhlsMvkR0HZdBFWeHJ0ZT0O9Af1h4mayOLtTp4tKjXwCDzDp2UHS6wnKISXAzg+B5PJSdIcb
GwiQ+TKusI0o9BoTmHNgDaJCE9rcOi1ArjNjIxJFhnlnyShEpMt/Aww51REINgJo7dzNLfjgdHaW
SapGHjoZqkEwMLzUkjY2HF1eRzU8g5SBRqvHh2ymjFjnnDvb5jWp+fsCEuwp19CvQ83dO6qsvo1N
kJdWpycHFyu4dHJyalaqbxHSIasUQFGh2Sg4upBLChAbd1CvriAcSuDrC3twu+VCqDo6OTnB3dJe
sq63e8h4BOOYUkJCOcKgYgHZvcW9zb3V0dTjBp7W34d8gVTg7bkMus7jrtBYKyMtZRPYI3i4hJJi
7n7MSqaqyhanQNG5Dh5Do51tpab4EMs0HUMvoA1loiTFnUhVVI9R8PEBkNmFxvTe4E/AhzAFXC4a
HhACAFMrHN4OewY+QryPhQNo3nulQRbQaGAce8PlgdeVkxAD0iEouY0HZQB6wCPbipHwLtKog+4J
r1Oj+/JIffVDzEV0/CrxPyuNzUpfXagU2I6IHoJhDM6O4FUeCVwO+Ew/x4N6kJhUoJdDMNgGoO93
tJeYS83pxvjm6BdWvlwWhOn5PhVMCjRXiY395eyfvBKrXFmrcveuhu3RUxeijppnRR4ZPAgjl8kk
pHF6ekkqVvhYiIPozLkAlgCv/LOF0kDfArflLJVwIFUG6YYTUoznOUHvWgF8mnaxZyN/bSVajPjP
+UHUFaVQjp7vVOV9P+RVcqIjrNIq4Y0JihR15P72wJ6e8J+q8p/FhTenP <truncated>

                    

                

                
            
        
        
        
    
    
    
    
    
    
    
    
    
    
    
    







    

        
        

            

     Reports:
            
                JSON 
            
            
                HTML
            
            
            
            
            
            
            
            
               Lite
            
            
   




        

        
    









    

    

    





    

        
            

            
                Credential Access
            
                Discovery
            
                Defense Evasion
            
                Privilege Escalation
            
                Execution
            
            

            
                

                    
    
                        
                            
  • 
                                 T1539 - Steal Web Session Cookie
                                
      
                                
                                    
    • infostealer_cookies
      • 
                                
                                
    
                            
    • 
                        
                    

                		
            
                
                    
    
                        
                            
  • 
                                 T1082 - System Information Discovery
                                
      
                                
                                    
    • antivm_checks_available_memory
      • 
                                
                                
    
                            
    • 
                        
                    

                		
            
                
                    
    
                        
                            
  • 
                                 T1562 - Impair Defenses
                                
      
                                
                                    
    • browser_security
      • 
                                
                                
    
                            
    • 
                        
                            
  • 
                                 T1055 - Process Injection
                                
      
                                
                                    
    • resumethread_remote_process
      • 
                                
                                
    
                            
    • 
                        
                            
  • 
                                 T1112 - Modify Registry
                                
      
                                
                                    
    • browser_security
      • 
                                
                                
    
                            
    • 
                        
                            
  • 
                                 T1070 - Indicator Removal
                                
      
                                
                                    
    • deletes_files
      • 
                                
                                
    
                            
    • 
                        
                            
  • 
                                 T1562.001 - Disable or Modify Tools
                                
      
                                
                                    
    • browser_security
      • 
                                
                                
    
                            
    • 
                        
                            
  • 
                                 T1070.004 - File Deletion
                                
      
                                
                                    
    • deletes_files
      • 
                                
                                
    
                            
    • 
                        
                    

                		
            
                
                    
    
                        
                            
  • 
                                 T1055 - Process Injection
                                
      
                                
                                    
    • resumethread_remote_process
      • 
                                
                                
    
                            
    • 
                        
                    

                		
            
                
                    
    
                        
                            
  • 
                                 T1203 - Exploitation for Client Execution
                                
      
                                
                                    
    • stack_pivot
      • 
                                
                                    
    • exploit_heapspray
      • 
                                
                                
    
                            
    • 
                        
                    

                		
            
        

    






    

    
    
    

        

    

    

        
            
                

                

    
Usage

    

        
    




                

                

            
        
        

            

                

                    
Processing ( 4.90 seconds )

                    
    
                        
                            
                            
  • 
                                4.025
                                CAPE
                            
    • 
                            
                        
                            
                            
  • 
                                0.86
                                BehaviorAnalysis
                            
    • 
                            
                        
                            
                            
  • 
                                0.007
                                Heatmap
                            
    • 
                            
                        
                            
                            
  • 
                                0.003
                                AnalysisInfo
                            
    • 
                            
                        
                            
                            
  • 
                                0.001
                                Debug
                            
    • 
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                    

                

                

                
Signatures ( 0.13 seconds )

                    
    
                        
                            
                            
  • 
                                0.034
                                antiav_detectreg
                            
    • 
                            
                        
                            
                            
  • 
                                0.014
                                territorial_disputes_sigs
                            
    • 
                            
                        
                            
                            
  • 
                                0.012
                                infostealer_ftp
                            
    • 
                            
                        
                            
                            
  • 
                                0.007
                                antianalysis_detectreg
                            
    • 
                            
                        
                            
                            
  • 
                                0.007
                                infostealer_im
                            
    • 
                            
                        
                            
                            
  • 
                                0.003
                                antianalysis_detectfile
                            
    • 
                            
                        
                            
                            
  • 
                                0.003
                                antiav_detectfile
                            
    • 
                            
                        
                            
                            
  • 
                                0.003
                                antivm_vbox_keys
                            
    • 
                            
                        
                            
                            
  • 
                                0.003
                                masquerade_process_name
                            
    • 
                            
                        
                            
                            
  • 
                                0.003
                                ransomware_files
                            
    • 
                            
                        
                            
                            
  • 
                                0.002
                                antivm_generic_diskreg
                            
    • 
                            
                        
                            
                            
  • 
                                0.002
                                antivm_parallels_keys
                            
    • 
                            
                        
                            
                            
  • 
                                0.002
                                antivm_vmware_keys
                            
    • 
                            
                        
                            
                            
  • 
                                0.002
                                antivm_xen_keys
                            
    • 
                            
                        
                            
                            
  • 
                                0.002
                                ketrican_regkeys
                            
    • 
                            
                        
                            
                            
  • 
                                0.002
                                darkcomet_regkeys
                            
    • 
                            
                        
                            
                            
  • 
                                0.002
                                infostealer_bitcoin
                            
    • 
                            
                        
                            
                            
  • 
                                0.002
                                ransomware_extensions
                            
    • 
                            
                        
                            
                            
  • 
                                0.001
                                accesses_netlogon_regkey
                            
    • 
                            
                        
                            
                            
  • 
                                0.001
                                antidebug_devices
                            
    • 
                            
                        
                            
                            
  • 
                                0.001
                                antivm_bochs_keys
                            
    • 
                            
                        
                            
                            
  • 
                                0.001
                                antivm_hyperv_keys
                            
    • 
                            
                        
                            
                            
  • 
                                0.001
                                antivm_vbox_files
                            
    • 
                            
                        
                            
                            
  • 
                                0.001
                                antivm_vpc_keys
                            
    • 
                            
                        
                            
                            
  • 
                                0.001
                                geodo_banking_trojan
                            
    • 
                            
                        
                            
                            
  • 
                                0.001
                                browser_security
                            
    • 
                            
                        
                            
                            
  • 
                                0.001
                                bypass_firewall
                            
    • 
                            
                        
                            
                            
  • 
                                0.001
                                registry_credential_store_access
                            
    • 
                            
                        
                            
                            
  • 
                                0.001
                                disables_backups
                            
    • 
                            
                        
                            
                            
  • 
                                0.001
                                disables_browser_warn
                            
    • 
                            
                        
                            
                            
  • 
                                0.001
                                poullight_files
                            
    • 
                            
                        
                            
                            
  • 
                                0.001
                                office_martian_children
                            
    • 
                            
                        
                            
                            
  • 
                                0.001
                                packer_armadillo_regkey
                            
    • 
                            
                        
                            
                            
  • 
                                0.001
                                limerat_regkeys
                            
    • 
                            
                        
                            
                            
  • 
                                0.001
                                warzonerat_regkeys
                            
    • 
                            
                        
                            
                            
  • 
                                0.001
                                recon_fingerprint
                            
    • 
                            
                        
                            
                            
  • 
                                0.001
                                remcos_regkeys
                            
    • 
                            
                        
                            
                            
  • 
                                0.001
                                ursnif_behavior
                            
    • 
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                            
                        
                    

                

                

                    
Reporting ( 0.31 seconds )

                
    
                    
                        
                        
  • 
                            0.195
                            ReportHTML
                        
    • 
                        
                    
                        
                        
  • 
                            0.056
                            JsonDump
                        
    • 
                        
                    
                        
                        
  • 
                            0.054
                            LiteReport
                        
    • 
                        
                    
                        
                        
  • 
                            0.003
                            MITRE_TTPS
                        
    • 
                        
                    
                        
                    
                        
                    
                

                

            

        


    









    
Signatures

    
        
            
            
                

            
            Checks available memory

            

            
                

                    
                        
                    
                

            
            
                

                
                    
                    
                
            
            

        
            
            
                

            
            A possible heap spray exploit has been detected

            

            
                
                    
                        
heap spray: outlook.exe allocated 2289.04296875 megabytes to memory

                    
                
            
            
                

                
                    
                    
                
            
            

        
            
            
                

            
            Stack pivoting was detected when using a critical API

            

            
                
                    
                        
process: OUTLOOK.EXE:2160

                    
                
            
            
                

                
                    
                    
                
            
            

        
            
            
                

            
            Queries the keyboard layout

            

            
                

                    
                        
                    
                

            
            
                

                
                    
                    
                
            
            

        
            
            
                

            
            SetUnhandledExceptionFilter detected (possible anti-debug)

            

            
                

                    
                        
                    
                

            
            
                

                
                    
                    
                
            
            

        
            
            
                

            
            Uses Windows APIs to generate a cryptographic key

            

            
                

                    
                        
                    
                

            
            
                

                
                    
                    
                
            
            

        
            
            
                

            
            Deletes files from disk

            

            
                
                    
                        
DeletedFile: C:\Users\user\AppData\Local\Microsoft\Office\16.0\Personalization\Content\Anonymous\Insights.json

                    
                
                    
                        
DeletedFile: C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-journal

                    
                
                    
                        
DeletedFile: C:\Users\user\AppData\Local\Microsoft\Outlook\mapisvc.inf

                    
                
            
            
            

        
            
            
                

            
            Resumed a thread in another process

            

            
                
                    
                        
thread_resumed: Process outlook.exe with process ID 2160 resumed a thread in another process with the process ID 2160

                    
                
            
            
                

                
                    
                    
                
            
            

        
            
            
                

            
            Checks for presence of debugger via IsDebuggerPresent

            

            
                

                    
                        
                    
                

            
            
            

        
            
            
                

            
            Touches a file containing cookies, possibly for information gathering

            

            
                

                    
                        
                            
                                
Process: OUTLOOK.EXE (2160)

                            
                            
                                

                                    
                                        file
                                        
                                            
                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies
                                            
                                        
                                    
                                

                            
                        
                            
                                
Process: OUTLOOK.EXE (2160)

                            
                            
                                

                                    
                                        file
                                        
                                            
                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies
                                            
                                        
                                    
                                

                            
                        
                    
                

            
            
            

        
            
            
                

            
            Attempts to modify browser security settings

            

            
                
                    
                        
regkey: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\OUTLOOK.EXE

                    
                
            
            
            

        
    






    
Screenshots

    
        

        
            
                
            
        
            
                
            
        
        

    




    





   	
    	No playback available.
    








    

    
Hosts

    
        
No hosts contacted.

    




    

    
DNS

    
        
No domains contacted.

    







    

    
Summary

    
    

        

            

                
                    
                        C:\Windows\Globalization\Sorting\sortdefault.nls

                    
                        C:\ProgramData\Microsoft\Office\ClickToRunPackageLocker

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\msowercrash.dll

                    
                        C:\Users\user\AppData\Local\Temp\Outlook Logging\

                    
                        C:\Users\user\AppData\Local\Temp\Outlook Logging

                    
                        C:\Users\user\AppData\Local\Temp\Outlook Logging\OUTLOOK_16_0_16924_20150-20251206T2011440910-2160.etl

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\kernel.appcore.dll

                    
                        C:\Windows\SysWOW64\kernel.appcore.dll

                    
                        \??\SrpDevice

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\OLMAPI32.DLL

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\MLCFG32.CPL

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\CNFNOT32.EXE

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\Cultures\OFFICE.ODF

                    
                        C:\Users\user\AppData\Local\Temp\{C0284404-4C96-4C20-9901-21DB24609CF1} - OProcSessId.dat

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\WINSTA.dll

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\winsta.dll

                    
                        C:\Windows\SysWOW64\winsta.dll

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\resourcepolicyclient.dll

                    
                        C:\Windows\SysWOW64\resourcepolicyclient.dll

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\d3d10warp.dll

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\d3d10warp.dll

                    
                        C:\Windows\SysWOW64\d3d10warp.dll

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSO40UIRES.DLL

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSO99LRES.DLL

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\isolatedwindowsenvironmentutils.dll

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\isolatedwindowsenvironmentutils.dll

                    
                        C:\Windows\SysWOW64\isolatedwindowsenvironmentutils.dll

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSORES.DLL

                    
                        C:\Program Files (x86)\Microsoft Office\root\SystemResources\OUTLLIBR.COMMON.DLL.mun

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\1033\msointl30.dll

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\1033\MSOINTL.DLL

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\mscoree.dll.local

                    
                        C:\Windows\SysWOW64\mscoree.dll.local

                    
                        C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll

                    
                        C:\Windows\Microsoft.NET\Framework\*

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\Microsoft.NET\Framework\v1.0.3705\clr.dll

                    
                        C:\Windows\Microsoft.NET\Framework\v1.0.3705\clr.dll

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\Microsoft.NET\Framework\v1.0.3705\mscorwks.dll

                    
                        C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscorwks.dll

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\Microsoft.NET\Framework\v1.1.4322\clr.dll

                    
                        C:\Windows\Microsoft.NET\Framework\v1.1.4322\clr.dll

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll

                    
                        C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\Microsoft.NET\Framework\v2.0.50727\clr.dll

                    
                        C:\Windows\Microsoft.NET\Framework\v2.0.50727\clr.dll

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll

                    
                        C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll

                    
                        C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE.config

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\SystemResources\USER32.dll.mun

                    
                        C:\Windows\SystemResources\USER32.dll.mun

                    
                        C:\Windows\SysWOW64\windows.storage.dll

                    
                        C:\Windows\SysWOW64\wldp.dll

                    
                        C:\Users\user\AppData\Local\Temp\Diagnostics\OUTLOOK\*.log

                    
                        C:\Users\user\AppData\Local\Temp\Diagnostics\OUTLOOK\

                    
                        C:\Users\user\AppData\Local\Temp\Diagnostics\OUTLOOK

                    
                        C:\Users\user\AppData\Local\Temp\Diagnostics

                    
                        C:\Users\user\AppData\Local\Temp\Diagnostics\OUTLOOK\App1765080704637629400_C0284404-4C96-4C20-9901-21DB24609CF1.log

                    
                        C:\Users\user\AppData\Local\Temp\Diagnostics\OUTLOOK\App1765080704639042700_C0284404-4C96-4C20-9901-21DB24609CF1.log

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\MSOARIA.DLL

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\DXCore.dll

                    
                        C:\Windows\SysWOW64\DXCore.dll

                    
                        \Device\DeviceApi\CMApi

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\Common AppData\Microsoft\OFFICE\Licenses\5\Perpetual

                    
                        C:\ProgramData\Microsoft\OFFICE\Licenses\5\Perpetual

                    
                        C:\Users\user\AppData\Local\Microsoft\Office\Licenses\5\Grace\6

                    
                        C:\Users\user\AppData\Local\Microsoft\FontCache\4\Purge\*

                    
                        C:\Users

                    
                        C:\Users\user

                    
                        C:\Users\user\AppData

                    
                        C:\Users\user\AppData\Local\Microsoft

                    
                        C:\Users\user\AppData\Local\Microsoft\Office

                    
                        C:\Users\user\AppData\Local\Microsoft\Office\16.0

                    
                        C:\Users\user\AppData\Local\Microsoft\Office\16.0\Floodgate

                    
                        C:\Users\user\AppData\Local\Temp\{B1CA8339-9037-4CDC-895E-A524F1BF16D2}\

                    
                        C:\Users\user\AppData\Local\Microsoft\Office\16.0\outlook.exe_Rules.xml

                    
                        C:\Users\user\AppData\Local\Temp\Diagnostics\UploadCache\*

                    
                        C:\Windows\system32

                    
                        C:\Windows

                    
                        C:\Users\user\AppData\Local\Microsoft\Office\16.0\Personalization\Insights\*

                    
                        C:\Users\user\AppData\Local\Microsoft\Office\16.0\Personalization\DataStore\*

                    
                        C:\Users\user\AppData\Local\Microsoft\Office\16.0\Personalization\Governance\*

                    
                        C:\Users\user\AppData\Local\Microsoft\Office\16.0\Personalization\Governance\Anonymous\*

                    
                        C:\Users\user\AppData\Local\Microsoft\Office\16.0\Personalization\Content\*

                    
                        C:\Users\user\AppData\Local\Microsoft\Office\16.0\Personalization\Content\Anonymous\*

                    
                        C:\Users\user\AppData\Local\Microsoft\Office\16.0\Personalization\Content\Anonymous\Insights.json

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\WININET.dll

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\wininet.dll

                    
                        C:\Windows\SysWOW64\wininet.dll

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\RICHED20.DLL

                    
                        \??\MountPointManager

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\SystemResources\RICHED20.DLL.mun

                    
                        C:\Program Files (x86)\Common Files\Microsoft Shared\SystemResources\RICHED20.DLL.mun

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\TASKS.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\*.cfg

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\ACTIVITY.CFG

                    
                        \Device\RasAcd

                    
                        C:\Users\user\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\7C30471E-32A1-447A-91A8-50918043A8F7

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\ACTIVITS.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\ACTIVITL.ICO

                    
                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.IE5

                    
                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE

                    
                        C:\Users\user\AppData\Local

                    
                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies

                    
                        C:\Users\user\AppData\Local\Microsoft\Windows

                    
                        C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\ESE\

                    
                        C:\Users\user\AppData\Local\Microsoft\FORMS

                    
                        C:\Users\user\AppData\Local\Microsoft\FORMS\FRMCACHE.DAT

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\System\en-US\Windows.Security.Authentication.Web.Core.dll.mui

                    
                        C:\Windows\sysnative\en-US\Windows.Security.Authentication.Web.Core.dll.mui

                    
                        C:\Users\user\AppData\Local\Microsoft\FORMS\*.*

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\Temp

                    
                        C:\Windows\Temp

                    
                        C:\Users\user\AppData\Local\Temp

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\APPT.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\APPTS.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\APPTL.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\CNFNOT.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\CONFLICT.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\CNFNOT.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\CNFRES.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\CONTACT.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\CONTACTS.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\CONTACTL.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\DISTLIST.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\DISTLSTS.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\DISTLSTL.ICO

                    
                        C:\Windows\SysWOW64\cryptsp.dll

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\cryptsp.dll

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\DOC.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\DOCS.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\DOCL.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\EXITEM.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\INFOMAIL.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\en-US\Windows.Web.dll.mui

                    
                        C:\Windows\SysWOW64\en-US\Windows.Web.dll.mui

                    
                        C:\Windows\sysnative\en-US\Windows.Web.dll.mui

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\INFOMS.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\INFOML.ICO

                    
                        C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\089d66ba04a8cec4bdc5267f42f39cf84278bb67.tbres

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\IPM.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\IPMS.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\IPML.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\NOTE.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\NOTES.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\NOTEL.ICO

                    
                        C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5475cb191e478c39370a215b2da98a37e9dc813d.tbres

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\DPAPI.dll

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\dpapi.dll

                    
                        C:\Windows\SysWOW64\dpapi.dll

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\OMSMMS.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\MMSS.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\MMSL.ICO

                    
                        C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\*.tbres

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\OMSSMS.CFG

                    
                        C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

                    
                        C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbreq

                    
                        C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e0495fde257df2ef62ee7e3fdb1ebb9d7ff72300.tbres

                    
                        C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e0495fde257df2ef62ee7e3fdb1ebb9d7ff72300.tbreq

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\OOFTMPL.CFG

                    
                        C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbreq

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\OOFS.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\OOFL.ICO

                    
                        C:\Users\user\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\*

                    
                        C:\Users\user\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs\*

                    
                        C:\Users\user\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs\*

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\POST.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\POSTS.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\POSTL.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\POSTIT.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\POSTITS.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\POSTITL.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\RCLRPT.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\REPORTS.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\REPORTL.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\REC.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\RECS.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\RECL.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\REMOTE.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\REMOTES.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\REMOTEL.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\REPLTMPL.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\REPORT.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\RESEND.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\RESENDS.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\RESENDL.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\RSSITEM.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\RSSITEMS.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\RSSITEML.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\SCHDCNCL.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\SCDCNCLS.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\SCDCNCLL.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\SCHDREQ.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\SCDREQS.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\SCDREQL.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\SCHDRESN.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\SCDRESNS.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\SCDRESNL.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\SCHDRESP.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\SCDRESPS.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\SCDRESPL.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\SCHDREST.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\SCDRESTS.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\SCDRESTL.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\SECREC.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\SECRECS.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\SECRECL.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\SECURE.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\SECURS.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\SECURL.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\SHARING.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\SIGN.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\SIGNS.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\SIGNL.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\SMIMEE.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\SMIMES.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\TASK.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\TASKL.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\TASKACC.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\TASKACCS.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\TASKACCL.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\TASKDEC.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\TASKDECS.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\TASKDECL.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\TASKREQ.CFG

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\TASKREQS.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\TASKREQL.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\TASKUPD.CFG

                    
                        C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db

                    
                        C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-journal

                    
                        C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-wal

                    
                        C:\Users\user\AppData\Local\Temp\

                    
                        C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-shm

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\SMSS.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\FORMS\1033\SMSL.ICO

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\SystemResources\OUTLLIBR.DLL.mun

                    
                        C:\Users\user\AppData\Local\Temp\Outlook Logging\OUTLOOK-*.etl

                    
                        C:\Program

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft

                    
                        C:\Program Files (x86)\Microsoft

                    
                        C:\Users\user\AppData\Local\Microsoft\

                    
                        C:\Users\user\AppData\Local\Microsoft\Outlook

                    
                        C:\Users\user\AppData\Local\Microsoft\Outlook\mapisvc.inf

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\1033\MAPIR.DLL

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\System\MSMAPI\1033\MSMAPI32.DLL

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\System\MSMAPI\1033\mapisvc.inf

                    
                        C:\Program Files (x86)\Common Files\System\MSMAPI\1033\mapisvc.inf

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\System\MSMAPI\mapisvc.inf

                    
                        C:\Program Files (x86)\Common Files\System\MSMAPI\mapisvc.inf

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\mapisvc.inf

                    
                        C:\Windows\SysWOW64\mapisvc.inf

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\CONTAB32.DLL

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\en-US\USER32.dll.mui

                    
                        C:\Windows\SysWOW64\en-US\USER32.dll.mui

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\Fonts\staticcache.dat

                    
                        C:\Windows\Fonts\staticcache.dat

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\TextShaping.dll

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\TextShaping.dll

                    
                        C:\Windows\SysWOW64\TextShaping.dll

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSO.DLL

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\SystemResources\usp10.dll.mun

                    
                        C:\Windows\SystemResources\usp10.dll.mun

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\mso40uiwin32client.dll

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\globinputhost.dll

                    
                        C:\Windows\SysWOW64\globinputhost.dll

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\mso20win32client.dll

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\uxtheme.dll.Config

                    
                        C:\Windows\SysWOW64\uxtheme.dll.Config

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\uxtheme.dll

                    
                        C:\Windows\SysWOW64\uxtheme.dll

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE.Local\

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984

                    
                        C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1110_none_a8625c1886757984

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\SystemResources\mapir.dll.mun

                    
                        C:\Program Files (x86)\Microsoft Office\root\Office16\imageres.dll

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\imageres.dll

                    
                        C:\Windows\SysWOW64\imageres.dll

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\SystemResources\imageres.dll.mun

                    
                        C:\Windows\SystemResources\imageres.dll.mun

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\WinSxS\x86_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.19041.1_en-us_130e63d987a738df

                    
                        C:\Windows\WinSxS\x86_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.19041.1_en-us_130e63d987a738df

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\WinSxS\x86_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.19041.1_en-us_130e63d987a738df\Comctl32.dll.mui

                    
                        C:\Windows\WinSxS\x86_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.19041.1_en-us_130e63d987a738df\Comctl32.dll.mui

                    
                        C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX86\Windows Defender\MpOAV.dll

                    
                        C:\Program Files (x86)\Windows Defender\MpOAV.dll

                    
                
            

        

        

            

                
            

        

        

            

                
                    
                        C:\Users\user\AppData\Local\Temp\Outlook Logging\OUTLOOK_16_0_16924_20150-20251206T2011440910-2160.etl

                    
                        C:\Users\user\AppData\Local\Temp\{C0284404-4C96-4C20-9901-21DB24609CF1} - OProcSessId.dat

                    
                        C:\Users\user\AppData\Local\Temp\Diagnostics\OUTLOOK\App1765080704637629400_C0284404-4C96-4C20-9901-21DB24609CF1.log

                    
                        C:\Users\user\AppData\Local\Temp\Diagnostics\OUTLOOK\App1765080704639042700_C0284404-4C96-4C20-9901-21DB24609CF1.log

                    
                        \Device\RasAcd

                    
                        C:\Users\user\AppData\Local\Microsoft\FORMS\FRMCACHE.DAT

                    
                        C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5475cb191e478c39370a215b2da98a37e9dc813d.tbres

                    
                        C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db

                    
                        C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-journal

                    
                        C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-shm

                    
                
            

        

        

            

                
                
                C:\Users\user\AppData\Local\Microsoft\Office\16.0\Personalization\Content\Anonymous\Insights.json

                
                C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

                
                C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e0495fde257df2ef62ee7e3fdb1ebb9d7ff72300.tbres

                
                C:\Users\user\AppData\Local\Microsoft\Office\OTele\outlook.exe.db-journal

                
                C:\Users\user\AppData\Local\Microsoft\Outlook\mapisvc.inf

                
                
            

        

        

            

                
                
                HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Sorting\Versions\000603xx

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Sorting\Ids

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\ClickToRun\OverRide

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Common

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Common\MID

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\SusClientId

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Office\ClickToRun

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Office\ClickToRun\Configuration

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Configuration\PackageLockerPath

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\SoftGrid\4.5\Client\AppFS

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppVISV

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppVISV\c:\program files (x86)\microsoft office

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Subsystem\Disabled

                
                HKEY_LOCAL_MACHINE\

                
                HKEY_LOCAL_MACHINE\Software

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Microsoft\AppV\Subsystem\VirtualRegistry

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\AppV\Subsystem\VirtualRegistry\PassThroughPaths

                
                HKEY_LOCAL_MACHINE\SYSTEM\SELECT

                
                HKEY_LOCAL_MACHINE\SYSTEM\Select\Current

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Subsystem\ComExclusions

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale

                
                HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\en-US

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale

                
                HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\en-US

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppVISV\Virtualized

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\Outlook

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\Outlook\RipcordFlightOn

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\SideBySide

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SideBySide

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\SideBySide\PreferExternalManifest

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Office\16.0\ClickToRunStore\Packages

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Office\16.0\ClickToRunStore\Packages\{9AC08E99-230B-47e8-9721-4577B7F124EA}

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Office\16.0\ClickToRunStore\Packages\{9AC08E99-230B-47e8-9721-4577B7F124EA}\JitV32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\CommonFilesDir

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\CommonFilesDir

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Office\16.0\common\filespaths

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\common\filespaths\mso.dll

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Office\16.0\common\filespaths\mso.dll

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Options\Debug

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Options\Mail

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook

                
                HKEY_CURRENT_USER\Software\Policies

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Cloud

                
                HKEY_CURRENT_USER\Software\Microsoft\Office

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Office

                
                HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Office

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Cloud\Office

                
                HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\cloud\Office

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\Sampling

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\Sampling\6

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\Common\ClientTelemetry\Sampling

                
                HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office Test\Special\Perf

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\outlook

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\CountryCode

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\ExperimentConfigs\SDXInfo

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\SDXInfo

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\SDXInfo\SDXIdAndVersion

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Experiment\outlook

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Experiment\outlook

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Common

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Common\DevInstall

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\Common

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\Common

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\Common\LabMachine

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\UpdateSupport\ExpiredBuild

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Configuration

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Configuration\AudienceId

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\ProductReleaseIDs

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\ProductReleaseIDs\ActiveConfiguration

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\ProductReleaseIDs\8D3810A9-D4E0-49C6-A71B-357728C38039\culture\x-none.16

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\ProductReleaseIDs\8D3810A9-D4E0-49C6-A71B-357728C38039\culture\x-none.16\StreamPackageUrl

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\Common\AllowConsecutiveSlashesInUrlPathComponent

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Common\ExperimentDogfood

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Common\Experiment

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentEcs\Overrides

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentEcs\outlook\Overrides

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentEcs\all\Overrides

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\ExternalFeatureOverrides\outlook

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentEcs\outlook

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\outlook

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\outlook\Expires

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\ApplicationUpgradeCandidate\outlook

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\ExperimentConfigs\ApplicationUpgradeCandidate\outlook

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\ApplicationUpgradeCandidate\outlook\BuildVersion

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSessionUpgradeCandidate\outlook

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSessionUpgradeCandidate\outlook

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSessionUpgradeCandidate\outlook\BuildVersion

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\outlook

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\outlook

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\outlook\Expires

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\outlook\ConfigContextData

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\outlook\ConfigContextData

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\outlook\ConfigContextData\VersionId

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\outlook\ConfigContextData\ChunkCount

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\outlook\ConfigContextData\0

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\outlook\ConfigIds

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\outlook\ETag

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Office\16.0\common

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\MsoWerCrashDllPath

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\common\MsoWerCrashDllPath

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\Common\CrashPersistence\OUTLOOK

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\Common\CrashPersistence\OUTLOOK\2160

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\Common\CrashPersistence\OUTLOOK\2160

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\Common\CrashPersistence\OUTLOOK\2160\0

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Logging

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Outlook\Logging\Disable

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Logging\SavedData

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Logging\Profile

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Outlook\Logging

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Logging\Static

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\System\CurrentControlSet\Control\MiniNT

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\MiniNT

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\HARDWARE\DESCRIPTION\System\CentralProcessor\0

                
                HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0

                
                HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\System\CurrentControlSet\Control\TimeZoneInformation

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TimeZoneInformation

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TimeZoneInformation\Bias

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TimeZoneInformation\StandardName

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TimeZoneInformation\StandardBias

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TimeZoneInformation\StandardStart

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TimeZoneInformation\DaylightName

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TimeZoneInformation\DaylightBias

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TimeZoneInformation\DaylightStart

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\System\CurrentControlSet\Control

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SYSTEM\CurrentControlSet\Control\(Default)

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SYSTEM\CurrentControlSet\Control\ContainerId

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ContainerId

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SYSTEM\CurrentControlSet\Control\ContainerCorrelationId

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ContainerCorrelationId

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SYSTEM\CurrentControlSet\Control\ContainerType

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ContainerType

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Logging\(Default)

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Ripcord

                
                HKEY_CURRENT_USER\Software\Classes

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\COM3

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\COM3

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\COM3\Com+Enabled

                
                HKEY_CURRENT_USER\Software\Classes\CLSID\{0000034B-0000-0000-C000-000000000046}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{0000034B-0000-0000-C000-000000000046}

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{0000034B-0000-0000-C000-000000000046}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\CLSID\{0000034B-0000-0000-C000-000000000046}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\PackagedCom

                
                HKEY_LOCAL_MACHINE\Software\Classes\PackagedCom

                
                HKEY_CURRENT_USER

                
                HKEY_USERS\S-1-5-21-932793227-1321892499-785312009-1001_Classes

                
                HKEY_LOCAL_MACHINE\Software\Classes

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Security

                
                HKEY_CURRENT_USER\Software\Microsoft\Security

                
                HKEY_CLASSES_ROOT\CLSID

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{0000034b-0000-0000-c000-000000000046}

                
                HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Installer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-932793227-1321892499-785312009-1001\Installer\Components\09BD65EF0C92D944EBCC5005A7C78A31

                
                HKEY_USERS\S-1-5-21-932793227-1321892499-785312009-1001\Software\Microsoft\Installer\Components\09BD65EF0C92D944EBCC5005A7C78A31

                
                HKEY_LOCAL_MACHINE\Software\Classes\Installer\Components\09BD65EF0C92D944EBCC5005A7C78A31

                
                HKEY_LOCAL_MACHINE\Software\Classes\Installer\Components\09BD65EF0C92D944EBCC5005A7C78A31\olmapi32.dll

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-932793227-1321892499-785312009-1001\Installer\Features\00006109F00000000000000000F01FEC

                
                HKEY_USERS\S-1-5-21-932793227-1321892499-785312009-1001\Software\Microsoft\Installer\Features\00006109F00000000000000000F01FEC

                
                HKEY_LOCAL_MACHINE\Software\Classes\Installer\Features\00006109F00000000000000000F01FEC

                
                HKEY_LOCAL_MACHINE\Software\Classes\Installer\Features\00006109F00000000000000000F01FEC\OutlookMAPI2

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F00000000000000000F01FEC\Features

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F00000000000000000F01FEC\Features\OutlookMAPI2

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA2D04C3603A3FA4EA34935BE9AE482D

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA2D04C3603A3FA4EA34935BE9AE482D\00006109F00000000000000000F01FEC

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\117D1C94F47B6B64A81B89B9D63EB5E9

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\117D1C94F47B6B64A81B89B9D63EB5E9\00006109F00000000000000000F01FEC

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0C21D511980CEC64F9D691A657F7ED30

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0C21D511980CEC64F9D691A657F7ED30\00006109F00000000000000000F01FEC

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Control Panel\Cpls

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\mlcfg32.cpl

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A262E94032A0AC34F949C5D89CD4BD25

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A262E94032A0AC34F949C5D89CD4BD25\00006109F00000000000000000F01FEC

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-932793227-1321892499-785312009-1001\Installer\Products\00006109F00000000000000000F01FEC

                
                HKEY_USERS\S-1-5-21-932793227-1321892499-785312009-1001\Software\Microsoft\Installer\Products\00006109F00000000000000000F01FEC

                
                HKEY_LOCAL_MACHINE\Software\Classes\Installer\Products\00006109F00000000000000000F01FEC

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F00000000000000000F01FEC\Usage

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\OLE

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\OLE

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\OLE\MaxSxSHashCount

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Diagnostics

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\General

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\AppRecoveryPingInterval

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Outlook\Diagnostics

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Outlook\Diagnostics\BootDiagnosticsData

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Diagnostics\BootDiagnosticsData

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Diagnostics\OutlookBootFlag

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Resiliency\DoNotDisableAddinList

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Resiliency\SoftResilientAddinList

                
                HKEY_CURRENT_USER\Software\Policies\Policies\Microsoft\Office\16.0\Outlook\Resiliency

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Outlook\Resiliency

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Outlook\Security

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Preferences

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Outlook\Preferences

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Office\Outlook

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Outlook\BootTimeout

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\Outlook\BootTimeout

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Office\16.0\Common\GOM

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Office\16.0\Common\GOM\ComplexRanges

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Debug

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Debug

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\CVH\VirtualProductInfo

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\CVH\VirtualProductInfo\PackageGUID

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-932793227-1321892499-785312009-1001\Components\0BC77486A266BF84FAE259379C82967F

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0BC77486A266BF84FAE259379C82967F

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\ProductCodeListForC2RGimme

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\ProductCodeListForC2RGimme\{90160000-000F-0000-0000-0000000FF1CE}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Registration\{90160000-000F-0000-0000-0000000FF1CE}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Registration\{90160000-000F-0000-0000-0000000FF1CE}\ClickToRun

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\FeatureListForC2RGimme

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\FeatureListForC2RGimme\ProductFiles

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A725889A5DF965C4E84A0253A39A5952

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A725889A5DF965C4E84A0253A39A5952\00006109F00000000000000000F01FEC

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\LanguageResources

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\LanguageResources\SKULanguage

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages\en-US

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\LanguageResources

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\PreferredEditingLanguage

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\PreviousPreferredEditingLanguage

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\UIFallbackSource

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\LanguageResources\InstalledUICultures

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\LanguageResources\InstalledUICultures\en-us

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\UISnapshotLanguages

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\UIFallbackLanguages

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-932793227-1321892499-785312009-1001\Installer\Components\1A705E72D3831594090DD020E37EFC1A

                
                HKEY_USERS\S-1-5-21-932793227-1321892499-785312009-1001\Software\Microsoft\Installer\Components\1A705E72D3831594090DD020E37EFC1A

                
                HKEY_LOCAL_MACHINE\Software\Classes\Installer\Components\1A705E72D3831594090DD020E37EFC1A

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\PreferredUILanguageTagPendingInstall

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\FollowSystemUILanguage

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\LanguageResources\UILanguageInstallerFallbackOrder

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\HelpFallbackLanguages

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\HelpLanguageExplicit

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\LanguagePackTag

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\UILanguageTag

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\HelpLanguageTag

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\ExeMode

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\LanguageResources\EnabledLanguages

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\LangTuneUp

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\AuthoringLanguageCloud

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\LanguageResources\LocalCache

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\LocalCache

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\LocalCache\RegionalAndLanguageSettingsAccount

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\InstallFonts

                
                HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Graphics\EnableWinCompBackEnd

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Microsoft\WindowsRuntime\WellKnownContracts

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\WellKnownContracts

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\WellKnownContracts\Windows.Foundation.UniversalApiContract

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\UBR

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Rpc\SecurityService

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\SecurityService

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\SecurityService\DefaultAuthLevel

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Graphics

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Graphics

                
                HKEY_CURRENT_USER\Software\Microsoft\Direct3D

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Direct3D

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Direct3D

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Direct3D\Drivers

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Direct3D\Drivers

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Direct3D\Drivers\Size

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Direct3D\Drivers\Name

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Direct3D\DX6TextureEnumInclusionList

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Direct3D\DX6TextureEnumInclusionList

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Direct3D\DX6TextureEnumInclusionList\Size

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Direct3D\DX6TextureEnumInclusionList\Name

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\SecurityManager\TransientObjects\%5C%5C.%5CRpc%5CAllowLpacAppExperience%5CInterface

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\SecurityManager\TransientObjects\%5C%5C.%5CRpc%5CAllowLpacAppExperience%5CInterface\SecurityDescriptor

                
                HKEY_CURRENT_USER\Software\Microsoft\DirectX\UserGpuPreferences

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1EDD7E79811EB814A93FCB6559FABECE

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1EDD7E79811EB814A93FCB6559FABECE\00006109F00000000000000000F01FEC

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A09ECE35544363439463E4AB55A621E

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A09ECE35544363439463E4AB55A621E\00006109F00000000000000000F01FEC

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Resiliency\DocumentRecovery

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Resiliency

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Resiliency

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Outlook\Resiliency\AddInList

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Resiliency

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Resiliency\StartupItems

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Resiliency\StartupItems\h0z

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\Common\UID

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Office\ClickToRun\Configuration\ProductReleaseIds

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Office\ClickToRun\Configuration\ProPlusRetail.TenantId

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6D3588D4312FC664C94D84B670142C50

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6D3588D4312FC664C94D84B670142C50\00006109F00000000000000000F01FEC

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Outlook\Resiliency\Security

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Resiliency\Security

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Security

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Security

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Security\EnableProcessAslrPolicy

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\IME

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\IME

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\CTF

                
                HKEY_CURRENT_USER\Software\Microsoft\CTF

                
                HKEY_CURRENT_USER\Software\Microsoft\CTF\Disable Thread Input Manager

                
                HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP

                
                HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{0000897b-83df-4b96-be07-0fb58b01c4a4}\LanguageProfile

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{0000897b-83df-4b96-be07-0fb58b01c4a4}\LanguageProfile

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{0000897b-83df-4b96-be07-0fb58b01c4a4}\LanguageProfile\0x00000000

                
                HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{03b5835f-f03c-411b-9ce2-aa23e1171e36}\LanguageProfile

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{03b5835f-f03c-411b-9ce2-aa23e1171e36}\LanguageProfile

                
                HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{07EB03D6-B001-41DF-9192-BF9B841EE71F}\LanguageProfile

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{07EB03D6-B001-41DF-9192-BF9B841EE71F}\LanguageProfile

                
                HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{531fdebf-9b4c-4a43-a2aa-960e8fcdc732}\LanguageProfile

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{531fdebf-9b4c-4a43-a2aa-960e8fcdc732}\LanguageProfile

                
                HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{6a498709-e00b-4c45-a018-8f9e4081ae40}\LanguageProfile

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{6a498709-e00b-4c45-a018-8f9e4081ae40}\LanguageProfile

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{6a498709-e00b-4c45-a018-8f9e4081ae40}\LanguageProfile\0x00000804

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{6a498709-e00b-4c45-a018-8f9e4081ae40}\LanguageProfile\0x00000804\{82590C13-F4DD-44f4-BA1D-8667246FDF8E}

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{6a498709-e00b-4c45-a018-8f9e4081ae40}\LanguageProfile\0x00000804\{82590C13-F4DD-44f4-BA1D-8667246FDF8E}\Enable

                
                HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{78CB5B0E-26ED-4FCC-854C-77E8F3D1AA80}\LanguageProfile

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{78CB5B0E-26ED-4FCC-854C-77E8F3D1AA80}\LanguageProfile

                
                HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{7C472071-36A7-4709-88CC-859513E583A9}\LanguageProfile

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{7C472071-36A7-4709-88CC-859513E583A9}\LanguageProfile

                
                HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{81d4e9c9-1d3b-41bc-9e6c-4b40bf79e35e}\LanguageProfile

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81d4e9c9-1d3b-41bc-9e6c-4b40bf79e35e}\LanguageProfile

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81d4e9c9-1d3b-41bc-9e6c-4b40bf79e35e}\LanguageProfile\0x00000804

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81d4e9c9-1d3b-41bc-9e6c-4b40bf79e35e}\LanguageProfile\0x00000804\{FA550B04-5AD7-411f-A5AC-CA038EC515D7}

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81d4e9c9-1d3b-41bc-9e6c-4b40bf79e35e}\LanguageProfile\0x00000804\{FA550B04-5AD7-411f-A5AC-CA038EC515D7}\Enable

                
                HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile

                
                HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{8613E14C-D0C0-4161-AC0F-1DD2563286BC}\LanguageProfile

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{8613E14C-D0C0-4161-AC0F-1DD2563286BC}\LanguageProfile

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{8613E14C-D0C0-4161-AC0F-1DD2563286BC}\LanguageProfile\0x0000ffff

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{8613E14C-D0C0-4161-AC0F-1DD2563286BC}\LanguageProfile\0x0000ffff\{B37D4237-8D1A-412E-9026-538FE16DF216}

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{8613E14C-D0C0-4161-AC0F-1DD2563286BC}\LanguageProfile\0x0000ffff\{B37D4237-8D1A-412E-9026-538FE16DF216}\Enable

                
                HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{a028ae76-01b1-46c2-99c4-acd9858ae02f}\LanguageProfile

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{a028ae76-01b1-46c2-99c4-acd9858ae02f}\LanguageProfile

                
                HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{a1e2b86b-924a-4d43-80f6-8a820df7190f}\LanguageProfile

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{a1e2b86b-924a-4d43-80f6-8a820df7190f}\LanguageProfile

                
                HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{AE6BE008-07FB-400D-8BEB-337A64F7051F}\LanguageProfile

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{AE6BE008-07FB-400D-8BEB-337A64F7051F}\LanguageProfile

                
                HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{B115690A-EA02-48D5-A231-E3578D2FDF80}\LanguageProfile

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{B115690A-EA02-48D5-A231-E3578D2FDF80}\LanguageProfile

                
                HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{C1EE01F2-B3B6-4A6A-9DDD-E988C088EC82}\LanguageProfile

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{C1EE01F2-B3B6-4A6A-9DDD-E988C088EC82}\LanguageProfile

                
                HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{C2CB2CF0-AF47-413E-9780-8BC3A3C16068}\LanguageProfile

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{C2CB2CF0-AF47-413E-9780-8BC3A3C16068}\LanguageProfile

                
                HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{DCBD6FA8-032F-11D3-B5B1-00C04FC324A1}\LanguageProfile

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{DCBD6FA8-032F-11D3-B5B1-00C04FC324A1}\LanguageProfile

                
                HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile\0x00000404

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile\0x00000404\{037B2C25-480C-4D7F-B027-D6CA6B69788A}

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile\0x00000404\{037B2C25-480C-4D7F-B027-D6CA6B69788A}\Enable

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile\0x00000404\{D38EFF65-AA46-4FD5-91A7-67845FB02F5B}

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile\0x00000404\{D38EFF65-AA46-4FD5-91A7-67845FB02F5B}\Enable

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile\0x00000473

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile\0x00000473\{3CAB88B7-CC3E-46A6-9765-B772AD7761FF}

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile\0x00000473\{3CAB88B7-CC3E-46A6-9765-B772AD7761FF}\Enable

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile\0x00000478

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile\0x00000478\{409C8376-007B-4357-AE8E-26316EE3FB0D}

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile\0x00000478\{409C8376-007B-4357-AE8E-26316EE3FB0D}\Enable

                
                HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{F25E9F57-2FC8-4EB3-A41A-CCE5F08541E6}\LanguageProfile

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{F25E9F57-2FC8-4EB3-A41A-CCE5F08541E6}\LanguageProfile

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{F25E9F57-2FC8-4EB3-A41A-CCE5F08541E6}\LanguageProfile\0x0000FFFF

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{F25E9F57-2FC8-4EB3-A41A-CCE5F08541E6}\LanguageProfile\0x0000FFFF\{F2510000-2FC8-4EB3-A41A-CCE5F08541E6}

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{F25E9F57-2FC8-4EB3-A41A-CCE5F08541E6}\LanguageProfile\0x0000FFFF\{F2510000-2FC8-4EB3-A41A-CCE5F08541E6}\Enable

                
                HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{F89E9E58-BD2F-4008-9AC2-0F816C09F4EE}\LanguageProfile

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{F89E9E58-BD2F-4008-9AC2-0F816C09F4EE}\LanguageProfile

                
                HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{FA445657-9379-11D6-B41A-00065B83EE53}\LanguageProfile

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{FA445657-9379-11D6-B41A-00065B83EE53}\LanguageProfile

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{FA445657-9379-11D6-B41A-00065B83EE53}\LanguageProfile\0x0000FFFF

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{FA445657-9379-11D6-B41A-00065B83EE53}\LanguageProfile\0x0000FFFF\{38445657-9381-11D6-B41A-00065B83EE53}

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{FA445657-9379-11D6-B41A-00065B83EE53}\LanguageProfile\0x0000FFFF\{38445657-9381-11D6-B41A-00065B83EE53}\Enable

                
                HKEY_CURRENT_USER\Software\Classes\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\TreatAs

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\TreatAs

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\TreatAs

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\(Default)

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InprocServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InprocServer32\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InprocServer32\ThreadingModel

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InprocHandler32

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InprocHandler

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InprocHandler

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InprocHandler

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\LocalServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\AppID

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\LocalServer

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\LocalServer

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\LocalServer

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\Elevation

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\Elevation

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\Elevation

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\LocalServer

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InProcServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InProcServer32\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InProcHandler32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InProcHandler

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{529a9e6b-6587-4f23-ab9e-9c7d683e3c50}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529a9e6b-6587-4f23-ab9e-9c7d683e3c50}\InsecureQI

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-932793227-1321892499-785312009-1001\Components\D115C6C22454C0E4590D504D0406232F

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D115C6C22454C0E4590D504D0406232F

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\FeatureListForC2RGimme\OUTLOOKFiles

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Office\BypassMigration

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Office\OPWBypassMigration

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Migration\Office

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Migration\Outlook

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Office\16.0\Common\Migration\Outlook

                
                HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Office\16.0\User Settings\

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Office\16.0\User Settings\

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\AccessDE_Core

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\AccessDE_Core\Order

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Access_Core

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Access_Core\Order

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Ace_OdbcCurrentUser

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Ace_OdbcCurrentUser\Order

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Excel_Core

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Excel_Core\Order

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Excel_Intl

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Excel_Intl\Order

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Graph_Core

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Graph_Core\Order

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\LYNC_HKCU

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\LYNC_HKCU\Order

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\MicrosoftDataStreamerforExcel

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\MicrosoftDataStreamerforExcel\Order

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Misc_SpsOutlookAddin

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Misc_SpsOutlookAddin\Order

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Mso_Core

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Mso_Core\Order

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Mso_CoreReg

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Mso_CoreReg\Order

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Mso_Intl

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Mso_Intl\Order

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\OneNoteToIEAddin

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\OneNoteToIEAddin\Order

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\OneNoteToPPTAddin

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\OneNoteToPPTAddin\Order

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\OneNoteToWordAddin

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\OneNoteToWordAddin\Order

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\outexum

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\outexum\Order

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_Core

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_Core\Order

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_Intl

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_Intl\Order

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_SocialConnector

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_SocialConnector\Order

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_SocialProviderMOSS

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_SocialProviderMOSS\Order

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerPivotExcelAddin

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerPivotExcelAddin\Order

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerPoint_Core

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerPoint_Core\Order

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerPoint_Intl

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerPoint_Intl\Order

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerViewExcelAddin

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerViewExcelAddin\Order

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Word_Core

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Word_Core\Order

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Word_Intl

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Word_Intl\Order

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\XDocs_XMLEditVerbHandler

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\XDocs_XMLEditVerbHandler\Order

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\MicrosoftDataStreamerforExcel\Count

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerPivotExcelAddin\Count

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\PowerPivotExcelAddin

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\PowerPivotExcelAddin\Count

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerViewExcelAddin\Count

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\PowerViewExcelAddin

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\PowerViewExcelAddin\Count

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Excel_Core\Count

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Excel_Core

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Excel_Core\Count

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Excel_Intl\Count

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Excel_Intl

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Excel_Intl\Count

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Graph_Core\Count

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Graph_Core

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Graph_Core\Count

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\LYNC_HKCU\Count

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\LYNC_HKCU

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\LYNC_HKCU\Count

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\AccessDE_Core\Count

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\AccessDE_Core

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\AccessDE_Core\Count

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Misc_SpsOutlookAddin\Count

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Misc_SpsOutlookAddin

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Misc_SpsOutlookAddin\Count

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Mso_Core\Count

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Mso_Core

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Mso_Core\Count

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Mso_CoreReg\Count

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Mso_CoreReg

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Mso_CoreReg\Count

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Mso_Intl\Count

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Mso_Intl

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Mso_Intl\Count

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\OneNoteToIEAddin\Count

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\OneNoteToIEAddin

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\OneNoteToIEAddin\Count

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\OneNoteToPPTAddin\Count

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\OneNoteToPPTAddin

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\OneNoteToPPTAddin\Count

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\OneNoteToWordAddin\Count

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\OneNoteToWordAddin

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\OneNoteToWordAddin\Count

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\outexum\Count

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\outexum

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\outexum\Count

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_Core\Count

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Outlook_Core

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Outlook_Core\Count

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_Intl\Count

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Outlook_Intl

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Outlook_Intl\Count

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_SocialConnector\Count

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Outlook_SocialConnector

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Outlook_SocialConnector\Count

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_SocialProviderMOSS\Count

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Outlook_SocialProviderMOSS

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Outlook_SocialProviderMOSS\Count

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Access_Core\Count

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Access_Core

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Access_Core\Count

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerPoint_Core\Count

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\PowerPoint_Core

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\PowerPoint_Core\Count

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerPoint_Intl\Count

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\PowerPoint_Intl

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\PowerPoint_Intl\Count

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Ace_OdbcCurrentUser\Count

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Ace_OdbcCurrentUser

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Ace_OdbcCurrentUser\Count

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Word_Core\Count

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Word_Core

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Word_Core\Count

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Word_Intl\Count

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Word_Intl

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Word_Intl\Count

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\XDocs_XMLEditVerbHandler\Count

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\XDocs_XMLEditVerbHandler

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\XDocs_XMLEditVerbHandler\Count

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\Migration

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\Migration\InstallationPath

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Migration\Office

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Migration\Office\OfficeInstallationPath

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Common\ClientTelemetry

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\Common\ClientTelemetry

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\DisableTelemetry

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\EnableWriteTelemetryEventsToNexus

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\MachineId

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Identity

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\DisableOneAuth

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\EnableExchangeOnPremModernAuth

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\DisableAuthentication

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\EnableADAL

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\ServiceAuthInfoCache\LiveIdServerToServiceParams

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\ServiceAuthInfoCache\SpoServerToServiceParams

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\ServiceAuthInfoCache\ADALServerToServiceParams

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\ServiceAuthInfoCache\AadServerToServiceParams

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\ServiceAuthInfoCache\AuthContextToServiceParams

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\ServiceAuthInfoCache\BadgerServerToServiceParams

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\ONetConfig

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\ONetConfig

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ONetConfig

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\IdentityCRL

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\IdentityCRL\ServiceEnvironment

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\ScriptRun

                
                HKEY_CURRENT_USER\Software\Classes\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\TreatAs

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\TreatAs

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\(Default)

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InprocServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InprocServer32\(Default)

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\Security

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InprocHandler

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InprocHandler

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager\DllPath

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager\Threading

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager\TrustLevel

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\LocalServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager\CustomAttributes

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\Elevation

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\Elevation

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\Elevation

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\TreatAs

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\LocalServer

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InProcServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InProcServer32\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InProcHandler32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InProcHandler

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\AppID

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\DisableAADWAM

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\Profiles

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Internet

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\msoridShouldUseReauthRequestProxy

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\SpoAuthenticatorHeaderEnabled

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\IsOnRequestCompletedActivityEnabled

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\DisableMSAWAM

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ScriptRun\IdentityRun

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\Canary

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ScriptRun\OLicenseCleanup

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\NoDomainUser

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\ConnectedAccountWamAad

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\ConnectedAccountCID

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SYSTEM\CurrentControlSet\Services\FontCache\Parameters

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FontCache\Parameters

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FontCache\Parameters\ClientCacheSize

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\TreatAs

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\TreatAs

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\(Default)

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\InprocServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\InprocServer32

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\InprocHandler32

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\InprocHandler

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\InprocHandler

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\InprocHandler

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\LocalServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\AppID

                
                HKEY_CURRENT_USER\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\LocalService

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\ServiceParameters

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\RunAs

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\ActivateAtStorage

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\ROTFlags

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\AppIDFlags

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\MGOTFlags

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\ProcessMitigationPolicy

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\LaunchPermission

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\OLE\LegacyAuthenticationLevel

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\OLE\LegacyImpersonationLevel

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\AuthenticationLevel

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\RemoteServerName

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\SRPTrustLevel

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\PreferredServerBitness

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\LoadUserSettings

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\ProtectionLevel

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\LocalServer

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\LocalServer

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\LocalServer

                
                HKEY_CURRENT_USER\Software\Classes\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\Elevation

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\Elevation

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\Elevation

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\TreatAs

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\LocalServer

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\InProcServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\InProcServer

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\InProcHandler32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\InProcHandler

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\DllSurrogate

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\Policy\

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\.NETFramework\Policy\v4.0

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\.NETFramework\InstallRoot

                
                HKEY_CURRENT_USER\Software\Microsoft\.NETFramework

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\.NETFramework\UseLegacyV2RuntimeActivationPolicyDefaultValue

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\.NETFramework\OnlyUseLatestCLR

                
                Policy\Upgrades

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\.NETFramework\Policy\Upgrades

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\.NETFramework\ErrorDialog

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\.NETFramework\Fod

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\.NETFramework\FodConservativeMode

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Policies\Explorer

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\Common\Security

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Security

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\EnablePhoneOnlyAuth

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\ConfigEnvironment

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AirDrop

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--syslcid=1033&build=16.0.16924&crev=3

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--syslcid=1033&build=16.0.16924&crev=3\0

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--syslcid=1033&build=16.0.16924&crev=3\0

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--syslcid=1033&build=16.0.16924&crev=3\0\Url

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Research\Translation

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Logging

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Logging

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\Common\ClientTelemetry\ViewerSettings

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\ViewerSettings

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\ClientTelemetry

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesXmlDir

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\ClientTelemetry\RulesLastModified

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesLastModified

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesLastModified\outlook.exe_queried

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesLastModified\outlook.exe_expiration

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\ClientTelemetry\Debug

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\Debug

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\EnableWriteRulesResultToAsimov

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\EnableWriteRulesResultToFile

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\outlook.exe

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\ULSQueueAbortThreshold

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\outlook\DeferredConfigs

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\TrustCenter\Experimentation

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\TrustCenter\Experimentation

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\TrustCenter\Experimentation\DisableFeatureRollout

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\Sampling\ClientSamplingOverride

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\EnableTelemetryGrf

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\DisableServerReachability

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\Roaming

                
                HKEY_CURRENT_USER\Software\Policies\Policies\Microsoft\Office\16.0\Common\Roaming

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Roaming

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\SchemaVersion

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Licensing\LicensingNext

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities

                
                HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Office\16.0\Common\Licensing

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\Licensing

                
                HKEY_CURRENT_USER\Software\Classes\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\TreatAs

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\TreatAs

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\(Default)

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocServer32\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocServer32\ThreadingModel

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocHandler32

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocHandler

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocHandler

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocHandler

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\LocalServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\AppID

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\LocalServer

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\LocalServer

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\LocalServer

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\Elevation

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\Elevation

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\Elevation

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\TreatAs

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\LocalServer

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InProcServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InProcServer32\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InProcHandler32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InProcHandler

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Appx

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock\AllowDevelopmentWithoutDevLicense

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\System\CurrentControlSet\Control\GraphicsDrivers

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\GraphicsDrivers

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Internet\WebServiceCache

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WebServiceCache

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WebServiceCache\Session

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\SessionId

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\EnableOfficeBetaHeader

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\EnableHttpAccessTypeAutomaticProxy

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\DisableConnectionReuse

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Licensing

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\RetailDemo

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Profile.RetailInfo

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Profile.RetailInfo

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Profile.RetailInfo\ActivationType

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Profile.RetailInfo\Server

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Profile.RetailInfo\DllPath

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Profile.RetailInfo\Threading

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Profile.RetailInfo\TrustLevel

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Profile.RetailInfo\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Profile.RetailInfo\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Profile.RetailInfo\RemoteServer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Profile.RetailInfo\ActivateAsUser

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Profile.RetailInfo\ActivateInSharedBroker

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Profile.RetailInfo\ActivateInBrokerForMediumILContainer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Profile.RetailInfo\Permissions

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\LicensingNext

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Licensing\ServicePlanFeatures

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\ServicePlanFeatures

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Outlook\Options\General

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Options\General

                
                HKEY_CURRENT_USER\Software\Microsoft\Shared

                
                HKEY_CURRENT_USER\Software\Microsoft\Shared\OfficeUILanguage

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Cloud\Office\Common\ClientTelemetry

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\SendTelemetry

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\SendTelemetryTime

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Privacy

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Privacy\SettingsStore\Anonymous

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\SettingsStore\Anonymous

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\SettingsStore\Anonymous\FRESettingsMigrated

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Cloud\Office\16.0\Common\Privacy

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\ControllerConnectedServicesEnabled

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\SettingsStore\Anonymous\ControllerConnectedServicesStateTime

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\DeviceAccess

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\SettingsStore\Anonymous\DisconnectedState

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\UserContentDisabled

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\DownloadContentDisabled

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Composition.Core.CompositorController

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Composition.Core.CompositorController

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\SettingsStore\Anonymous\ConnectedExperiencesNoticeVersion

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\SettingsStore\Anonymous\OptionalConnectedExperiencesNoticeVersion

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Composition.Core.CompositorController\Server

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Composition.Core.CompositorController\DllPath

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Composition.Core.CompositorController\Threading

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Composition.Core.CompositorController\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Composition.Core.CompositorController\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Composition.Core.CompositorController\ActivateInBrokerForMediumILContainer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Composition.Core.CompositorController\Permissions

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Composition.Core.CompositorController\ActivateOnHostFlags

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\ServerReachabilityTimeout

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\UseDeviceLevelConnectivity

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00000327-0000-0000-C000-000000000046}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00000327-0000-0000-C000-000000000046}\ActivationFilterOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00000327-0000-0000-C000-000000000046}\AlternateCLSID

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00000327-0000-0000-C000-000000000046}\ScopedActivationOLEActiveXOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00000327-0000-0000-C000-000000000046}\ScopedActivationOLEJSOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00024512-0000-0000-C000-000000000046}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00024512-0000-0000-C000-000000000046}\ActivationFilterOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00024512-0000-0000-C000-000000000046}\AlternateCLSID

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00024512-0000-0000-C000-000000000046}\ScopedActivationOLEActiveXOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00024512-0000-0000-C000-000000000046}\ScopedActivationOLEJSOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD0-48AA-11D2-8432-006008C3FBFC}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD0-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD0-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD0-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD0-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD1-48AA-11D2-8432-006008C3FBFC}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD1-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD1-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD1-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD1-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD2-48AA-11D2-8432-006008C3FBFC}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD2-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD2-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD2-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD2-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD3-48AA-11D2-8432-006008C3FBFC}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD3-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD3-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD3-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD3-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD4-48AA-11D2-8432-006008C3FBFC}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD4-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD4-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD4-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD4-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD5-48AA-11D2-8432-006008C3FBFC}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD5-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD5-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD5-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD5-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD8-48AA-11D2-8432-006008C3FBFC}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD8-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD8-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD8-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD8-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD9-48AA-11D2-8432-006008C3FBFC}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD9-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD9-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD9-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD9-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDA-48AA-11D2-8432-006008C3FBFC}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDA-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDA-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDA-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDA-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDB-48AA-11D2-8432-006008C3FBFC}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDB-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDB-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDB-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDB-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{25336920-03F9-11CF-8FD0-00AA00686F13}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{25336920-03F9-11CF-8FD0-00AA00686F13}\ActivationFilterOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{25336920-03F9-11CF-8FD0-00AA00686F13}\ScopedActivationOLEActiveXOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{25336920-03F9-11CF-8FD0-00AA00686F13}\ScopedActivationOLEJSOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{25336921-03F9-11CF-8FD0-00AA00686F13}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{25336921-03F9-11CF-8FD0-00AA00686F13}\ActivationFilterOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{25336921-03F9-11CF-8FD0-00AA00686F13}\AlternateCLSID

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{25336921-03F9-11CF-8FD0-00AA00686F13}\ScopedActivationOLEActiveXOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{25336921-03F9-11CF-8FD0-00AA00686F13}\ScopedActivationOLEJSOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360200-FFF5-11d1-8d03-00a0c959bc0a}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360200-FFF5-11d1-8d03-00a0c959bc0a}\ActivationFilterOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360200-FFF5-11d1-8d03-00a0c959bc0a}\AlternateCLSID

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360200-FFF5-11d1-8d03-00a0c959bc0a}\ScopedActivationOLEActiveXOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360200-FFF5-11d1-8d03-00a0c959bc0a}\ScopedActivationOLEJSOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360201-FFF5-11d1-8D03-00A0C959BC0A}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360201-FFF5-11d1-8D03-00A0C959BC0A}\ActivationFilterOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360201-FFF5-11d1-8D03-00A0C959BC0A}\AlternateCLSID

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360201-FFF5-11d1-8D03-00A0C959BC0A}\ScopedActivationOLEActiveXOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360201-FFF5-11d1-8D03-00A0C959BC0A}\ScopedActivationOLEJSOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F3D9-98B5-11CF-BB82-00AA00BDCE0B}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F3D9-98B5-11CF-BB82-00AA00BDCE0B}\ActivationFilterOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F3D9-98B5-11CF-BB82-00AA00BDCE0B}\AlternateCLSID

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F3D9-98B5-11CF-BB82-00AA00BDCE0B}\ScopedActivationOLEActiveXOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F3D9-98B5-11CF-BB82-00AA00BDCE0B}\ScopedActivationOLEJSOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F4D8-98B5-11CF-BB82-00AA00BDCE0B}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F4D8-98B5-11CF-BB82-00AA00BDCE0B}\ActivationFilterOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F4D8-98B5-11CF-BB82-00AA00BDCE0B}\AlternateCLSID

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F4D8-98B5-11CF-BB82-00AA00BDCE0B}\ScopedActivationOLEActiveXOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F4D8-98B5-11CF-BB82-00AA00BDCE0B}\ScopedActivationOLEJSOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F5C8-98B5-11CF-BB82-00AA00BDCE0B}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F5C8-98B5-11CF-BB82-00AA00BDCE0B}\ActivationFilterOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F5C8-98B5-11CF-BB82-00AA00BDCE0B}\ScopedActivationOLEActiveXOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F5C8-98B5-11CF-BB82-00AA00BDCE0B}\ScopedActivationOLEJSOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F67D-98B5-11CF-BB82-00AA00BDCE0B}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F67D-98B5-11CF-BB82-00AA00BDCE0B}\ActivationFilterOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F67D-98B5-11CF-BB82-00AA00BDCE0B}\ScopedActivationOLEActiveXOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F67D-98B5-11CF-BB82-00AA00BDCE0B}\ScopedActivationOLEJSOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{528D46B3-3A4B-4B13-BF74-D9CBD7306E07}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{528D46B3-3A4B-4B13-BF74-D9CBD7306E07}\ActivationFilterOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{528D46B3-3A4B-4B13-BF74-D9CBD7306E07}\AlternateCLSID

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{528D46B3-3A4B-4B13-BF74-D9CBD7306E07}\ScopedActivationOLEActiveXOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{528D46B3-3A4B-4B13-BF74-D9CBD7306E07}\ScopedActivationOLEJSOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{8856F961-340A-11D0-A96B-00C04FD705A2}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{8856F961-340A-11D0-A96B-00C04FD705A2}\ActivationFilterOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{8856F961-340A-11D0-A96B-00C04FD705A2}\ScopedActivationOLEActiveXOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{8856F961-340A-11D0-A96B-00C04FD705A2}\ScopedActivationOLEJSOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{AE24FDAE-03C6-11D1-8B76-0080C744F389}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{AE24FDAE-03C6-11D1-8B76-0080C744F389}\ActivationFilterOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{AE24FDAE-03C6-11D1-8B76-0080C744F389}\AlternateCLSID

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{AE24FDAE-03C6-11D1-8B76-0080C744F389}\ScopedActivationOLEActiveXOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{AE24FDAE-03C6-11D1-8B76-0080C744F389}\ScopedActivationOLEJSOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{CE39D6F3-DAB7-41B3-9F7D-BD1CC4E92399}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{CE39D6F3-DAB7-41B3-9F7D-BD1CC4E92399}\ActivationFilterOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{CE39D6F3-DAB7-41B3-9F7D-BD1CC4E92399}\AlternateCLSID

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{CE39D6F3-DAB7-41B3-9F7D-BD1CC4E92399}\ScopedActivationOLEActiveXOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{CE39D6F3-DAB7-41B3-9F7D-BD1CC4E92399}\ScopedActivationOLEJSOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFC7-7F19-11D2-978E-0000F8757E2A}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFC7-7F19-11D2-978E-0000F8757E2A}\ActivationFilterOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFC7-7F19-11D2-978E-0000F8757E2A}\AlternateCLSID

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFC7-7F19-11D2-978E-0000F8757E2A}\ScopedActivationOLEActiveXOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFC7-7F19-11D2-978E-0000F8757E2A}\ScopedActivationOLEJSOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFD0-7F19-11D2-978E-0000F8757E2A}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFD0-7F19-11D2-978E-0000F8757E2A}\ActivationFilterOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFD0-7F19-11D2-978E-0000F8757E2A}\AlternateCLSID

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFD0-7F19-11D2-978E-0000F8757E2A}\ScopedActivationOLEActiveXOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFD0-7F19-11D2-978E-0000F8757E2A}\ScopedActivationOLEJSOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C5-7F19-11D2-978E-0000F8757E2A}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C5-7F19-11D2-978E-0000F8757E2A}\ActivationFilterOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C5-7F19-11D2-978E-0000F8757E2A}\AlternateCLSID

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C5-7F19-11D2-978E-0000F8757E2A}\ScopedActivationOLEActiveXOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C5-7F19-11D2-978E-0000F8757E2A}\ScopedActivationOLEJSOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C7-7F19-11D2-978E-0000F8757E2A}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C7-7F19-11D2-978E-0000F8757E2A}\ActivationFilterOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C7-7F19-11D2-978E-0000F8757E2A}\AlternateCLSID

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C7-7F19-11D2-978E-0000F8757E2A}\ScopedActivationOLEActiveXOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C7-7F19-11D2-978E-0000F8757E2A}\ScopedActivationOLEJSOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{F4E1E7F6-A035-41B3-9856-A3C3A1C4684F}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{F4E1E7F6-A035-41B3-9856-A3C3A1C4684F}\ActivationFilterOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{F4E1E7F6-A035-41B3-9856-A3C3A1C4684F}\AlternateCLSID

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{F4E1E7F6-A035-41B3-9856-A3C3A1C4684F}\ScopedActivationOLEActiveXOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{F4E1E7F6-A035-41B3-9856-A3C3A1C4684F}\ScopedActivationOLEJSOverride

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Common\UseAlternateOutlookAppUserModelId

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Fonts

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Fonts

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Fonts\CloudFontsVersion

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\Dwm

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Dwm

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\Dwm\DisallowNonDrawListRendering

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\IsVailContainer

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\Common\GracefulExit\OUTLOOK

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-932793227-1321892499-785312009-1001\Components\820E548C190EE2442820125F695C950A

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\820E548C190EE2442820125F695C950A

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\FeatureListForC2RGimme\EXCELFiles

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\FileFormatBallotBoxTelemetrySent

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\AcbControl

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\AcbOn

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\AcbSysIcon

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\AcbTips

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\AcbST

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\NotificationsNeverShowAgainLanguages

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\DisableBackgrounds

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\OSM

                
                HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Office\16.0\OSM

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\OSM

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\OSM

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Experiment\outlook\Language

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Experiment\outlook\EcsRequestPending

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Met

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Met

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\UI Theme

                
                HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Office\16.0\Common

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\Default UI Theme

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Default UI Theme

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UISettings

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UISettings

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UISettings\ActivationType

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UISettings\Server

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UISettings\DllPath

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UISettings\Threading

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UISettings\TrustLevel

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UISettings\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UISettings\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UISettings\RemoteServer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UISettings\ActivateAsUser

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UISettings\ActivateInSharedBroker

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UISettings\ActivateInBrokerForMediumILContainer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UISettings\Permissions

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UISettings\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\ActivationType

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\Server

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\DllPath

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\Threading

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\TrustLevel

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\RemoteServer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\ActivateAsUser

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\ActivateInSharedBroker

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\ActivateInBrokerForMediumILContainer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\Permissions

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\ActivationType

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\Server

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\DllPath

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\Threading

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\TrustLevel

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\RemoteServer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\ActivateAsUser

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\ActivateInSharedBroker

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\ActivateInBrokerForMediumILContainer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\Permissions

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\ActivationType

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\Server

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\DllPath

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\Threading

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\TrustLevel

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\RemoteServer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\ActivateAsUser

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\ActivateInSharedBroker

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\ActivateInBrokerForMediumILContainer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\Permissions

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\XAML

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\XAML

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\XAML\OneCoreTransformsEnabledByDefault

                
                HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize

                
                HKEY_CURRENT_USER\Control Panel\Colors

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent

                
                HKEY_CURRENT_USER\Software\Classes\Interface\{2DBDBA9D-20DA-519D-9078-09F835BC5BC7}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{2DBDBA9D-20DA-519D-9078-09F835BC5BC7}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{2DBDBA9D-20DA-519D-9078-09F835BC5BC7}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{2DBDBA9D-20DA-519D-9078-09F835BC5BC7}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{2DBDBA9D-20DA-519D-9078-09F835BC5BC7}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{2DBDBA9D-20DA-519D-9078-09F835BC5BC7}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{2DBDBA9D-20DA-519D-9078-09F835BC5BC7}\ProxyStubClsid32\(Default)

                
                HKEY_CURRENT_USER\Software\Classes\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\TreatAs

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\TreatAs

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\TreatAs

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\(Default)

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\InprocServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\InprocServer32\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\InprocServer32\ThreadingModel

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\InprocHandler32

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\InprocHandler

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\InprocHandler

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\InprocHandler

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WinHttpSecureProtocols

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\LocalServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\AppID

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\LocalServer

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\LocalServer

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\LocalServer

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\Elevation

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\Elevation

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\Elevation

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Accent

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent

                
                HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Personalization

                
                HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize\AppsUseLightTheme

                
                HKEY_CLASSES_ROOT\CLSID\{fdb00e52-a214-4aa1-8fba-4357bb0072ec}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\ValidationSinkHandlerName

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\PrivacyDialogsDisabled

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Security\DLP

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Security\DLP

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Common\OPerfMon

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Cloud\Office\16.0\Outlook\DisabledCmdBarItemsList

                
                HKEY_CURRENT_USER\Software\Policies\Policies\Microsoft\Cloud\Office\16.0\Outlook\DisabledCmdBarItemsList

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Outlook\DisabledCmdBarItemsList

                
                HKEY_CURRENT_USER\Software\Policies\Policies\Microsoft\Office\16.0\Outlook\DisabledCmdBarItemsList

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Cloud\Office\16.0\Outlook\DisabledCmdBarItemsCheckBoxes

                
                HKEY_CURRENT_USER\Software\Policies\Policies\Microsoft\Cloud\Office\16.0\Outlook\DisabledCmdBarItemsCheckBoxes

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Outlook\DisabledCmdBarItemsCheckBoxes

                
                HKEY_CURRENT_USER\Software\Policies\Policies\Microsoft\Office\16.0\Outlook\DisabledCmdBarItemsCheckBoxes

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Cloud\Office\16.0\Outlook\DisabledShortcutKeysList

                
                HKEY_CURRENT_USER\Software\Policies\Policies\Microsoft\Cloud\Office\16.0\Outlook\DisabledShortcutKeysList

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Outlook\DisabledShortcutKeysList

                
                HKEY_CURRENT_USER\Software\Policies\Policies\Microsoft\Office\16.0\Outlook\DisabledShortcutKeysList

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Cloud\Office\16.0\Outlook\DisabledShortcutKeysCheckBoxes

                
                HKEY_CURRENT_USER\Software\Policies\Policies\Microsoft\Cloud\Office\16.0\Outlook\DisabledShortcutKeysCheckBoxes

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Outlook\DisabledShortcutKeysCheckBoxes

                
                HKEY_CURRENT_USER\Software\Policies\Policies\Microsoft\Office\16.0\Outlook\DisabledShortcutKeysCheckBoxes

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\ConvertDocument

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\BuildLabEx

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\BuildLabEx

                
                HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings

                
                HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_POLICIES_ZONEMAP_IF_ESC_ENABLED_KB918915

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_POLICIES_ZONEMAP_IF_ESC_ENABLED_KB918915

                
                HKEY_LOCAL_MACHINE\System\Setup\SystemSetupInProgress

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_POLICIES_ZONEMAP_IF_ESC_ENABLED_KB918915

                
                HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\ZoneMap\Ranges

                
                HKEY_LOCAL_MACHINE\ZoneMap\Ranges

                
                HKEY_CURRENT_USER\ZoneMap\Ranges

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONES_CHECK_ZONEMAP_POLICY_KB941001

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONES_CHECK_ZONEMAP_POLICY_KB941001

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONES_CHECK_ZONEMAP_POLICY_KB941001

                
                HKEY_LOCAL_MACHINE\Software\Policies

                
                HKEY_CURRENT_USER\Software

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\(Default)

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FrameTabWindow

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FrameTabWindow

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FrameTabWindow

                
                HKEY_CURRENT_USER\Software\Classes\Interface\{B196B284-BAB4-101A-B69C-00AA00341D07}

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FrameMerging

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FrameMerging

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{B196B284-BAB4-101A-B69C-00AA00341D07}\ProxyStubClsid32

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{B196B284-BAB4-101A-B69C-00AA00341D07}\ProxyStubClsid32

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SessionMerging

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{B196B284-BAB4-101A-B69C-00AA00341D07}\ProxyStubClsid32\(Default)

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\SessionMerging

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\SessionMerging

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\AdminTabProcs

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\AdminTabProcs

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\AdminTabProcs

                
                HKEY_CURRENT_USER\Software\Classes\Interface\{B196B286-BAB4-101A-B69C-00AA00341D07}

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Security

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{B196B286-BAB4-101A-B69C-00AA00341D07}

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{B196B286-BAB4-101A-B69C-00AA00341D07}

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\TabProcGrowth

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\TabProcGrowth

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\TabProcGrowth

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap

                
                HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode

                
                HKEY_CURRENT_USER\Software\Classes\Interface\{1299CF18-C4F5-4B6A-BB0F-2299F0398E27}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ALLOW_REVERSE_SOLIDUS_IN_USERINFO_KB932562

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{1299CF18-C4F5-4B6A-BB0F-2299F0398E27}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ALLOW_REVERSE_SOLIDUS_IN_USERINFO_KB932562

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ALLOW_REVERSE_SOLIDUS_IN_USERINFO_KB932562

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_IETLDLIST_FOR_DOMAIN_DETERMINATION

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_IETLDLIST_FOR_DOMAIN_DETERMINATION

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_IETLDLIST_FOR_DOMAIN_DETERMINATION

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_URI_DISABLECACHE

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_URI_DISABLECACHE

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_URI_DISABLECACHE

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\outlook.exe

                
                HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Security

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Security

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\System\Setup

                
                HKEY_LOCAL_MACHINE\System\Setup

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1

                
                HKEY_CURRENT_USER\Software\Classes\Interface\{733B7764-5C0C-4AD6-BB4B-D0585E993E0E}

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{733B7764-5C0C-4AD6-BB4B-D0585E993E0E}

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones

                
                HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{733B7764-5C0C-4AD6-BB4B-D0585E993E0E}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{733B7764-5C0C-4AD6-BB4B-D0585E993E0E}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{733B7764-5C0C-4AD6-BB4B-D0585E993E0E}\ProxyStubClsid32

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{733B7764-5C0C-4AD6-BB4B-D0585E993E0E}\ProxyStubClsid32\(Default)

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1

                
                HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\Flags

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect

                
                HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\Flags

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3

                
                HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\Flags

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4

                
                HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\Flags

                
                HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Personalization\Insights

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Personalization\Insights

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0

                
                HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\Flags

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1

                
                HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4

                
                HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\NetworkStatusCache

                
                HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\BootTimeSkuOverride

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\BootTimeSkuOverride\{2C6C511D-4542-4E0C-95D0-05D4406032F2}

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Licensing\BootTimeSkuOverride

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Viewer

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\CurrentSkuIdAggregationForApp\Outlook

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Experiment\outlook\SubscriptionCustomerLicenseInfo

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\PerpetualLicenseInfo

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\CurrentSkuIdAggregationForApp

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Licensing\CurrentSkuIdAggregationForApp

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\FixedFormat

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\FixedFormat

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Security\Labels

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Security\Labels

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Perf

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\PST

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SyncMode5

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\SessionStartTimeDefaultDeltaSecs

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Category

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Name

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\ParentFolder

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform\UseHVSocket

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\RelativePath

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\ParsingName

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\InfoTip

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\LocalizedName

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Icon

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Security

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\StreamResource

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\StreamResourceType

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\LocalRedirectOnly

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Roamable

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\PreCreate

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Stream

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\PublishExpandedPath

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\DefinitionFlags

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Attributes

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\FolderTypeID

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\InitFolderHandler

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\PropertyBag

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\PropertyBag

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\KnownFolders

                
                HKEY_USERS\.DEFAULT

                
                HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders

                
                HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Cache

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\Default

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Cache

                
                HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Local AppData

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\MBCSAPIforCrack

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE\outlook.exe

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CLIENTAUTHCERTFILTER

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CLIENTAUTHCERTFILTER

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CLIENTAUTHCERTFILTER

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\RETRY_HEADERONLYPOST_ONCONNECTIONRESET

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\RETRY_HEADERONLYPOST_ONCONNECTIONRESET

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\RETRY_HEADERONLYPOST_ONCONNECTIONRESET

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING\outlook.exe

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BYPASS_CACHE_FOR_CREDPOLICY_KB936611

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BYPASS_CACHE_FOR_CREDPOLICY_KB936611

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BYPASS_CACHE_FOR_CREDPOLICY_KB936611

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_MAPPINGS_FOR_CREDPOLICY

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_MAPPINGS_FOR_CREDPOLICY

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_MAPPINGS_FOR_CREDPOLICY

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INCLUDE_PORT_IN_SPN_KB908209

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INCLUDE_PORT_IN_SPN_KB908209

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INCLUDE_PORT_IN_SPN_KB908209

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BUFFERBREAKING_818408

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BUFFERBREAKING_818408

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BUFFERBREAKING_818408

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SKIP_POST_RETRY_ON_INTERNETWRITEFILE_KB895954

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SKIP_POST_RETRY_ON_INTERNETWRITEFILE_KB895954

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SKIP_POST_RETRY_ON_INTERNETWRITEFILE_KB895954

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FIX_CHUNKED_PROXY_SCRIPT_DOWNLOAD_KB843289

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FIX_CHUNKED_PROXY_SCRIPT_DOWNLOAD_KB843289

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FIX_CHUNKED_PROXY_SCRIPT_DOWNLOAD_KB843289

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_CNAME_FOR_SPN_KB911149

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_CNAME_FOR_SPN_KB911149

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_CNAME_FOR_SPN_KB911149

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ALWAYS_USE_DNS_FOR_SPN_KB3022771

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ALWAYS_USE_DNS_FOR_SPN_KB3022771

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ALWAYS_USE_DNS_FOR_SPN_KB3022771

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PERMIT_CACHE_FOR_AUTHENTICATED_FTP_KB910274

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PERMIT_CACHE_FOR_AUTHENTICATED_FTP_KB910274

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PERMIT_CACHE_FOR_AUTHENTICATED_FTP_KB910274

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISALLOW_NULL_IN_RESPONSE_HEADERS

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISALLOW_NULL_IN_RESPONSE_HEADERS

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISALLOW_NULL_IN_RESPONSE_HEADERS

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DIGEST_NO_EXTRAS_IN_URI

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DIGEST_NO_EXTRAS_IN_URI

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DIGEST_NO_EXTRAS_IN_URI

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_PASSPORT_SESSION_STORE_KB948608

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_PASSPORT_SESSION_STORE_KB948608

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_EXCLUDE_INVALID_CLIENT_CERT_KB929477

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_EXCLUDE_INVALID_CLIENT_CERT_KB929477

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_EXCLUDE_INVALID_CLIENT_CERT_KB929477

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_UTF8_FOR_BASIC_AUTH_KB967545

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_UTF8_FOR_BASIC_AUTH_KB967545

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_UTF8_FOR_BASIC_AUTH_KB967545

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RETURN_FAILED_CONNECT_CONTENT_KB942615

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RETURN_FAILED_CONNECT_CONTENT_KB942615

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RETURN_FAILED_CONNECT_CONTENT_KB942615

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PRESERVE_SPACES_IN_FILENAMES_KB952730

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PRESERVE_SPACES_IN_FILENAMES_KB952730

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PRESERVE_SPACES_IN_FILENAMES_KB952730

                
                HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings

                
                HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\EnableZlibDeflate

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\FromCacheTimeout

                
                HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SecureProtocols

                
                HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\SecureProtocols

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\LegacyTLSAppcompat

                
                HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\LegacyTLSAppcompat

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\LegacyTLSAppcompat

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\LegacyTLSAppcompat

                
                HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\CertificateRevocation

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisableKeepAlive

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\IdnEnabled

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\PreConnectLimit

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\PreResolveLimit

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CacheMode

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttp1_1

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttp1_1

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttp1_1

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttp1_1

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyHttp1.1

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyHttp1.1

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyHttp1.1

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyHttp1.1

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnableNegotiate

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisableBasicOverClearChannel

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnableAutoProxyResultCache

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\DisplayScriptDownloadFailureUI

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\MBCSServername

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\UTF8ServerNameRes

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisableReadRange

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SocketSendBufferLength

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SocketReceiveBufferLength

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\KeepAliveTimeout

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\MaxHttpRedirects

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPerServer

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPerServer

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPerServer

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPer1_0Server

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPer1_0Server

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPer1_0Server

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPerProxy

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPerProxy

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPerProxy

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ServerInfoTimeout

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectTimeOut

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectTimeOut

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectTimeOut

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectRetries

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectRetries

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectRetries

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SendTimeOut

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SendTimeOut

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SendTimeOut

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ReceiveTimeOut

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ReceiveTimeOut

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ReceiveTimeOut

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisableNTLMPreAuth

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CertCacheNoValidate

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_NOTIFY_UNVERIFIED_SPN_KB2385266

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_NOTIFY_UNVERIFIED_SPN_KB2385266

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_NOTIFY_UNVERIFIED_SPN_KB2385266

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_COMPAT_USE_CONNECTION_BASED_NEGOTIATE_AUTH_KB2151543

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_COMPAT_USE_CONNECTION_BASED_NEGOTIATE_AUTH_KB2151543

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_COMPAT_USE_CONNECTION_BASED_NEGOTIATE_AUTH_KB2151543

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\HttpDefaultExpiryTimeSecs

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\FtpDefaultExpiryTimeSecs

                
                HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\LeashLegacyCookies

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DialupUseLanSettings

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DialupUseLanSettings

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DialupUseLanSettings

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SendExtraCRLF

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\BypassHTTPNoCacheCheck

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\BypassHTTPNoCacheCheck

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\BypassHTTPNoCacheCheck

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\BypassSSLNoCacheCheck

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\BypassSSLNoCacheCheck

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\BypassSSLNoCacheCheck

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttpTrace

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttpTrace

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\NoCheckAutodialOverRide

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\NoCheckAutodialOverRide

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\NoCheckAutodialOverRide

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCH_SEND_AUX_RECORD_KB_2618444

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCH_SEND_AUX_RECORD_KB_2618444

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCH_SEND_AUX_RECORD_KB_2618444

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DontUseDNSLoadBalancing

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DontUseDNSLoadBalancing

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DontUseDNSLoadBalancing

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ShareCredsWithWinHttp

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ShareCredsWithWinHttp

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\MimeExclusionListForCache

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\HeaderExclusionListForCache

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Containers

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Containers

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Containers\SecureAutoProxy

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\dnscache

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download\FeatureEnableTokenBindingOverride

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_TOKEN_BINDING

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_TOKEN_BINDING

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_TOKEN_BINDING

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DnsCacheEnabled

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DnsCacheEntries

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DnsCacheTimeout

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPost

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnAlwaysOnPost

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnZoneCrossing

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnBadCertRecving

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AlwaysDrainOnRedirect

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnHTTPSToHTTPRedirect

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\TcpAutotuning

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\TcpAutotuning

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableHttp2ConnectionSharing

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableHttp2ConnectionSharing

                
                HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\EnableInsecureTlsFallback

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableInsecureTlsFallback

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableInsecureTlsFallback

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\OutlookChangeInstallLanguage

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\MailSettings

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\MailSettings\ComposeFontSimple

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\MailSettings\ReplyFontSimple

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\MailSettings\TextFontSimple

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\MailSettings\ComposeFontComplex

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\MailSettings\ReplyFontComplex

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\MailSettings\TextFontComplex

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Outlook

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\LastUILanguage

                
                HKEY_CURRENT_USER\Control Panel\International\User Profile

                
                HKEY_CURRENT_USER\Control Panel\International\User Profile\en-US

                
                HKEY_CURRENT_USER\Control Panel\International\User Profile\en-US\TransientLangId

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\System\CurrentControlSet\Control\Nls\CustomLocale

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\x-none

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\System\CurrentControlSet\Control\Nls\ExtendedLocale

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\x-none

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\AutoProxyQueryWithFullUrl

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\AutoProxyQueryWithFullUrl

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\BadProxyExpiresTime

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoProxyDetectType

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableBranchCache

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableBranchCache

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\UseFirstAvailable

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CombineFalseStartData

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisableFalseStartBlocklist

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttp2Upgrade

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DuoProtocols

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnableSpdyDebugAsserts

                
                HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\EnableTcpFastOpen

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EdpEnforcementOverride

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EdpEnforcementOverride

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\PolicyExtensions

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\PolicyExtensions

                
                HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\QuicTestHost

                
                HKEY_CURRENT_USER\Software\Microsoft\windows\CurrentVersion\Internet Settings

                
                HKEY_CURRENT_USER\Software\Microsoft\windows\CurrentVersion\Internet Settings\MigrateProxy

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp\(Default)

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp\AutoProxyAutoLogonIfChallenged

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\windows\CurrentVersion\Internet Settings

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\windows\CurrentVersion\Internet Settings

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttpLowerCaseHost

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\windows\CurrentVersion\Internet Settings\WinHttpLowerCaseHost

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\0

                
                HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\0

                
                HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\0

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\0

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\1

                
                HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\1

                
                HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\1

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\1

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\2

                
                HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\2

                
                HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\2

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\2

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\3

                
                HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\3

                
                HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\3

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\3

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\4

                
                HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\4

                
                HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\4

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\4

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1A00

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1A00

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Cloud\Office\16.0\Outlook\Options\Mail

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Outlook\Options\Mail

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Cloud\Office\16.0\Outlook\Options\Calendar

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Outlook\Options\Calendar

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Options\Calendar

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Outlook\Cached Mode

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Cached Mode

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Outlook\Profiles

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\15.0\Outlook\Profiles

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Deleted Profiles

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Deleted Offline Files

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\HasSovereignIdentity

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Exchange\Forms Registry

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\UseOfficeUIFont

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-932793227-1321892499-785312009-1001\Installer\Components\B5BE92CC2CB71D119A12000A9CE1A22A

                
                HKEY_USERS\S-1-5-21-932793227-1321892499-785312009-1001\Software\Microsoft\Installer\Components\B5BE92CC2CB71D119A12000A9CE1A22A

                
                HKEY_LOCAL_MACHINE\Software\Classes\Installer\Components\B5BE92CC2CB71D119A12000A9CE1A22A

                
                HKEY_LOCAL_MACHINE\Software\Classes\Installer\Components\B5BE92CC2CB71D119A12000A9CE1A22A\1033

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-932793227-1321892499-785312009-1001\Installer\Features\00006109A10090400000000000F01FEC

                
                HKEY_USERS\S-1-5-21-932793227-1321892499-785312009-1001\Software\Microsoft\Installer\Features\00006109A10090400000000000F01FEC

                
                HKEY_LOCAL_MACHINE\Software\Classes\Installer\Features\00006109A10090400000000000F01FEC

                
                HKEY_LOCAL_MACHINE\Software\Classes\Installer\Features\00006109A10090400000000000F01FEC\OutlookMessagingIntl_1033

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109A10090400000000000F01FEC\Features

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109A10090400000000000F01FEC\Features\OutlookMessagingIntl_1033

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0655061D28338FF4E8FEE03E09807EBD

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0655061D28338FF4E8FEE03E09807EBD\00006109A10090400000000000F01FEC

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-932793227-1321892499-785312009-1001\Installer\Products\00006109A10090400000000000F01FEC

                
                HKEY_USERS\S-1-5-21-932793227-1321892499-785312009-1001\Software\Microsoft\Installer\Products\00006109A10090400000000000F01FEC

                
                HKEY_LOCAL_MACHINE\Software\Classes\Installer\Products\00006109A10090400000000000F01FEC

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109A10090400000000000F01FEC\Usage

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\QueryAdapterName

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DisableAdapterDomainName

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\UseDomainNameDevolution

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\UseDomainNameDevolution

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DomainNameDevolutionLevel

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\PrioritizeRecordData

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\PrioritizeRecordData

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\AllowUnqualifiedQuery

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\AllowUnqualifiedQuery

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\AppendToMultiLabelName

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ScreenBadTlds

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ScreenUnreachableServers

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ScreenDefaultServers

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DynamicServerQueryOrder

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\FilterClusterIp

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\WaitForNameErrorOnAll

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\UseEdns

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DnsSecureNameQueryFallback

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\EnableDAForAllNetworks

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DirectAccessQueryOrder

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\QueryIpMatching

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\UseHostsFile

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\AddrConfigControl

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DisableSmartNameResolution

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\PreferLocalOverLowerBindingDNS

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\QueryNetBTFQDN

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DisableSmartProtocolReordering

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\UdpRecvBufferSize

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DisableParallelAandAAAA

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DisableCoalescing

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\FilterVPNTrigger

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\EnableMultiHomedRouteConflicts

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ForceQueriesOverTcp

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ShareTcpConnections

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegistrationEnabled

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DisableDynamicUpdate

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegisterPrimaryName

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegisterAdapterName

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\EnableAdapterDomainNameRegistration

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegisterReverseLookup

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DisableReverseAddressRegistrations

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegisterWanAdapters

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DisableWanDynamicUpdate

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegistrationTtl

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DefaultRegistrationTTL

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegistrationRefreshInterval

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DefaultRegistrationRefreshInterval

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegistrationMaxAddressCount

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\MaxNumberOfAddressesToRegister

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\UpdateSecurityLevel

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\UpdateSecurityLevel

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\UpdateTopLevelDomainZones

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DowncaseSpnCauseApiOwnerIsTooLazy

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegistrationOverwrite

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\MaxCacheSize

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\MaxCacheTtl

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\MaxNegativeCacheTtl

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\AdapterTimeoutLimit

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ServerPriorityTimeLimit

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\MaxCachedSockets

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DisableServerUnreachability

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\EnableMulticast

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\MulticastResponderFlags

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\MulticastSenderFlags

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\MulticastSenderMaxTimeout

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\EnableMDNS

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DnsTest

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\UseCompartments

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\CacheAllCompartments

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\UseNewRegistration

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ResolverRegistration

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ResolverRegistrationOnly

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\NewDhcpSrvRegistration

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DirectAccessPreferLocal

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DisableIdnEncoding

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\EnableIdnMapping

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ShortnameProxyDefault

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DisableNRPTForAdapterRegistration

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\TestMode_AdaptiveTimeoutHistoryLength

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\TestMode_AdaptiveTimeoutRecalculationInterval

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DnsQueryTimeouts

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DnsQueryTimeouts

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DnsQuickQueryTimeouts

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DnsQuickQueryTimeouts

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters

                
                HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Hostname

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--syslcid=1033&build=16.0.16924&crev=3\0\Properties

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--syslcid=1033&build=16.0.16924&crev=3\0\EndDate

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--syslcid=1033&build=16.0.16924&crev=3\0\StartDate

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--syslcid=1033&build=16.0.16924&crev=3\0\FilePath

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\LicenseCategoryInfo

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\ActivationType

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\Server

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\DllPath

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Uri\DllPath

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\TrustLevel

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Uri\Threading

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\RemoteServer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\ActivateAsUser

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\ActivateInSharedBroker

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\ActivateInBrokerForMediumILContainer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\Permissions

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.TokenBrokerInternal

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.TokenBrokerInternal

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.TokenBrokerInternal\ActivationType

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.TokenBrokerInternal\Server

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.TokenBrokerInternal\DllPath

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.TokenBrokerInternal\Threading

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.TokenBrokerInternal\TrustLevel

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.TokenBrokerInternal\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.TokenBrokerInternal\CustomAttributes

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\LicenseSKUInfo

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.TokenBrokerInternal\RemoteServer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.TokenBrokerInternal\ActivateAsUser

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.TokenBrokerInternal\ActivateInSharedBroker

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.TokenBrokerInternal\ActivateInBrokerForMediumILContainer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.TokenBrokerInternal\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\Server\TokenBroker

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\TokenBroker

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\TokenBroker\ExePath

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\TokenBroker\CommandLine

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\NetworkStatusCache\ecs.office.com

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\TokenBroker\Permissions

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\TokenBroker\ActivatableClasses

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\TokenBroker\ServerType

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\TokenBroker\AppId

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\FileIO

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\FileIO

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\TokenBroker\ExplicitPsmActivationType

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\Server\TokenBroker\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\TokenBroker\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{07650A66-66EA-489D-AA90-0DABC75F3567}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{07650A66-66EA-489D-AA90-0DABC75F3567}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{07650A66-66EA-489D-AA90-0DABC75F3567}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{07650A66-66EA-489D-AA90-0DABC75F3567}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{07650A66-66EA-489D-AA90-0DABC75F3567}\ProxyStubClsid32\(Default)

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\(Default)

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InprocServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InprocServer32\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InprocServer32\ThreadingModel

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\TreatAs

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\TreatAs

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InprocHandler

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InprocHandler

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\LocalServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\AppID

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\LocalServer

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\LocalServer

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\LocalServer

                
                HKEY_CURRENT_USER\Software\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\Elevation

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1A10

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1A10

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\Name

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\ParentFolder

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\Description

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\RelativePath

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\ParsingName

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\InfoTip

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\LocalizedName

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\Icon

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\Security

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\StreamResource

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\StreamResourceType

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\LocalRedirectOnly

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\Roamable

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\PreCreate

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\Stream

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\PublishExpandedPath

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\DefinitionFlags

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\Attributes

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\FolderTypeID

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\InitFolderHandler

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\PropertyBag

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\PropertyBag

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Cookies

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{AF86E2E0-B12D-4C6A-9C5A-D7AA65101E90}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{AF86E2E0-B12D-4C6A-9C5A-D7AA65101E90}\ProxyStubClsid32\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{57D369EE-7364-4AB0-A307-BDD25BCE408C}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{57D369EE-7364-4AB0-A307-BDD25BCE408C}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{57D369EE-7364-4AB0-A307-BDD25BCE408C}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{57D369EE-7364-4AB0-A307-BDD25BCE408C}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{57D369EE-7364-4AB0-A307-BDD25BCE408C}\ProxyStubClsid32\(Default)

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{B5A6F1BC-1641-5F4C-B946-79084E41EE35}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{B5A6F1BC-1641-5F4C-B946-79084E41EE35}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{B5A6F1BC-1641-5F4C-B946-79084E41EE35}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{9E8E4BD8-BFC5-4785-94C2-B210DB698776}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{9E8E4BD8-BFC5-4785-94C2-B210DB698776}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{9E8E4BD8-BFC5-4785-94C2-B210DB698776}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{9E8E4BD8-BFC5-4785-94C2-B210DB698776}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{9E8E4BD8-BFC5-4785-94C2-B210DB698776}\ProxyStubClsid32\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\ClickToRun\Inventory\Office\16.0

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.WamProviderRegistration

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.WamProviderRegistration

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.WamProviderRegistration\ActivationType

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.WamProviderRegistration\Server

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.WamProviderRegistration\DllPath

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.WamProviderRegistration\Threading

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.WamProviderRegistration\TrustLevel

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.WamProviderRegistration\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.WamProviderRegistration\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.WamProviderRegistration\RemoteServer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.WamProviderRegistration\ActivateAsUser

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.WamProviderRegistration\ActivateInSharedBroker

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.WamProviderRegistration\ActivateInBrokerForMediumILContainer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.WamProviderRegistration\Permissions

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.WamProviderRegistration\ActivateOnHostFlags

                
                HKEY_CURRENT_USER\Software\Policy\Microsoft\Office\16.0\Outlook

                
                HKEY_LOCAL_MACHINE\Software\Classes\Installer\Components\B5BE92CC2CB71D119A12000A9CE1A22A\1033\NT

                
                HKEY_CURRENT_USER\Software\Classes\Interface\{E60E20A2-87A0-4B34-8502-EE3B8FB4EC16}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{E60E20A2-87A0-4B34-8502-EE3B8FB4EC16}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{E60E20A2-87A0-4B34-8502-EE3B8FB4EC16}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{E60E20A2-87A0-4B34-8502-EE3B8FB4EC16}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{E60E20A2-87A0-4B34-8502-EE3B8FB4EC16}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{E60E20A2-87A0-4B34-8502-EE3B8FB4EC16}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{E60E20A2-87A0-4B34-8502-EE3B8FB4EC16}\ProxyStubClsid32\(Default)

                
                HKEY_CURRENT_USER\Software\Classes\Interface\{63A0A1E5-F8FE-4BA6-8508-CAEF1277DD35}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{63A0A1E5-F8FE-4BA6-8508-CAEF1277DD35}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountProviderInternal

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequest\Threading

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequest\TrustLevel

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequest\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequest\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequest\RemoteServer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequest\ActivateAsUser

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequest\ActivateInSharedBroker

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequest\ActivateInBrokerForMediumILContainer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequest\Permissions

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequest\ActivateOnHostFlags

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\AuthN

                
                HKEY_CURRENT_USER\Software\Microsoft\AuthN

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\TokenBroker\Extensions

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\TokenBroker\Extensions

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\TokenBroker\Extensions\DisableExtensions

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\TokenBroker\Extensions\Windows.Internal.Security.Authentication.Aad.AadWamExtension

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\TokenBroker\Extensions\Windows.Internal.Security.Authentication.Aad.AadWamExtension

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\TokenBroker\Extensions\Windows.Internal.Security.Authentication.Aad.AadWamExtension\ProviderIds

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\TokenBroker\Extensions\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtension\ExtensionType

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\TokenBroker\Extensions\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtension

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\TokenBroker\Extensions\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtension

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\TokenBroker\Extensions\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtension\ExtensionCapabilities

                
                HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TokenBroker\TestHooks

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\ProgramData

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\Public

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\System\CurrentControlSet\Control\Session Manager\Environment

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Environment

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ProgramFilesDir

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ProgramFilesDir

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ProgramFilesDir (x86)

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\CommonFilesDir (x86)

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\CommonFilesDir (x86)

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ProgramW6432Dir

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-932793227-1321892499-785312009-1001

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-932793227-1321892499-785312009-1001

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-932793227-1321892499-785312009-1001\ProfileImagePath

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\AppData

                
                HKEY_CURRENT_USER\Volatile Environment

                
                HKEY_CURRENT_USER\Volatile Environment\1

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\ActivationType

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\Server

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\DllPath

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\Threading

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\TrustLevel

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\RemoteServer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\ActivateAsUser

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\ActivateInSharedBroker

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\ActivateInBrokerForMediumILContainer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\Permissions

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\ActivationType

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\Server

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\DllPath

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\Threading

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\TrustLevel

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\RemoteServer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\ActivateAsUser

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\ActivateInSharedBroker

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\ActivateInBrokerForMediumILContainer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\Permissions

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.PropertyValue

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.PropertyValue

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.PropertyValue\ActivationType

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.PropertyValue\Server

                
                HKEY_CURRENT_USER\Software\Classes\CLSID\{F1C46D71-B791-4110-8D5C-7108F22C1010}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{F1C46D71-B791-4110-8D5C-7108F22C1010}

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{F1C46D71-B791-4110-8D5C-7108F22C1010}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{F1C46D71-B791-4110-8D5C-7108F22C1010}\TreatAs

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{F1C46D71-B791-4110-8D5C-7108F22C1010}\TreatAs

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{F1C46D71-B791-4110-8D5C-7108F22C1010}\TreatAs

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{F1C46D71-B791-4110-8D5C-7108F22C1010}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{F1C46D71-B791-4110-8D5C-7108F22C1010}\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{F1C46D71-B791-4110-8D5C-7108F22C1010}\(Default)

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{F1C46D71-B791-4110-8D5C-7108F22C1010}\InprocServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{F1C46D71-B791-4110-8D5C-7108F22C1010}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{F1C46D71-B791-4110-8D5C-7108F22C1010}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{F1C46D71-B791-4110-8D5C-7108F22C1010}\InprocServer32\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{F1C46D71-B791-4110-8D5C-7108F22C1010}\InprocServer32\ThreadingModel

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{F1C46D71-B791-4110-8D5C-7108F22C1010}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{F1C46D71-B791-4110-8D5C-7108F22C1010}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{F1C46D71-B791-4110-8D5C-7108F22C1010}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{F1C46D71-B791-4110-8D5C-7108F22C1010}\Elevation

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{F1C46D71-B791-4110-8D5C-7108F22C1010}\Elevation

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{F1C46D71-B791-4110-8D5C-7108F22C1010}\InProcHandler32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{F1C46D71-B791-4110-8D5C-7108F22C1010}\InProcHandler

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{F1C46D71-B791-4110-8D5C-7108F22C1010}\AppID

                
                HKEY_CURRENT_USER\Software\Classes\Interface\{878F3F2A-34DB-42CE-A02B-D637B10A89FF}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{878F3F2A-34DB-42CE-A02B-D637B10A89FF}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{878F3F2A-34DB-42CE-A02B-D637B10A89FF}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{878F3F2A-34DB-42CE-A02B-D637B10A89FF}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{878F3F2A-34DB-42CE-A02B-D637B10A89FF}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{878F3F2A-34DB-42CE-A02B-D637B10A89FF}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{878F3F2A-34DB-42CE-A02B-D637B10A89FF}\ProxyStubClsid32\(Default)

                
                HKEY_CURRENT_USER\SOFTWARE\Microsoft\Exchange\Forms Registry

                
                HKEY_CURRENT_USER\SOFTWARE\Microsoft\Exchange\Forms Registry\CacheSyncCount

                
                HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform\Policies\0ff1ce15-a989-479d-af46-f275c6370663\Value

                
                HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform\Policies\0ff1ce15-a989-479d-af46-f275c6370663

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\DeferredCheckDisabled

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\Threading

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\TrustLevel

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\RemoteServer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\ActivateAsUser

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\ActivateInSharedBroker

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\ActivateInBrokerForMediumILContainer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\Permissions

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonObject

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonObject

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonObject\ActivationType

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonObject\Server

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonObject\DllPath

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonObject\Threading

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonObject\TrustLevel

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonObject\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonObject\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonObject\RemoteServer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonObject\ActivateAsUser

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonObject\ActivateInSharedBroker

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonObject\ActivateInBrokerForMediumILContainer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonObject\Permissions

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonObject\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonValue

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonValue

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonValue\ActivationType

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonValue\Server

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonValue\DllPath

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonValue\Threading

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonValue\TrustLevel

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonValue\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonValue\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonValue\RemoteServer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonValue\ActivateAsUser

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonValue\ActivateInSharedBroker

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonValue\ActivateInBrokerForMediumILContainer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonValue\Permissions

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonValue\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Wow6432Node\Microsoft\LanguageOverlay\OverlayPackages\en-US

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\LanguageOverlay\OverlayPackages\en-US

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\CommonW6432Dir

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Registration\DESKTOP-SUAFK0F\ProPlusRetail.AttemptGetKey

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\RemoveOOBE

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\EligibleForExtendedGrace

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Local AppData

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\CachedLicenseData\outlook.exe

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Wow6432Node

                
                HKEY_LOCAL_MACHINE\SOFTWARE

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\DefaultUserEnviroment

                
                HKEY_CURRENT_USER\Software\Classes\Interface\{1B0D3570-0877-5EC2-8A2C-3B9539506ACA}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{1B0D3570-0877-5EC2-8A2C-3B9539506ACA}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{1B0D3570-0877-5EC2-8A2C-3B9539506ACA}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{1B0D3570-0877-5EC2-8A2C-3B9539506ACA}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{1B0D3570-0877-5EC2-8A2C-3B9539506ACA}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{1B0D3570-0877-5EC2-8A2C-3B9539506ACA}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{1B0D3570-0877-5EC2-8A2C-3B9539506ACA}\ProxyStubClsid32\(Default)

                
                HKEY_CURRENT_USER\Software\Classes\CLSID\{11659A23-5884-4D1B-9CF6-67D6F4F90B36}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{11659A23-5884-4D1B-9CF6-67D6F4F90B36}

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{11659A23-5884-4D1B-9CF6-67D6F4F90B36}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{11659A23-5884-4D1B-9CF6-67D6F4F90B36}\TreatAs

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{11659A23-5884-4D1B-9CF6-67D6F4F90B36}\TreatAs

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{11659A23-5884-4D1B-9CF6-67D6F4F90B36}\TreatAs

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{11659A23-5884-4D1B-9CF6-67D6F4F90B36}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{11659A23-5884-4D1B-9CF6-67D6F4F90B36}\InprocServer32\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{11659A23-5884-4D1B-9CF6-67D6F4F90B36}\InprocServer32\ThreadingModel

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{11659A23-5884-4D1B-9CF6-67D6F4F90B36}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{11659A23-5884-4D1B-9CF6-67D6F4F90B36}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{11659A23-5884-4D1B-9CF6-67D6F4F90B36}\InprocHandler32

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{11659A23-5884-4D1B-9CF6-67D6F4F90B36}\InprocHandler

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{11659A23-5884-4D1B-9CF6-67D6F4F90B36}\InprocHandler

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{11659A23-5884-4D1B-9CF6-67D6F4F90B36}\InprocHandler

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{11659A23-5884-4D1B-9CF6-67D6F4F90B36}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{11659A23-5884-4D1B-9CF6-67D6F4F90B36}\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{11659A23-5884-4D1B-9CF6-67D6F4F90B36}\(Default)

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{11659A23-5884-4D1B-9CF6-67D6F4F90B36}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{11659A23-5884-4D1B-9CF6-67D6F4F90B36}\InprocServer32

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{11659A23-5884-4D1B-9CF6-67D6F4F90B36}\LocalServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{11659A23-5884-4D1B-9CF6-67D6F4F90B36}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{11659A23-5884-4D1B-9CF6-67D6F4F90B36}\LocalServer32

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{11659A23-5884-4D1B-9CF6-67D6F4F90B36}\Elevation

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{11659A23-5884-4D1B-9CF6-67D6F4F90B36}\Elevation

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{11659A23-5884-4D1B-9CF6-67D6F4F90B36}\Elevation

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{FE2F3D47-5D47-5499-8374-430C7CDA0204}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{FE2F3D47-5D47-5499-8374-430C7CDA0204}\ProxyStubClsid32\(Default)

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{5DB5FA32-707C-5849-A06B-91C8EB9D10E8}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{5DB5FA32-707C-5849-A06B-91C8EB9D10E8}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{5DB5FA32-707C-5849-A06B-91C8EB9D10E8}\ProxyStubClsid32

                
                HKEY_CURRENT_USER\Software\Classes\Interface\{09335560-6C6B-5A26-9348-97B781132B20}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{09335560-6C6B-5A26-9348-97B781132B20}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{09335560-6C6B-5A26-9348-97B781132B20}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{09335560-6C6B-5A26-9348-97B781132B20}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{09335560-6C6B-5A26-9348-97B781132B20}\ProxyStubClsid32

                
                HKEY_CURRENT_USER\Software\Classes\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\InprocServer32

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\InprocServer32\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\InprocServer32\ThreadingModel

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\LocalServer

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\LocalServer

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\Elevation

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\Elevation

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\Elevation

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\TreatAs

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\TreatAs

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\TreatAs

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\InProcHandler32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\InProcHandler

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\AppID

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountInternal

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountInternal

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ProgramFilesDir (x86)

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ProgramW6432Dir

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\CommonW6432Dir

                
                HKEY_LOCAL_MACHINE\SOFTWARE\DefaultUserEnviroment

                
                HKEY_CURRENT_USER\Environment

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtension

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtension

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtension\ActivationType

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtension\Server

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtension\DllPath

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtension\TrustLevel

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtension\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtension\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtension\RemoteServer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtension\ActivateAsUser

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtension\ActivateInSharedBroker

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtension\ActivateInBrokerForMediumILContainer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtension\Permissions

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtension\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\ActivationType

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\Server

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\DllPath

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\Threading

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\TrustLevel

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\RemoteServer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\ActivateAsUser

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\ActivationType

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\Server

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\DllPath

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\Threading

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\TrustLevel

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\RemoteServer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\ActivateAsUser

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\ActivateInSharedBroker

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\ActivateInBrokerForMediumILContainer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\Permissions

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\ActivationType

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\Server

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\DllPath

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\Threading

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\TrustLevel

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\RemoteServer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\ActivateAsUser

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\ActivateInSharedBroker

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\ActivateInBrokerForMediumILContainer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\Permissions

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\ActivateOnHostFlags

                
                HKEY_USERS\.default\Software\Microsoft\IdentityCRL\AppData\00000000480728C5

                
                HKEY_USERS\.default\Software\Microsoft\IdentityCRL\AppData\00000000480728C5\FirstParty

                
                HKEY_CURRENT_USER\Software\Classes\Interface\{66B59040-7C93-5F96-B52F-2C098D1557D0}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{66B59040-7C93-5F96-B52F-2C098D1557D0}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66B59040-7C93-5F96-B52F-2C098D1557D0}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{66B59040-7C93-5F96-B52F-2C098D1557D0}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{66B59040-7C93-5F96-B52F-2C098D1557D0}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66B59040-7C93-5F96-B52F-2C098D1557D0}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66B59040-7C93-5F96-B52F-2C098D1557D0}\ProxyStubClsid32\(Default)

                
                HKEY_CURRENT_USER\Software\Classes\Interface\{E0798D3D-2B4A-589A-AB12-02DCCC158AFC}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{E0798D3D-2B4A-589A-AB12-02DCCC158AFC}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{E0798D3D-2B4A-589A-AB12-02DCCC158AFC}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{E0798D3D-2B4A-589A-AB12-02DCCC158AFC}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{E0798D3D-2B4A-589A-AB12-02DCCC158AFC}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{E0798D3D-2B4A-589A-AB12-02DCCC158AFC}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{199E065C-8195-55DA-9C10-8AEAF9AC1062}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{199E065C-8195-55DA-9C10-8AEAF9AC1062}\ProxyStubClsid32

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{199E065C-8195-55DA-9C10-8AEAF9AC1062}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{199E065C-8195-55DA-9C10-8AEAF9AC1062}\ProxyStubClsid32\(Default)

                
                HKEY_CURRENT_USER\Software\Classes\Interface\{E1CDD77A-65D3-4DB0-B339-21F6A48CC2FF}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{E1CDD77A-65D3-4DB0-B339-21F6A48CC2FF}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{E1CDD77A-65D3-4DB0-B339-21F6A48CC2FF}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{E1CDD77A-65D3-4DB0-B339-21F6A48CC2FF}\ProxyStubClsid32

                
                HKEY_CURRENT_USER\Software\Classes\Interface\{00000035-0000-0000-C000-000000000046}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{00000035-0000-0000-C000-000000000046}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{00000035-0000-0000-C000-000000000046}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{00000035-0000-0000-C000-000000000046}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonArray

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonArray

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonArray\ActivationType

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonArray\Server

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonArray\DllPath

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonArray\Threading

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonArray\TrustLevel

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonArray\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonArray\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonArray\RemoteServer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonArray\ActivateAsUser

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonArray\ActivateInSharedBroker

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonArray\ActivateInBrokerForMediumILContainer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonArray\Permissions

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonArray\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\MiniNT

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\crypt32

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\crypt32\DiagLevel

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\crypt32\DiagMatchAnyMask

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CertDllOpenStoreProv

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CertDllOpenStoreProv\#16

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CertDllOpenStoreProv\Ldap

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 1

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\SystemCertificates\My\CTLs

                
                HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\My

                
                HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\My\Certificates

                
                HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\My\CRLs

                
                HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\My\CTLs

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\ADUserName

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\SignedOutMSAUser

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1186\{00000000-0000-0000-0000-000000000000}

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1170\{00000000-0000-0000-0000-000000000000}

                
                HKEY_CURRENT_USER\Software\Policies\Policies\Microsoft\Office\16.0\Common

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\Common\Audience

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Audience

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows NT\CurrentVersion\(Default)

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows NT\CurrentVersion\BuildLabEx

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\OEM

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\OEM

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\OEM\DeviceForm

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DataCollection

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\DataCollection

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\DataCollection

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SYSTEM\CurrentControlSet\Control\SystemInformation

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SystemInformation\SystemManufacturer

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SystemInformation

                
                HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SystemInformation\SystemProductName

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.Connectivity.NetworkInformation

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.Connectivity.NetworkInformation

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.Connectivity.NetworkInformation\ActivationType

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.Connectivity.NetworkInformation\Server

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.Connectivity.NetworkInformation\DllPath

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.Connectivity.NetworkInformation\Threading

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.Connectivity.NetworkInformation\TrustLevel

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{dcb00c01-570f-4a9b-8d69-199fdba5723b}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{dcb00c01-570f-4a9b-8d69-199fdba5723b}\InsecureQI

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{2ABC0864-9677-42E5-882A-D415C556C284}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{2ABC0864-9677-42E5-882A-D415C556C284}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{2ABC0864-9677-42E5-882A-D415C556C284}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{2ABC0864-9677-42E5-882A-D415C556C284}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{2ABC0864-9677-42E5-882A-D415C556C284}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{2ABC0864-9677-42E5-882A-D415C556C284}\ProxyStubClsid32\(Default)

                
                HKEY_CURRENT_USER\Software\Classes\CLSID\{1299CF18-C4F5-4B6A-BB0F-2299F0398E27}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{1299CF18-C4F5-4B6A-BB0F-2299F0398E27}

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1299CF18-C4F5-4B6A-BB0F-2299F0398E27}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{1299CF18-C4F5-4B6A-BB0F-2299F0398E27}\TreatAs

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{1299CF18-C4F5-4B6A-BB0F-2299F0398E27}\TreatAs

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1299CF18-C4F5-4B6A-BB0F-2299F0398E27}\TreatAs

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{1299CF18-C4F5-4B6A-BB0F-2299F0398E27}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1299CF18-C4F5-4B6A-BB0F-2299F0398E27}\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1299CF18-C4F5-4B6A-BB0F-2299F0398E27}\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1299CF18-C4F5-4B6A-BB0F-2299F0398E27}\InprocServer32\(Default)

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{1299CF18-C4F5-4B6A-BB0F-2299F0398E27}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1299CF18-C4F5-4B6A-BB0F-2299F0398E27}\InprocServer32\ThreadingModel

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{1299CF18-C4F5-4B6A-BB0F-2299F0398E27}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{1299CF18-C4F5-4B6A-BB0F-2299F0398E27}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1299CF18-C4F5-4B6A-BB0F-2299F0398E27}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{22D2E146-1A68-40B8-949C-8FD848B415E6}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{22D2E146-1A68-40B8-949C-8FD848B415E6}\ProxyStubClsid32

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{22D2E146-1A68-40B8-949C-8FD848B415E6}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{22D2E146-1A68-40B8-949C-8FD848B415E6}\ProxyStubClsid32\(Default)

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\Common\ClientTelemetry\Volatile

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\Volatile

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.OnlineId.OnlineIdSystemAuthenticator\DllPath

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.OnlineId.OnlineIdSystemAuthenticator\Threading

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.OnlineId.OnlineIdServiceTicketRequest

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.OnlineId.OnlineIdServiceTicketRequest

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.OnlineId.OnlineIdServiceTicketRequest\ActivationType

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.OnlineId.OnlineIdServiceTicketRequest\Server

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.OnlineId.OnlineIdServiceTicketRequest\DllPath

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.OnlineId.OnlineIdServiceTicketRequest\Threading

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.OnlineId.OnlineIdServiceTicketRequest\TrustLevel

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.OnlineId.OnlineIdServiceTicketRequest\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.OnlineId.OnlineIdServiceTicketRequest\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.OnlineId.OnlineIdServiceTicketRequest\RemoteServer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.OnlineId.OnlineIdServiceTicketRequest\ActivateAsUser

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.OnlineId.OnlineIdServiceTicketRequest\ActivateInSharedBroker

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.OnlineId.OnlineIdServiceTicketRequest\ActivateInBrokerForMediumILContainer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.OnlineId.OnlineIdServiceTicketRequest\Permissions

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.OnlineId.OnlineIdServiceTicketRequest\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\IdentityCRL\Trace

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\IdentityCRL\Trace

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.SystemAuthenticatorInternal

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.SystemAuthenticatorInternal

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.SystemAuthenticatorInternal\ActivationType

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.SystemAuthenticatorInternal\Server

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.SystemAuthenticatorInternal\DllPath

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.SystemAuthenticatorInternal\Threading

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.SystemAuthenticatorInternal\TrustLevel

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.SystemAuthenticatorInternal\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.SystemAuthenticatorInternal\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.SystemAuthenticatorInternal\RemoteServer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.SystemAuthenticatorInternal\ActivateAsUser

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.SystemAuthenticatorInternal\ActivateInSharedBroker

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.SystemAuthenticatorInternal\ActivateInBrokerForMediumILContainer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.SystemAuthenticatorInternal\Permissions

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.SystemAuthenticatorInternal\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.AuthenticationManager

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.AuthenticationManager

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.AuthenticationManager\ActivationType

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.AuthenticationManager\Server

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.AuthenticationManager\DllPath

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.AuthenticationManager\Threading

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.AuthenticationManager\TrustLevel

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.AuthenticationManager\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.AuthenticationManager\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.AuthenticationManager\RemoteServer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.AuthenticationManager\ActivateAsUser

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.AuthenticationManager\ActivateInSharedBroker

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.AuthenticationManager\ActivateInBrokerForMediumILContainer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.AuthenticationManager\Permissions

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.AuthenticationManager\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{05F9F2EC-5950-56F8-B7F8-22E20B984679}

                
                HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{2B379600-B42B-4FE9-A59C-A312FB934935}\DeviceId

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{05F9F2EC-5950-56F8-B7F8-22E20B984679}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\IdentityCRL\ClockData

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\IdentityCRL\ClockData

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\IdentityCRL

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\TreatAs

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\(Default)

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InprocServer32

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InprocHandler

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InprocHandler

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InprocHandler

                
                HKEY_CURRENT_USER\Software\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\TreatAs

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\TreatAs

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\ActivateOnHostFlags

                
                HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property

                
                HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property\0018000D024F8B00

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InprocServer32\(Default)

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\LocalServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\AppID

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\LocalServer

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\LocalServer

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\LocalServer

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\Elevation

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\MRUS\Profiles

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\MRUS\Office365

                
                HKEY_LOCAL_MACHINE\Software\FSLogix\Profiles

                
                HKEY_LOCAL_MACHINE\Software\Policies\FSLogix\ODFC

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\DisableComingSoon

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Outlook\Options\MSHTML\International

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Options\MSHTML\International

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Options\MSHTML\International\LastIEVersion

                
                HKEY_CURRENT_USER\XmlViewFlags

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Outlook\Options

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Options

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Options\ViewSelectionCOLORREF

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\OutlookName

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Options\BrowserEmulationModeConfig

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\OUTLOOK.EXE

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\outlook.exe

                
                HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\(Default)

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Compatible

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Version

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Pre Platform

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Pre Platform

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Platform

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Security\Internet Explorer\User Agent

                
                HKEY_LOCAL_MACHINE\Security\Internet Explorer\User Agent

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\TrustCenter

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\TrustCenter

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\TrustCenter\EnableLogging

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Outlook\Setup

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Setup

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Outlook

                
                HKEY_CURRENT_USER\Software\Classes\CLSID\{0006F020-0000-0000-C000-000000000046}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{0006F020-0000-0000-C000-000000000046}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\TreatAs

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\TreatAs

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{0006F020-0000-0000-C000-000000000046}\TreatAs

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\ActivateOnHostFlags

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\InprocServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{0006F020-0000-0000-C000-000000000046}\InprocServer32

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\InprocHandler32\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{0006F020-0000-0000-C000-000000000046}\InprocHandler32

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\InprocHandler

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\InprocHandler

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{0006F020-0000-0000-C000-000000000046}\InprocHandler

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\LocalServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\LocalServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\LocalServer32\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{0006F020-0000-0000-C000-000000000046}\LocalServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\LocalServer32\ServerExecutable

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\LocalServer32\ServerExecutable

                
                HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\SafeProcessSearchMode

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\AppID

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\AppID

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\Elevation

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\Elevation

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{0006F020-0000-0000-C000-000000000046}\Elevation

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\LocalServer32\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\InProcServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\InProcServer

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\InProcHandler32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\InProcHandler32\(Default)

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\MapiObjectCacheAge

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Outlook\RPC

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\RPC

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Exchange\Client\Options

                
                HKEY_CURRENT_USER\Software\Microsoft\Exchange\Client\Options

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\IgnoreOtherMapiSessions

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Cloud\Office\16.0\Outlook\RPC

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Cloud\Office\16.0\Outlook\Preferences

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Outlook\Power

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Power

                
                HKEY_CURRENT_USER\Software\Policies\Policies\Microsoft\Office\16.0\Outlook

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Options\RenderForMonitorDpi

                
                HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Protocols\Mapi

                
                HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Protocols\Mapi\OutlookVersionLastIndexed

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\DefaultProfile

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\8503020000000000c000000000000046

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\8503020000000000c000000000000046\0102300b

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\13dbb0c8aa05101a9bb000aa002fc45a

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Outlook\CancelRPC

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\CancelRPC

                
                HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Office\16.0\Outlook\CancelRPC

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Office\16.0\Outlook\CancelRPC

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Exchange\Setup

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\0a0d020000000000c000000000000046

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\0a0d020000000000c000000000000046\000b0413

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\0a0d020000000000c000000000000046\000b0412

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Cloud\Office\16.0\Outlook\Options

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Options\DisableCreateServices

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-932793227-1321892499-785312009-1001\Installer\Components\F1291BD604B860441AB89E60BDEE0F9C

                
                HKEY_USERS\S-1-5-21-932793227-1321892499-785312009-1001\Software\Microsoft\Installer\Components\F1291BD604B860441AB89E60BDEE0F9C

                
                HKEY_LOCAL_MACHINE\Software\Classes\Installer\Components\F1291BD604B860441AB89E60BDEE0F9C

                
                HKEY_LOCAL_MACHINE\Software\Classes\Installer\Components\F1291BD604B860441AB89E60BDEE0F9C\1033\NT

                
                HKEY_LOCAL_MACHINE\Software\Classes\Installer\Features\00006109A10090400000000000F01FEC\OutlookMAPI2Intl_1033

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109A10090400000000000F01FEC\Features\OutlookMAPI2Intl_1033

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A96E51B0B5C25E443B7D9192B592AFA9

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A96E51B0B5C25E443B7D9192B592AFA9\00006109A10090400000000000F01FEC

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF1555CB0248D304997DE1CA911196AE

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF1555CB0248D304997DE1CA911196AE\00006109A10090400000000000F01FEC

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\82DB74ACBB5B12042926FA29069E0E10

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\82DB74ACBB5B12042926FA29069E0E10\00006109A10090400000000000F01FEC

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows Messaging Subsystem

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows Messaging Subsystem\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Messaging Subsystem

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows Messaging Subsystem\CMCDLLNAME32

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\001f3d0a

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\001f3d13

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\101e3d0f

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\001f3d0b

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\00033009

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\001f3d09

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\001f3001

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\001f300a

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\001f3d13

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\00033e03

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\001f3006

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\01023d0c

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\001f3d09

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\001f3001

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\00033009

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2\11023d05

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2\01023d11

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\01023d01

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2\01023d01

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2\01023d00

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2\01023d02

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2\01023d08

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2\01023d0e

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\01023d00

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\01023d02

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\01023d0d

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\001e3d0a

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\001e3d0b

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2\01023d0d

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2\001e3001

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2\001e3d09

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2\001f3d09

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2\01023d15

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\01023d08

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\01023d0e

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\001e3001

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\001e3d09

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\01023d15

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\0102300c

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\001e3001

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\001e3006

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\001e300a

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\001e3d09

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\01020ff6

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\01023d15

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\01026601

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\0a0d020000000000c000000000000046\000b0340

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\0a0d020000000000c000000000000046\01023d15

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\01023d0c

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\101f3d0f

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\01020ff6

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\000b3d18

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\9.0\Outlook\Setup

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Outlook\Setup

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Outlook\Setup

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Outlook\Setup\UpdateProfiles

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Setup\UpdateProfiles

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Setup\MigratePrefs

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Outlook\Setup

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Outlook\Setup

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Outlook\Setup

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\EnableWIP

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\DisableEDPIsIdentityManagedGate

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\ActivationType

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\Server

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\DllPath

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\Threading

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\TrustLevel

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\RemoteServer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\ActivateAsUser

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\ActivateInSharedBroker

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\ActivateInBrokerForMediumILContainer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\Permissions

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\ActivateOnHostFlags

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\AutoDisc

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\001e3d13

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\DisableOutlookAB

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\0003660a

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\000b6602

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\0a0d020000000000c000000000000046\00030429

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Diagnostics\BootDiagnosticsData\ProfileBeingOpened

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\0a0d020000000000c000000000000046\00030455

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\11.0\Outlook\AllowedNamedProps

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Outlook\AllowedNamedProps

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\0a0d020000000000c000000000000046\0003036f

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\0a0d020000000000c000000000000046\00030397

                
                HKEY_CURRENT_USER\Software\Classes\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\TreatAs

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\TreatAs

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\TreatAs

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\ActivateOnHostFlags

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\InprocServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\InprocServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\InprocServer32\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\InprocServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\InprocServer32\ThreadingModel

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\InprocHandler32

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\InprocHandler

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\InprocHandler

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\InprocHandler

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\LocalServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\LocalServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\AppID

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\AppID

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\LocalServer

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\LocalServer

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\LocalServer

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\Elevation

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\Elevation

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\Elevation

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\LocalServer

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\InProcServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\InProcServer32\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\InProcHandler32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\InProcHandler

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{ed475410-b0d6-11d2-8c3b-00104b2a6676}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{ed475410-b0d6-11d2-8c3b-00104b2a6676}\InsecureQI

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\{ED475418-B0D6-11D2-8C3B-00104B2A6676}

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\LastChangeVer

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\{ED475419-B0D6-11D2-8C3B-00104B2A6676}

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\{ED475420-B0D6-11D2-8C3B-00104B2A6676}

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2\001f3001

                
                HKEY_CURRENT_USER\Software\Classes\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\TreatAs

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\TreatAs

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\TreatAs

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\(Default)

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\InprocServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\InprocServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\InprocServer32\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\InprocServer32\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\InprocServer32\ThreadingModel

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\InprocHandler32

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\InprocHandler

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\InprocHandler

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\InprocHandler

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\LocalServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\AppID

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\LocalServer

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\LocalServer

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\LocalServer

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\Elevation

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\Elevation

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\Elevation

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\LocalServer

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\InProcServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\InProcServer32\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\InProcHandler32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\InProcHandler

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{ed475414-b0d6-11d2-8c3b-00104b2a6676}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{ed475414-b0d6-11d2-8c3b-00104b2a6676}\InsecureQI

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\CounterLock

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\NextAccountID

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\clsid

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Mini UID

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Include in Download

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Migration Flags

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Is Account Disabled

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\New Signature

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Reply-Forward Signature

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Delivery Store EntryID

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Delivery Folder EntryID

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Service UID

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Preferences UID

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Auth Identity UID

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Account UID

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Account Home Realm Discovery Identity

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Service Name

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\MAPI Provider

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Identity Eid

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\XP Status

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\XP Provider UID

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Account Name

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\0003300d

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\b17d809605e8554093abe24c7fdc4083

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\b17d809605e8554093abe24c7fdc4083\001f3001

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\Version

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Cloud\Office\16.0\Outlook\Cached Mode

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\5a835b5131048343a7e9c42aba1a2940

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\5a835b5131048343a7e9c42aba1a2940\000b6601

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Setup\DisableOffice365SimplifiedAccountCreation

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Outlook\AutoDiscover

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\AutoDiscover

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Diagnostics\BootDiagnosticsData\CantBootResolution

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontLink\SystemLink

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontLink\SystemLink

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\Disable

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\DataFilePath

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane1

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane2

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane3

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane4

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane5

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane6

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane7

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane8

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane9

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane10

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane11

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane12

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane13

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane14

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane15

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane16

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Tahoma

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Tahoma

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Segoe UI Light

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Segoe UI Light

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Segoe UI

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Segoe UI

                
                HKEY_CURRENT_USER\Control Panel\Desktop

                
                HKEY_CURRENT_USER\Control Panel\Desktop\CaretWidth

                
                HKEY_CURRENT_USER\Control Panel\Desktop\CursorBlinkRate

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Globalization.Language

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Globalization.Language

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Globalization.Language\ActivationType

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Globalization.Language\Server

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Globalization.Language\DllPath

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Globalization.Language\Threading

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Globalization.Language\TrustLevel

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Globalization.Language\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Globalization.Language\CustomAttributes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Globalization.Language\RemoteServer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Globalization.Language\ActivateAsUser

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Globalization.Language\ActivateInSharedBroker

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Globalization.Language\ActivateInBrokerForMediumILContainer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Globalization.Language\Permissions

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Globalization.Language\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\SideBySide\AssemblyStorageRoots

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SideBySide\AssemblyStorageRoots

                
                HKEY_CURRENT_USER\Software\Classes\Interface\{00000160-0000-0000-C000-000000000046}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{00000160-0000-0000-C000-000000000046}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{00000160-0000-0000-C000-000000000046}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{00000160-0000-0000-C000-000000000046}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{00000160-0000-0000-C000-000000000046}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{00000160-0000-0000-C000-000000000046}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{00000160-0000-0000-C000-000000000046}\ProxyStubClsid32\(Default)

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Microsoft\Ole\Extensions

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\Extensions

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\Extensions\DragDropExtension

                
                HKEY_CURRENT_USER\Software\Classes\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\TreatAs

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\TreatAs

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\TreatAs

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\(Default)

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\InprocServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\InprocServer32\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\InprocServer32\ThreadingModel

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\InprocHandler32

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\InprocHandler

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\InprocHandler

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\InprocHandler

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\LocalServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\AppID

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\LocalServer

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\LocalServer

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\LocalServer

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\Elevation

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\Elevation

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\Elevation

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\LocalServer

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\InProcServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\InProcServer32\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\InProcHandler32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\InProcHandler

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Cloud\Office\16.0\Outlook\options

                
                HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Outlook\options

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\options

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\options\DisableO365

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows NT\CurrentVersion\FontSubstitutes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\FontSubstitutes

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\MS Shell Dlg 2

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\RoamingLastSyncTimeOutlook

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\RoamingConfigurableSettings

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\Compatibility\OUTLOOK.EXE

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\OOBE

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\OOBE\LaunchUserOOBE

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\CTF

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\CTF\(Default)

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\CTF\EnableAnchorContext

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\CTF\EnableAnchorContext

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Segoe UI

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{4590f811-1d3a-11d0-891f-00aa004b2e24}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4590f811-1d3a-11d0-891f-00aa004b2e24}\InsecureQI

                
                HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\System\DNSClient

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Domain

                
                HKEY_CURRENT_USER\Software\Classes\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\TreatAs

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\TreatAs

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\TreatAs

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\(Default)

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\InprocServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\InprocServer32

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\InprocHandler32

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\InprocHandler

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\InprocHandler

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\InprocHandler

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\LocalServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\AppID

                
                HKEY_CURRENT_USER\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\LocalService

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\ServiceParameters

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\RunAs

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\ActivateAtStorage

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\ROTFlags

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\AppIDFlags

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\MGOTFlags

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\ProcessMitigationPolicy

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\LaunchPermission

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\AuthenticationLevel

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\RemoteServerName

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\SRPTrustLevel

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\PreferredServerBitness

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\LoadUserSettings

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\ProtectionLevel

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\LocalServer

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\LocalServer

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\LocalServer

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\Elevation

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\Elevation

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\Elevation

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\LocalServer

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\InProcServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\InProcServer

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\InProcHandler32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\InProcHandler

                
                HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\DllSurrogate

                
                HKEY_CURRENT_USER\Software\Classes\Interface\{D4781CD6-E5D3-44DF-AD94-930EFE48A887}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{D4781CD6-E5D3-44DF-AD94-930EFE48A887}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{D4781CD6-E5D3-44DF-AD94-930EFE48A887}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{D4781CD6-E5D3-44DF-AD94-930EFE48A887}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{D4781CD6-E5D3-44DF-AD94-930EFE48A887}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{D4781CD6-E5D3-44DF-AD94-930EFE48A887}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{D4781CD6-E5D3-44DF-AD94-930EFE48A887}\ProxyStubClsid32\(Default)

                
                HKEY_CURRENT_USER\Software\Classes\Interface\{9F6C78EF-FCE5-42FA-ABEA-3E7DF91921DC}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{9F6C78EF-FCE5-42FA-ABEA-3E7DF91921DC}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{9F6C78EF-FCE5-42FA-ABEA-3E7DF91921DC}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{9F6C78EF-FCE5-42FA-ABEA-3E7DF91921DC}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{9F6C78EF-FCE5-42FA-ABEA-3E7DF91921DC}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{9F6C78EF-FCE5-42FA-ABEA-3E7DF91921DC}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{9F6C78EF-FCE5-42FA-ABEA-3E7DF91921DC}\ProxyStubClsid32\(Default)

                
                HKEY_CURRENT_USER\Software\Classes\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\TreatAs

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\TreatAs

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\TreatAs

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\(Default)

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InprocServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InprocServer32\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InprocServer32\ThreadingModel

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InprocHandler32

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InprocHandler

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InprocHandler

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InprocHandler

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\LocalServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\AppID

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\LocalServer

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\LocalServer

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\LocalServer

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\Elevation

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\Elevation

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\Elevation

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\LocalServer

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InProcServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InProcServer32\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InProcHandler32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InProcHandler

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Security\NoOleLoadFromStreamChecks

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en

                
                HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en

                
                HKEY_CURRENT_USER\Software\Classes\Interface\{9556DC99-828C-11CF-A37E-00AA003240C7}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{9556DC99-828C-11CF-A37E-00AA003240C7}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{9556DC99-828C-11CF-A37E-00AA003240C7}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{9556DC99-828C-11CF-A37E-00AA003240C7}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{9556DC99-828C-11CF-A37E-00AA003240C7}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{9556DC99-828C-11CF-A37E-00AA003240C7}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{9556DC99-828C-11CF-A37E-00AA003240C7}\ProxyStubClsid32\(Default)

                
                HKEY_CURRENT_USER\Software\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\TreatAs

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\TreatAs

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\TreatAs

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\(Default)

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32\ThreadingModel

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocHandler32

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocHandler

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocHandler

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocHandler

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\LocalServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\AppID

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\LocalServer

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\LocalServer

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\LocalServer

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\Elevation

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\Elevation

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\Elevation

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\AMSI\Providers

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\AMSI\Providers

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{2781761E-28E0-4109-99FE-B9D127C57AFE}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{2781761E-28E0-4109-99FE-B9D127C57AFE}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{2781761E-28E0-4109-99FE-B9D127C57AFE}\InprocServer32\(Default)

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\AMSI

                
                HKEY_LOCAL_MACHINE\Software\Microsoft\AMSI

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\AMSI\FeatureBits

                
                HKEY_CURRENT_USER\Software\Classes\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\TreatAs

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\TreatAs

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\TreatAs

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\(Default)

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InprocServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InprocServer32\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InprocServer32\ThreadingModel

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InprocHandler32

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InprocHandler

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InprocHandler

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InprocHandler

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\LocalServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\AppID

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\LocalServer

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\LocalServer

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\LocalServer

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\Elevation

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\Elevation

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\Elevation

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\LocalServer

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InProcServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InProcServer32\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InProcHandler32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InProcHandler

                
                HKEY_CURRENT_USER\Software\Classes\Interface\{027947E1-D731-11CE-A357-000000000001}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{027947E1-D731-11CE-A357-000000000001}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{027947E1-D731-11CE-A357-000000000001}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{027947E1-D731-11CE-A357-000000000001}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{027947E1-D731-11CE-A357-000000000001}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{027947E1-D731-11CE-A357-000000000001}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{027947E1-D731-11CE-A357-000000000001}\ProxyStubClsid32\(Default)

                
                HKEY_CURRENT_USER\Software\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\TreatAs

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\TreatAs

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\TreatAs

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\ActivateOnHostFlags

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\(Default)

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32\ThreadingModel

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocHandler32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocHandler32

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocHandler

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocHandler

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocHandler

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\LocalServer32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\LocalServer32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\AppID

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\LocalServer

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\LocalServer

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\LocalServer

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\Elevation

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\Elevation

                
                HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\Elevation

                
                HKEY_CURRENT_USER\Software\Classes\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD}\ProxyStubClsid32\(Default)

                
                HKEY_CURRENT_USER\Software\Classes\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD}

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD}

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD}

                
                HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD}\ProxyStubClsid32

                
                HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD}\ProxyStubClsid32\(Default)

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\CTF\Compatibility\AppCompatClassName

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\Compatibility\AppCompatClassName

                
                HKEY_CURRENT_USER\Software\Microsoft\CTF\DirectSwitchHotkeys

                
                HKEY_CURRENT_USER\Control Panel\Desktop\SmoothScroll

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\EnableBalloonTips

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ListviewAlphaSelect

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ListviewShadow

                
                HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{2B379600-B42B-4FE9-A59C-A312FB934935}

                
                HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{2B379600-B42B-4FE9-A59C-A312FB934935}\ApplicationFlags

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft

                
                HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\(Default)

                
                HKEY_LOCAL_MACHINE\Software\Microsoft

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\IdentityCRL\ClockData

                
                HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{2B379600-B42B-4FE9-A59C-A312FB934935}\DeviceTicket

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\IdentityCRL\GlobalDeviceUpdateTime

                
                HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\IdentityCRL\ClockSkew

                
                
            

        

        

            

                
                    
                        HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Sorting\Versions\000603xx

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Common\MID

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\SusClientId

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Configuration\PackageLockerPath

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppVISV\c:\program files (x86)\microsoft office

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\AppV\Subsystem\VirtualRegistry\PassThroughPaths

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\Select\Current

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\en-US

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\en-US

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\Outlook\RipcordFlightOn

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\SideBySide\PreferExternalManifest

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\Office\16.0\ClickToRunStore\Packages\{9AC08E99-230B-47e8-9721-4577B7F124EA}\JitV32

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\(Default)

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\CommonFilesDir

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\CommonFilesDir

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\common\filespaths\mso.dll

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\Office\16.0\common\filespaths\mso.dll

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\Sampling\6

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\CountryCode

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\SDXInfo\SDXIdAndVersion

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Common\DevInstall

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\Common\LabMachine

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Configuration\AudienceId

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\ProductReleaseIDs\ActiveConfiguration

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\ProductReleaseIDs\8D3810A9-D4E0-49C6-A71B-357728C38039\culture\x-none.16\StreamPackageUrl

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\Common\AllowConsecutiveSlashesInUrlPathComponent

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\outlook\Expires

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\ApplicationUpgradeCandidate\outlook\BuildVersion

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSessionUpgradeCandidate\outlook\BuildVersion

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\outlook\Expires

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\outlook\ConfigContextData\VersionId

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\outlook\ConfigContextData\ChunkCount

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\outlook\ConfigContextData\0

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\outlook\ConfigIds

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\outlook\ETag

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\MsoWerCrashDllPath

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\common\MsoWerCrashDllPath

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Logging\Profile

                    
                        HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz

                    
                        HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TimeZoneInformation\Bias

                    
                        HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TimeZoneInformation\StandardName

                    
                        HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TimeZoneInformation\StandardBias

                    
                        HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TimeZoneInformation\StandardStart

                    
                        HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TimeZoneInformation\DaylightName

                    
                        HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TimeZoneInformation\DaylightBias

                    
                        HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TimeZoneInformation\DaylightStart

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SYSTEM\CurrentControlSet\Control\(Default)

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SYSTEM\CurrentControlSet\Control\ContainerId

                    
                        HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ContainerId

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SYSTEM\CurrentControlSet\Control\ContainerCorrelationId

                    
                        HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ContainerCorrelationId

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SYSTEM\CurrentControlSet\Control\ContainerType

                    
                        HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ContainerType

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\COM3\Com+Enabled

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Installer\Components\09BD65EF0C92D944EBCC5005A7C78A31\olmapi32.dll

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Installer\Features\00006109F00000000000000000F01FEC\OutlookMAPI2

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F00000000000000000F01FEC\Features\OutlookMAPI2

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA2D04C3603A3FA4EA34935BE9AE482D\00006109F00000000000000000F01FEC

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\117D1C94F47B6B64A81B89B9D63EB5E9\00006109F00000000000000000F01FEC

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0C21D511980CEC64F9D691A657F7ED30\00006109F00000000000000000F01FEC

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Control Panel\Cpls\mlcfg32.cpl

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A262E94032A0AC34F949C5D89CD4BD25\00006109F00000000000000000F01FEC

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\OLE\MaxSxSHashCount

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\AppRecoveryPingInterval

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Outlook\BootTimeout

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\Outlook\BootTimeout

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\CVH\VirtualProductInfo\PackageGUID

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\ProductCodeListForC2RGimme\{90160000-000F-0000-0000-0000000FF1CE}

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Registration\{90160000-000F-0000-0000-0000000FF1CE}\ClickToRun

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\FeatureListForC2RGimme\ProductFiles

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A725889A5DF965C4E84A0253A39A5952\00006109F00000000000000000F01FEC

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\LanguageResources\SKULanguage

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages\en-US

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\PreferredEditingLanguage

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\PreviousPreferredEditingLanguage

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\UIFallbackSource

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\LanguageResources\InstalledUICultures\en-us

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\UISnapshotLanguages

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\UIFallbackLanguages

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\PreferredUILanguageTagPendingInstall

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\FollowSystemUILanguage

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\LanguageResources\UILanguageInstallerFallbackOrder

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\HelpFallbackLanguages

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\HelpLanguageExplicit

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\LanguagePackTag

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\UILanguageTag

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\HelpLanguageTag

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\ExeMode

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\LangTuneUp

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\AuthoringLanguageCloud

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\LocalCache\RegionalAndLanguageSettingsAccount

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\InstallFonts

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\WellKnownContracts\Windows.Foundation.UniversalApiContract

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\UBR

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\SecurityService\DefaultAuthLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Direct3D\Drivers\Size

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Direct3D\Drivers\Name

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Direct3D\DX6TextureEnumInclusionList\Size

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Direct3D\DX6TextureEnumInclusionList\Name

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\SecurityManager\TransientObjects\%5C%5C.%5CRpc%5CAllowLpacAppExperience%5CInterface\SecurityDescriptor

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1EDD7E79811EB814A93FCB6559FABECE\00006109F00000000000000000F01FEC

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A09ECE35544363439463E4AB55A621E\00006109F00000000000000000F01FEC

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Resiliency\StartupItems\h0z

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\Common\UID

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\Office\ClickToRun\Configuration\ProductReleaseIds

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\Office\ClickToRun\Configuration\ProPlusRetail.TenantId

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6D3588D4312FC664C94D84B670142C50\00006109F00000000000000000F01FEC

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Security\EnableProcessAslrPolicy

                    
                        HKEY_CURRENT_USER\Software\Microsoft\CTF\Disable Thread Input Manager

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{6a498709-e00b-4c45-a018-8f9e4081ae40}\LanguageProfile\0x00000804\{82590C13-F4DD-44f4-BA1D-8667246FDF8E}\Enable

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81d4e9c9-1d3b-41bc-9e6c-4b40bf79e35e}\LanguageProfile\0x00000804\{FA550B04-5AD7-411f-A5AC-CA038EC515D7}\Enable

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{8613E14C-D0C0-4161-AC0F-1DD2563286BC}\LanguageProfile\0x0000ffff\{B37D4237-8D1A-412E-9026-538FE16DF216}\Enable

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile\0x00000404\{037B2C25-480C-4D7F-B027-D6CA6B69788A}\Enable

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile\0x00000404\{D38EFF65-AA46-4FD5-91A7-67845FB02F5B}\Enable

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile\0x00000473\{3CAB88B7-CC3E-46A6-9765-B772AD7761FF}\Enable

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile\0x00000478\{409C8376-007B-4357-AE8E-26316EE3FB0D}\Enable

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{F25E9F57-2FC8-4EB3-A41A-CCE5F08541E6}\LanguageProfile\0x0000FFFF\{F2510000-2FC8-4EB3-A41A-CCE5F08541E6}\Enable

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{FA445657-9379-11D6-B41A-00065B83EE53}\LanguageProfile\0x0000FFFF\{38445657-9381-11D6-B41A-00065B83EE53}\Enable

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InprocServer32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InprocServer32\ThreadingModel

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\AppID

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InProcServer32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529a9e6b-6587-4f23-ab9e-9c7d683e3c50}\InsecureQI

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\FeatureListForC2RGimme\OUTLOOKFiles

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\AccessDE_Core\Order

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Access_Core\Order

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Ace_OdbcCurrentUser\Order

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Excel_Core\Order

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Excel_Intl\Order

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Graph_Core\Order

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\LYNC_HKCU\Order

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\MicrosoftDataStreamerforExcel\Order

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Misc_SpsOutlookAddin\Order

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Mso_Core\Order

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Mso_CoreReg\Order

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Mso_Intl\Order

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\OneNoteToIEAddin\Order

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\OneNoteToPPTAddin\Order

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\OneNoteToWordAddin\Order

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\outexum\Order

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_Core\Order

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_Intl\Order

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_SocialConnector\Order

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_SocialProviderMOSS\Order

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerPivotExcelAddin\Order

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerPoint_Core\Order

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerPoint_Intl\Order

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerViewExcelAddin\Order

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Word_Core\Order

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Word_Intl\Order

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\XDocs_XMLEditVerbHandler\Order

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\MicrosoftDataStreamerforExcel\Count

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerPivotExcelAddin\Count

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\PowerPivotExcelAddin\Count

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerViewExcelAddin\Count

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\PowerViewExcelAddin\Count

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Excel_Core\Count

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Excel_Core\Count

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Excel_Intl\Count

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Excel_Intl\Count

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Graph_Core\Count

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Graph_Core\Count

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\LYNC_HKCU\Count

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\LYNC_HKCU\Count

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\AccessDE_Core\Count

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\AccessDE_Core\Count

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Misc_SpsOutlookAddin\Count

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Misc_SpsOutlookAddin\Count

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Mso_Core\Count

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Mso_Core\Count

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Mso_CoreReg\Count

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Mso_CoreReg\Count

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Mso_Intl\Count

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Mso_Intl\Count

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\OneNoteToIEAddin\Count

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\OneNoteToIEAddin\Count

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\OneNoteToPPTAddin\Count

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\OneNoteToPPTAddin\Count

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\OneNoteToWordAddin\Count

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\OneNoteToWordAddin\Count

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\outexum\Count

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\outexum\Count

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_Core\Count

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Outlook_Core\Count

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_Intl\Count

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Outlook_Intl\Count

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_SocialConnector\Count

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Outlook_SocialConnector\Count

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_SocialProviderMOSS\Count

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Outlook_SocialProviderMOSS\Count

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Access_Core\Count

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Access_Core\Count

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerPoint_Core\Count

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\PowerPoint_Core\Count

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerPoint_Intl\Count

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\PowerPoint_Intl\Count

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Ace_OdbcCurrentUser\Count

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Ace_OdbcCurrentUser\Count

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Word_Core\Count

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Word_Core\Count

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Word_Intl\Count

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Word_Intl\Count

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\XDocs_XMLEditVerbHandler\Count

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\XDocs_XMLEditVerbHandler\Count

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\Migration\InstallationPath

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Migration\Office\OfficeInstallationPath

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\DisableTelemetry

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\EnableWriteTelemetryEventsToNexus

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\MachineId

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\DisableOneAuth

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\EnableExchangeOnPremModernAuth

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\DisableAuthentication

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\EnableADAL

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\IdentityCRL\ServiceEnvironment

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InprocServer32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager\DllPath

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager\Threading

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager\TrustLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InProcServer32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\AppID

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\DisableAADWAM

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\msoridShouldUseReauthRequestProxy

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\SpoAuthenticatorHeaderEnabled

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\IsOnRequestCompletedActivityEnabled

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\DisableMSAWAM

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ScriptRun\IdentityRun

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\Canary

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\NoDomainUser

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\ConnectedAccountWamAad

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\ConnectedAccountCID

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FontCache\Parameters\ClientCacheSize

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A47979D2-C419-11D9-A5B4-001185AD2B89}\AppID

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\LocalService

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\ServiceParameters

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\RunAs

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\ActivateAtStorage

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\ROTFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\AppIDFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\MGOTFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\ProcessMitigationPolicy

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\LaunchPermission

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\OLE\LegacyAuthenticationLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\OLE\LegacyImpersonationLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\AuthenticationLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\RemoteServerName

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\SRPTrustLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\PreferredServerBitness

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\LoadUserSettings

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\ProtectionLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{C96887DA-A652-4426-905E-4A37546F847C}\DllSurrogate

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\.NETFramework\InstallRoot

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\.NETFramework\UseLegacyV2RuntimeActivationPolicyDefaultValue

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\.NETFramework\OnlyUseLatestCLR

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\.NETFramework\ErrorDialog

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\.NETFramework\Fod

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\.NETFramework\FodConservativeMode

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\EnablePhoneOnlyAuth

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\ConfigEnvironment

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--syslcid=1033&build=16.0.16924&crev=3\0\Url

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesXmlDir

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesLastModified\outlook.exe_queried

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesLastModified\outlook.exe_expiration

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\EnableWriteRulesResultToAsimov

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\EnableWriteRulesResultToFile

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\ULSQueueAbortThreshold

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\outlook\DeferredConfigs

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\TrustCenter\Experimentation\DisableFeatureRollout

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\Sampling\ClientSamplingOverride

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\EnableTelemetryGrf

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\DisableServerReachability

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\SchemaVersion

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocServer32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocServer32\ThreadingModel

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\AppID

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InProcServer32\(Default)

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock\AllowDevelopmentWithoutDevLicense

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WebServiceCache\Session

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\SessionId

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\EnableOfficeBetaHeader

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\EnableHttpAccessTypeAutomaticProxy

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\DisableConnectionReuse

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\RetailDemo

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Profile.RetailInfo\ActivationType

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Profile.RetailInfo\Server

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Profile.RetailInfo\DllPath

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Profile.RetailInfo\Threading

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Profile.RetailInfo\TrustLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Profile.RetailInfo\RemoteServer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Profile.RetailInfo\ActivateAsUser

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Profile.RetailInfo\ActivateInSharedBroker

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Profile.RetailInfo\ActivateInBrokerForMediumILContainer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.System.Profile.RetailInfo\Permissions

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Shared\OfficeUILanguage

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\SendTelemetry

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\SendTelemetryTime

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\SettingsStore\Anonymous\FRESettingsMigrated

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\ControllerConnectedServicesEnabled

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\SettingsStore\Anonymous\ControllerConnectedServicesStateTime

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\SettingsStore\Anonymous\DisconnectedState

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\UserContentDisabled

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\DownloadContentDisabled

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\SettingsStore\Anonymous\ConnectedExperiencesNoticeVersion

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\SettingsStore\Anonymous\OptionalConnectedExperiencesNoticeVersion

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Composition.Core.CompositorController\Server

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Composition.Core.CompositorController\DllPath

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Composition.Core.CompositorController\Threading

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Composition.Core.CompositorController\ActivateInBrokerForMediumILContainer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Composition.Core.CompositorController\Permissions

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.Composition.Core.CompositorController\ActivateOnHostFlags

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\ServerReachabilityTimeout

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\UseDeviceLevelConnectivity

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00000327-0000-0000-C000-000000000046}\ActivationFilterOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00000327-0000-0000-C000-000000000046}\AlternateCLSID

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00000327-0000-0000-C000-000000000046}\ScopedActivationOLEActiveXOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00000327-0000-0000-C000-000000000046}\ScopedActivationOLEJSOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00024512-0000-0000-C000-000000000046}\ActivationFilterOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00024512-0000-0000-C000-000000000046}\AlternateCLSID

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00024512-0000-0000-C000-000000000046}\ScopedActivationOLEActiveXOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00024512-0000-0000-C000-000000000046}\ScopedActivationOLEJSOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD0-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD0-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD0-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD0-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD1-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD1-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD1-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD1-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD2-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD2-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD2-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD2-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD3-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD3-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD3-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD3-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD4-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD4-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD4-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD4-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD5-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD5-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD5-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD5-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD8-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD8-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD8-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD8-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD9-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD9-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD9-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD9-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDA-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDA-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDA-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDA-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDB-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDB-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDB-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDB-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{25336920-03F9-11CF-8FD0-00AA00686F13}\ActivationFilterOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{25336920-03F9-11CF-8FD0-00AA00686F13}\ScopedActivationOLEActiveXOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{25336920-03F9-11CF-8FD0-00AA00686F13}\ScopedActivationOLEJSOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{25336921-03F9-11CF-8FD0-00AA00686F13}\ActivationFilterOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{25336921-03F9-11CF-8FD0-00AA00686F13}\AlternateCLSID

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{25336921-03F9-11CF-8FD0-00AA00686F13}\ScopedActivationOLEActiveXOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{25336921-03F9-11CF-8FD0-00AA00686F13}\ScopedActivationOLEJSOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360200-FFF5-11d1-8d03-00a0c959bc0a}\ActivationFilterOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360200-FFF5-11d1-8d03-00a0c959bc0a}\AlternateCLSID

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360200-FFF5-11d1-8d03-00a0c959bc0a}\ScopedActivationOLEActiveXOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360200-FFF5-11d1-8d03-00a0c959bc0a}\ScopedActivationOLEJSOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360201-FFF5-11d1-8D03-00A0C959BC0A}\ActivationFilterOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360201-FFF5-11d1-8D03-00A0C959BC0A}\AlternateCLSID

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360201-FFF5-11d1-8D03-00A0C959BC0A}\ScopedActivationOLEActiveXOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360201-FFF5-11d1-8D03-00A0C959BC0A}\ScopedActivationOLEJSOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F3D9-98B5-11CF-BB82-00AA00BDCE0B}\ActivationFilterOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F3D9-98B5-11CF-BB82-00AA00BDCE0B}\AlternateCLSID

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F3D9-98B5-11CF-BB82-00AA00BDCE0B}\ScopedActivationOLEActiveXOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F3D9-98B5-11CF-BB82-00AA00BDCE0B}\ScopedActivationOLEJSOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F4D8-98B5-11CF-BB82-00AA00BDCE0B}\ActivationFilterOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F4D8-98B5-11CF-BB82-00AA00BDCE0B}\AlternateCLSID

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F4D8-98B5-11CF-BB82-00AA00BDCE0B}\ScopedActivationOLEActiveXOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F4D8-98B5-11CF-BB82-00AA00BDCE0B}\ScopedActivationOLEJSOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F5C8-98B5-11CF-BB82-00AA00BDCE0B}\ActivationFilterOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F5C8-98B5-11CF-BB82-00AA00BDCE0B}\ScopedActivationOLEActiveXOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F5C8-98B5-11CF-BB82-00AA00BDCE0B}\ScopedActivationOLEJSOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F67D-98B5-11CF-BB82-00AA00BDCE0B}\ActivationFilterOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F67D-98B5-11CF-BB82-00AA00BDCE0B}\ScopedActivationOLEActiveXOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F67D-98B5-11CF-BB82-00AA00BDCE0B}\ScopedActivationOLEJSOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{528D46B3-3A4B-4B13-BF74-D9CBD7306E07}\ActivationFilterOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{528D46B3-3A4B-4B13-BF74-D9CBD7306E07}\AlternateCLSID

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{528D46B3-3A4B-4B13-BF74-D9CBD7306E07}\ScopedActivationOLEActiveXOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{528D46B3-3A4B-4B13-BF74-D9CBD7306E07}\ScopedActivationOLEJSOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{8856F961-340A-11D0-A96B-00C04FD705A2}\ActivationFilterOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{8856F961-340A-11D0-A96B-00C04FD705A2}\ScopedActivationOLEActiveXOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{8856F961-340A-11D0-A96B-00C04FD705A2}\ScopedActivationOLEJSOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{AE24FDAE-03C6-11D1-8B76-0080C744F389}\ActivationFilterOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{AE24FDAE-03C6-11D1-8B76-0080C744F389}\AlternateCLSID

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{AE24FDAE-03C6-11D1-8B76-0080C744F389}\ScopedActivationOLEActiveXOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{AE24FDAE-03C6-11D1-8B76-0080C744F389}\ScopedActivationOLEJSOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{CE39D6F3-DAB7-41B3-9F7D-BD1CC4E92399}\ActivationFilterOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{CE39D6F3-DAB7-41B3-9F7D-BD1CC4E92399}\AlternateCLSID

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{CE39D6F3-DAB7-41B3-9F7D-BD1CC4E92399}\ScopedActivationOLEActiveXOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{CE39D6F3-DAB7-41B3-9F7D-BD1CC4E92399}\ScopedActivationOLEJSOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFC7-7F19-11D2-978E-0000F8757E2A}\ActivationFilterOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFC7-7F19-11D2-978E-0000F8757E2A}\AlternateCLSID

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFC7-7F19-11D2-978E-0000F8757E2A}\ScopedActivationOLEActiveXOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFC7-7F19-11D2-978E-0000F8757E2A}\ScopedActivationOLEJSOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFD0-7F19-11D2-978E-0000F8757E2A}\ActivationFilterOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFD0-7F19-11D2-978E-0000F8757E2A}\AlternateCLSID

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFD0-7F19-11D2-978E-0000F8757E2A}\ScopedActivationOLEActiveXOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFD0-7F19-11D2-978E-0000F8757E2A}\ScopedActivationOLEJSOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C5-7F19-11D2-978E-0000F8757E2A}\ActivationFilterOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C5-7F19-11D2-978E-0000F8757E2A}\AlternateCLSID

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C5-7F19-11D2-978E-0000F8757E2A}\ScopedActivationOLEActiveXOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C5-7F19-11D2-978E-0000F8757E2A}\ScopedActivationOLEJSOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C7-7F19-11D2-978E-0000F8757E2A}\ActivationFilterOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C7-7F19-11D2-978E-0000F8757E2A}\AlternateCLSID

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C7-7F19-11D2-978E-0000F8757E2A}\ScopedActivationOLEActiveXOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C7-7F19-11D2-978E-0000F8757E2A}\ScopedActivationOLEJSOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{F4E1E7F6-A035-41B3-9856-A3C3A1C4684F}\ActivationFilterOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{F4E1E7F6-A035-41B3-9856-A3C3A1C4684F}\AlternateCLSID

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{F4E1E7F6-A035-41B3-9856-A3C3A1C4684F}\ScopedActivationOLEActiveXOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{F4E1E7F6-A035-41B3-9856-A3C3A1C4684F}\ScopedActivationOLEJSOverride

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Common\UseAlternateOutlookAppUserModelId

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Fonts\CloudFontsVersion

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\Dwm\DisallowNonDrawListRendering

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\IsVailContainer

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\Common\CrashPersistence\OUTLOOK\2160\0

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\FeatureListForC2RGimme\EXCELFiles

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\FileFormatBallotBoxTelemetrySent

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\AcbControl

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\AcbOn

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\AcbSysIcon

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\AcbTips

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\AcbST

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\NotificationsNeverShowAgainLanguages

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\DisableBackgrounds

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Experiment\outlook\EcsRequestPending

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\UI Theme

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\Default UI Theme

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Default UI Theme

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UISettings\ActivationType

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UISettings\Server

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UISettings\DllPath

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UISettings\Threading

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UISettings\TrustLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UISettings\RemoteServer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UISettings\ActivateAsUser

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UISettings\ActivateInSharedBroker

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UISettings\ActivateInBrokerForMediumILContainer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UISettings\Permissions

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UISettings\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\ActivationType

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\Server

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\DllPath

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\Threading

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\TrustLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\RemoteServer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\ActivateAsUser

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\ActivateInSharedBroker

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\ActivateInBrokerForMediumILContainer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\Permissions

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\ActivationType

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\Server

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\DllPath

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\Threading

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\TrustLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\RemoteServer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\ActivateAsUser

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\ActivateInSharedBroker

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\ActivateInBrokerForMediumILContainer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\Permissions

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\ActivationType

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\Server

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\DllPath

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\Threading

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\TrustLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\RemoteServer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\ActivateAsUser

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\ActivateInSharedBroker

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\ActivateInBrokerForMediumILContainer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\Permissions

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\XAML\OneCoreTransformsEnabledByDefault

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{2DBDBA9D-20DA-519D-9078-09F835BC5BC7}\ProxyStubClsid32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\InprocServer32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\InprocServer32\ThreadingModel

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WinHttpSecureProtocols

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\AppID

                    
                        HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize\AppsUseLightTheme

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\ValidationSinkHandlerName

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\PrivacyDialogsDisabled

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\ConvertDocument

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\BuildLabEx

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\BuildLabEx

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\(Default)

                    
                        HKEY_LOCAL_MACHINE\System\Setup\SystemSetupInProgress

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\(Default)

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FrameTabWindow

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\(Default)

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FrameTabWindow

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FrameTabWindow

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FrameMerging

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FrameMerging

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SessionMerging

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{B196B284-BAB4-101A-B69C-00AA00341D07}\ProxyStubClsid32\(Default)

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\SessionMerging

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\SessionMerging

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\AdminTabProcs

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\AdminTabProcs

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\AdminTabProcs

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\TabProcGrowth

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\TabProcGrowth

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\TabProcGrowth

                    
                        HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\(Default)

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize

                    
                        HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\(Default)

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\outlook.exe

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{733B7764-5C0C-4AD6-BB4B-D0585E993E0E}\ProxyStubClsid32\(Default)

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\Flags

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\Flags

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\Flags

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\Flags

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\Flags

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\BootTimeSkuOverride\{2C6C511D-4542-4E0C-95D0-05D4406032F2}

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Viewer

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\CurrentSkuIdAggregationForApp\Outlook

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Experiment\outlook\SubscriptionCustomerLicenseInfo

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\PerpetualLicenseInfo

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SyncMode5

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\SessionStartTimeDefaultDeltaSecs

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Category

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Name

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\ParentFolder

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform\UseHVSocket

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\RelativePath

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\ParsingName

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\InfoTip

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\LocalizedName

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Icon

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Security

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\StreamResource

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\StreamResourceType

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\LocalRedirectOnly

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Roamable

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\PreCreate

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Stream

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\PublishExpandedPath

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\DefinitionFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Attributes

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\FolderTypeID

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\InitFolderHandler

                    
                        HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Cache

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\Default

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Cache

                    
                        HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Local AppData

                    
                        HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\MBCSAPIforCrack

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE\(Default)

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE\outlook.exe

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CLIENTAUTHCERTFILTER

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CLIENTAUTHCERTFILTER

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CLIENTAUTHCERTFILTER

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING\(Default)

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING\outlook.exe

                    
                        HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\EnableZlibDeflate

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\FromCacheTimeout

                    
                        HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SecureProtocols

                    
                        HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\SecureProtocols

                    
                        HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\LegacyTLSAppcompat

                    
                        HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\LegacyTLSAppcompat

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\LegacyTLSAppcompat

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\LegacyTLSAppcompat

                    
                        HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\CertificateRevocation

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisableKeepAlive

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\IdnEnabled

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\PreConnectLimit

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\PreResolveLimit

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CacheMode

                    
                        HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttp1_1

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttp1_1

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttp1_1

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttp1_1

                    
                        HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyHttp1.1

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyHttp1.1

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyHttp1.1

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyHttp1.1

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnableNegotiate

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisableBasicOverClearChannel

                    
                        HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnableAutoProxyResultCache

                    
                        HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\DisplayScriptDownloadFailureUI

                    
                        HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\MBCSServername

                    
                        HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\UTF8ServerNameRes

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisableReadRange

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SocketSendBufferLength

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SocketReceiveBufferLength

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\KeepAliveTimeout

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\MaxHttpRedirects

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPerServer

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPerServer

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPerServer

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPer1_0Server

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPer1_0Server

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPer1_0Server

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPerProxy

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPerProxy

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPerProxy

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ServerInfoTimeout

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectTimeOut

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectTimeOut

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectTimeOut

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectRetries

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectRetries

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectRetries

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SendTimeOut

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SendTimeOut

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SendTimeOut

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ReceiveTimeOut

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ReceiveTimeOut

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ReceiveTimeOut

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisableNTLMPreAuth

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CertCacheNoValidate

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\HttpDefaultExpiryTimeSecs

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\FtpDefaultExpiryTimeSecs

                    
                        HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\LeashLegacyCookies

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DialupUseLanSettings

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DialupUseLanSettings

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DialupUseLanSettings

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SendExtraCRLF

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\BypassHTTPNoCacheCheck

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\BypassHTTPNoCacheCheck

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\BypassHTTPNoCacheCheck

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\BypassSSLNoCacheCheck

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\BypassSSLNoCacheCheck

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\BypassSSLNoCacheCheck

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttpTrace

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttpTrace

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\NoCheckAutodialOverRide

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\NoCheckAutodialOverRide

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\NoCheckAutodialOverRide

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DontUseDNSLoadBalancing

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DontUseDNSLoadBalancing

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DontUseDNSLoadBalancing

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ShareCredsWithWinHttp

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ShareCredsWithWinHttp

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\MimeExclusionListForCache

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\HeaderExclusionListForCache

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Containers\SecureAutoProxy

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download\FeatureEnableTokenBindingOverride

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DnsCacheEnabled

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DnsCacheEntries

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DnsCacheTimeout

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPost

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnAlwaysOnPost

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnZoneCrossing

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnBadCertRecving

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AlwaysDrainOnRedirect

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnHTTPSToHTTPRedirect

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\TcpAutotuning

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\TcpAutotuning

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableHttp2ConnectionSharing

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableHttp2ConnectionSharing

                    
                        HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\EnableInsecureTlsFallback

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableInsecureTlsFallback

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableInsecureTlsFallback

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\OutlookChangeInstallLanguage

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\LastUILanguage

                    
                        HKEY_CURRENT_USER\Control Panel\International\User Profile\en-US\TransientLangId

                    
                        HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\x-none

                    
                        HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\x-none

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\AutoProxyQueryWithFullUrl

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\AutoProxyQueryWithFullUrl

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\BadProxyExpiresTime

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoProxyDetectType

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableBranchCache

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableBranchCache

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\UseFirstAvailable

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CombineFalseStartData

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisableFalseStartBlocklist

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttp2Upgrade

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DuoProtocols

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnableSpdyDebugAsserts

                    
                        HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\EnableTcpFastOpen

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EdpEnforcementOverride

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EdpEnforcementOverride

                    
                        HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\QuicTestHost

                    
                        HKEY_CURRENT_USER\Software\Microsoft\windows\CurrentVersion\Internet Settings\MigrateProxy

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp\(Default)

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp\AutoProxyAutoLogonIfChallenged

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttpLowerCaseHost

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\windows\CurrentVersion\Internet Settings\WinHttpLowerCaseHost

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1A00

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1A00

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\HasSovereignIdentity

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\UseOfficeUIFont

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Installer\Components\B5BE92CC2CB71D119A12000A9CE1A22A\1033

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Installer\Features\00006109A10090400000000000F01FEC\OutlookMessagingIntl_1033

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109A10090400000000000F01FEC\Features\OutlookMessagingIntl_1033

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0655061D28338FF4E8FEE03E09807EBD\00006109A10090400000000000F01FEC

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\QueryAdapterName

                    
                        HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DisableAdapterDomainName

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\UseDomainNameDevolution

                    
                        HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\UseDomainNameDevolution

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DomainNameDevolutionLevel

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\PrioritizeRecordData

                    
                        HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\PrioritizeRecordData

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\AllowUnqualifiedQuery

                    
                        HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\AllowUnqualifiedQuery

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\AppendToMultiLabelName

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ScreenBadTlds

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ScreenUnreachableServers

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ScreenDefaultServers

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DynamicServerQueryOrder

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\FilterClusterIp

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\WaitForNameErrorOnAll

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\UseEdns

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DnsSecureNameQueryFallback

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\EnableDAForAllNetworks

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DirectAccessQueryOrder

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\QueryIpMatching

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\UseHostsFile

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\AddrConfigControl

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DisableSmartNameResolution

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\PreferLocalOverLowerBindingDNS

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\QueryNetBTFQDN

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DisableSmartProtocolReordering

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\UdpRecvBufferSize

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DisableParallelAandAAAA

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DisableCoalescing

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\FilterVPNTrigger

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\EnableMultiHomedRouteConflicts

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ForceQueriesOverTcp

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ShareTcpConnections

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegistrationEnabled

                    
                        HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DisableDynamicUpdate

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegisterPrimaryName

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegisterAdapterName

                    
                        HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\EnableAdapterDomainNameRegistration

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegisterReverseLookup

                    
                        HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DisableReverseAddressRegistrations

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegisterWanAdapters

                    
                        HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DisableWanDynamicUpdate

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegistrationTtl

                    
                        HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DefaultRegistrationTTL

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegistrationRefreshInterval

                    
                        HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DefaultRegistrationRefreshInterval

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegistrationMaxAddressCount

                    
                        HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\MaxNumberOfAddressesToRegister

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\UpdateSecurityLevel

                    
                        HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\UpdateSecurityLevel

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\UpdateTopLevelDomainZones

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DowncaseSpnCauseApiOwnerIsTooLazy

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegistrationOverwrite

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\MaxCacheSize

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\MaxCacheTtl

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\MaxNegativeCacheTtl

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\AdapterTimeoutLimit

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ServerPriorityTimeLimit

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\MaxCachedSockets

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DisableServerUnreachability

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\EnableMulticast

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\MulticastResponderFlags

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\MulticastSenderFlags

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\MulticastSenderMaxTimeout

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\EnableMDNS

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DnsTest

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\UseCompartments

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\CacheAllCompartments

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\UseNewRegistration

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ResolverRegistration

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ResolverRegistrationOnly

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\NewDhcpSrvRegistration

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DirectAccessPreferLocal

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DisableIdnEncoding

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\EnableIdnMapping

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ShortnameProxyDefault

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DisableNRPTForAdapterRegistration

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\TestMode_AdaptiveTimeoutHistoryLength

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\TestMode_AdaptiveTimeoutRecalculationInterval

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DnsQueryTimeouts

                    
                        HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DnsQueryTimeouts

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DnsQuickQueryTimeouts

                    
                        HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DnsQuickQueryTimeouts

                    
                        HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Hostname

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--syslcid=1033&build=16.0.16924&crev=3\0\Properties

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--syslcid=1033&build=16.0.16924&crev=3\0\EndDate

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--syslcid=1033&build=16.0.16924&crev=3\0\StartDate

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--syslcid=1033&build=16.0.16924&crev=3\0\FilePath

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Experiment\outlook\Language

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\LicenseCategoryInfo

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\ActivationType

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\Server

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\DllPath

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Uri\DllPath

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\TrustLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Uri\Threading

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\RemoteServer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\ActivateAsUser

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\ActivateInSharedBroker

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\ActivateInBrokerForMediumILContainer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\Permissions

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.TokenBrokerInternal\ActivationType

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.TokenBrokerInternal\Server

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.TokenBrokerInternal\DllPath

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.TokenBrokerInternal\Threading

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.TokenBrokerInternal\TrustLevel

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\LicenseSKUInfo

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.TokenBrokerInternal\RemoteServer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.TokenBrokerInternal\ActivateAsUser

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.TokenBrokerInternal\ActivateInSharedBroker

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.TokenBrokerInternal\ActivateInBrokerForMediumILContainer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.TokenBrokerInternal\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\TokenBroker\ExePath

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\TokenBroker\CommandLine

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\TokenBroker\Permissions

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\TokenBroker\ActivatableClasses

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\TokenBroker\ServerType

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\TokenBroker\AppId

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\TokenBroker\ExplicitPsmActivationType

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{07650A66-66EA-489D-AA90-0DABC75F3567}\ProxyStubClsid32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InprocServer32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InprocServer32\ThreadingModel

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\AppID

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1A10

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1A10

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\Name

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\ParentFolder

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\Description

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\RelativePath

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\ParsingName

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\InfoTip

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\LocalizedName

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\Icon

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\Security

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\StreamResource

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\StreamResourceType

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\LocalRedirectOnly

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\Roamable

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\PreCreate

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\Stream

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\PublishExpandedPath

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\DefinitionFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\Attributes

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\FolderTypeID

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\InitFolderHandler

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Cookies

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{AF86E2E0-B12D-4C6A-9C5A-D7AA65101E90}\ProxyStubClsid32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{57D369EE-7364-4AB0-A307-BDD25BCE408C}\ProxyStubClsid32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{9E8E4BD8-BFC5-4785-94C2-B210DB698776}\ProxyStubClsid32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.WamProviderRegistration\ActivationType

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.WamProviderRegistration\Server

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.WamProviderRegistration\DllPath

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.WamProviderRegistration\Threading

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.WamProviderRegistration\TrustLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.WamProviderRegistration\RemoteServer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.WamProviderRegistration\ActivateAsUser

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.WamProviderRegistration\ActivateInSharedBroker

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.WamProviderRegistration\ActivateInBrokerForMediumILContainer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.WamProviderRegistration\Permissions

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Web.WamProviderRegistration\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Installer\Components\B5BE92CC2CB71D119A12000A9CE1A22A\1033\NT

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{E60E20A2-87A0-4B34-8502-EE3B8FB4EC16}\ProxyStubClsid32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequest\Threading

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequest\TrustLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequest\RemoteServer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequest\ActivateAsUser

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequest\ActivateInSharedBroker

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequest\ActivateInBrokerForMediumILContainer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequest\Permissions

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequest\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\TokenBroker\Extensions\DisableExtensions

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\TokenBroker\Extensions\Windows.Internal.Security.Authentication.Aad.AadWamExtension\ProviderIds

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\TokenBroker\Extensions\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtension\ExtensionType

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\TokenBroker\Extensions\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtension\ExtensionCapabilities

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\ProgramData

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\Public

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ProgramFilesDir

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ProgramFilesDir

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ProgramFilesDir (x86)

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\CommonFilesDir (x86)

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\CommonFilesDir (x86)

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ProgramW6432Dir

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-932793227-1321892499-785312009-1001\ProfileImagePath

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\AppData

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\ActivationType

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\Server

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\DllPath

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\Threading

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\TrustLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\RemoteServer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\ActivateAsUser

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\ActivateInSharedBroker

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\ActivateInBrokerForMediumILContainer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\Permissions

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\ActivationType

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\Server

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\DllPath

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\Threading

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\TrustLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\RemoteServer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\ActivateAsUser

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\ActivateInSharedBroker

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\ActivateInBrokerForMediumILContainer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\Permissions

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.ValueSet\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.PropertyValue\ActivationType

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.PropertyValue\Server

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{F1C46D71-B791-4110-8D5C-7108F22C1010}\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{F1C46D71-B791-4110-8D5C-7108F22C1010}\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{F1C46D71-B791-4110-8D5C-7108F22C1010}\InprocServer32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{F1C46D71-B791-4110-8D5C-7108F22C1010}\InprocServer32\ThreadingModel

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{F1C46D71-B791-4110-8D5C-7108F22C1010}\AppID

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{878F3F2A-34DB-42CE-A02B-D637B10A89FF}\ProxyStubClsid32\(Default)

                    
                        HKEY_CURRENT_USER\SOFTWARE\Microsoft\Exchange\Forms Registry\CacheSyncCount

                    
                        HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform\Policies\0ff1ce15-a989-479d-af46-f275c6370663\Value

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\DeferredCheckDisabled

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\Threading

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\TrustLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\RemoteServer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\ActivateAsUser

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\ActivateInSharedBroker

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\ActivateInBrokerForMediumILContainer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\Permissions

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonObject\ActivationType

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonObject\Server

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonObject\DllPath

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonObject\Threading

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonObject\TrustLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonObject\RemoteServer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonObject\ActivateAsUser

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonObject\ActivateInSharedBroker

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonObject\ActivateInBrokerForMediumILContainer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonObject\Permissions

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonObject\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonValue\ActivationType

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonValue\Server

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonValue\DllPath

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonValue\Threading

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonValue\TrustLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonValue\RemoteServer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonValue\ActivateAsUser

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonValue\ActivateInSharedBroker

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonValue\ActivateInBrokerForMediumILContainer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonValue\Permissions

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonValue\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\CommonW6432Dir

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Registration\DESKTOP-SUAFK0F\ProPlusRetail.AttemptGetKey

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\RemoveOOBE

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\EligibleForExtendedGrace

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Local AppData

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{1B0D3570-0877-5EC2-8A2C-3B9539506ACA}\ProxyStubClsid32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{11659A23-5884-4D1B-9CF6-67D6F4F90B36}\InprocServer32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{11659A23-5884-4D1B-9CF6-67D6F4F90B36}\InprocServer32\ThreadingModel

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{11659A23-5884-4D1B-9CF6-67D6F4F90B36}\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{11659A23-5884-4D1B-9CF6-67D6F4F90B36}\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{FE2F3D47-5D47-5499-8374-430C7CDA0204}\ProxyStubClsid32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\InprocServer32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\InprocServer32\ThreadingModel

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\AppID

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ProgramFilesDir (x86)

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ProgramW6432Dir

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\CommonW6432Dir

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtension\ActivationType

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtension\Server

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtension\DllPath

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtension\TrustLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtension\RemoteServer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtension\ActivateAsUser

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtension\ActivateInSharedBroker

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtension\ActivateInBrokerForMediumILContainer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtension\Permissions

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtension\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\ActivationType

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\Server

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\DllPath

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\Threading

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\TrustLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\RemoteServer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\ActivateAsUser

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\ActivationType

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\Server

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\DllPath

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\Threading

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\TrustLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\RemoteServer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\ActivateAsUser

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\ActivateInSharedBroker

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\ActivateInBrokerForMediumILContainer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\Permissions

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\ActivationType

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\Server

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\DllPath

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\Threading

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\TrustLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\RemoteServer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\ActivateAsUser

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\ActivateInSharedBroker

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\ActivateInBrokerForMediumILContainer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\Permissions

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\ActivateOnHostFlags

                    
                        HKEY_USERS\.default\Software\Microsoft\IdentityCRL\AppData\00000000480728C5\FirstParty

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66B59040-7C93-5F96-B52F-2C098D1557D0}\ProxyStubClsid32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{199E065C-8195-55DA-9C10-8AEAF9AC1062}\ProxyStubClsid32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonArray\ActivationType

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonArray\Server

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonArray\DllPath

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonArray\Threading

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonArray\TrustLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonArray\RemoteServer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonArray\ActivateAsUser

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonArray\ActivateInSharedBroker

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonArray\ActivateInBrokerForMediumILContainer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonArray\Permissions

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Data.Json.JsonArray\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\crypt32\DiagLevel

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\crypt32\DiagMatchAnyMask

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\ADUserName

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\SignedOutMSAUser

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows NT\CurrentVersion\(Default)

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows NT\CurrentVersion\BuildLabEx

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\OEM\DeviceForm

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SystemInformation\SystemManufacturer

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SystemInformation\SystemProductName

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.Connectivity.NetworkInformation\ActivationType

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.Connectivity.NetworkInformation\Server

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.Connectivity.NetworkInformation\DllPath

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.Connectivity.NetworkInformation\Threading

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Networking.Connectivity.NetworkInformation\TrustLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{dcb00c01-570f-4a9b-8d69-199fdba5723b}\InsecureQI

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{2ABC0864-9677-42E5-882A-D415C556C284}\ProxyStubClsid32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1299CF18-C4F5-4B6A-BB0F-2299F0398E27}\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1299CF18-C4F5-4B6A-BB0F-2299F0398E27}\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1299CF18-C4F5-4B6A-BB0F-2299F0398E27}\InprocServer32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1299CF18-C4F5-4B6A-BB0F-2299F0398E27}\InprocServer32\ThreadingModel

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{22D2E146-1A68-40B8-949C-8FD848B415E6}\ProxyStubClsid32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.OnlineId.OnlineIdSystemAuthenticator\DllPath

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.OnlineId.OnlineIdSystemAuthenticator\Threading

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.OnlineId.OnlineIdServiceTicketRequest\ActivationType

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.OnlineId.OnlineIdServiceTicketRequest\Server

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.OnlineId.OnlineIdServiceTicketRequest\DllPath

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.OnlineId.OnlineIdServiceTicketRequest\Threading

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.OnlineId.OnlineIdServiceTicketRequest\TrustLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.OnlineId.OnlineIdServiceTicketRequest\RemoteServer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.OnlineId.OnlineIdServiceTicketRequest\ActivateAsUser

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.OnlineId.OnlineIdServiceTicketRequest\ActivateInSharedBroker

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.OnlineId.OnlineIdServiceTicketRequest\ActivateInBrokerForMediumILContainer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.OnlineId.OnlineIdServiceTicketRequest\Permissions

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.OnlineId.OnlineIdServiceTicketRequest\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.SystemAuthenticatorInternal\ActivationType

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.SystemAuthenticatorInternal\Server

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.SystemAuthenticatorInternal\DllPath

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.SystemAuthenticatorInternal\Threading

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.SystemAuthenticatorInternal\TrustLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.SystemAuthenticatorInternal\RemoteServer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.SystemAuthenticatorInternal\ActivateAsUser

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.SystemAuthenticatorInternal\ActivateInSharedBroker

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.SystemAuthenticatorInternal\ActivateInBrokerForMediumILContainer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.SystemAuthenticatorInternal\Permissions

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.SystemAuthenticatorInternal\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.AuthenticationManager\ActivationType

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.AuthenticationManager\Server

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.AuthenticationManager\DllPath

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.AuthenticationManager\Threading

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.AuthenticationManager\TrustLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.AuthenticationManager\RemoteServer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.AuthenticationManager\ActivateAsUser

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.AuthenticationManager\ActivateInSharedBroker

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.AuthenticationManager\ActivateInBrokerForMediumILContainer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.AuthenticationManager\Permissions

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.WebAuthentication.AuthenticationManager\ActivateOnHostFlags

                    
                        HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{2B379600-B42B-4FE9-A59C-A312FB934935}\DeviceId

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\ActivateOnHostFlags

                    
                        HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Property\0018000D024F8B00

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InprocServer32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\AppID

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\DisableComingSoon

                    
                        HKEY_CURRENT_USER\XmlViewFlags

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Options\ViewSelectionCOLORREF

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\OutlookName

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Options\BrowserEmulationModeConfig

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\OUTLOOK.EXE

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\outlook.exe

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\(Default)

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Compatible

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Version

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Platform

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\TrustCenter\EnableLogging

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\(Default)

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\(Default)

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\InprocHandler32\(Default)

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\LocalServer32\(Default)

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\LocalServer32\ServerExecutable

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\LocalServer32\ServerExecutable

                    
                        HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\SafeProcessSearchMode

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\AppID

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\AppID

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\LocalServer32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{0006F020-0000-0000-C000-000000000046}\InProcHandler32\(Default)

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\MapiObjectCacheAge

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\IgnoreOtherMapiSessions

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Options\RenderForMonitorDpi

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\DefaultProfile

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Options\DisableCreateServices

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Installer\Components\F1291BD604B860441AB89E60BDEE0F9C\1033\NT

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Installer\Features\00006109A10090400000000000F01FEC\OutlookMAPI2Intl_1033

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109A10090400000000000F01FEC\Features\OutlookMAPI2Intl_1033

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A96E51B0B5C25E443B7D9192B592AFA9\00006109A10090400000000000F01FEC

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF1555CB0248D304997DE1CA911196AE\00006109A10090400000000000F01FEC

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\82DB74ACBB5B12042926FA29069E0E10\00006109A10090400000000000F01FEC

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows Messaging Subsystem\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows Messaging Subsystem\CMCDLLNAME32

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2\11023d05

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2\01023d11

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2\01023d01

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2\01023d00

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2\01023d02

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2\01023d08

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2\01023d0e

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\01023d01

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\01023d00

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\01023d02

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\01023d0d

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\001e3d0a

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\001f3d0a

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\001e3d0b

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\001f3d0b

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2\01023d0d

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2\001e3001

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2\001e3d09

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2\001f3d09

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2\01023d15

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\01023d08

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\01023d0e

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\001e3001

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\001f3001

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\001e3d09

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\001f3d09

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\01023d15

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\0102300c

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\001e3001

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\001f3001

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\001e3006

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\001f3006

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\001e300a

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\001f300a

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\00033e03

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\00033009

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\01023d0c

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\001e3d09

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\001f3d09

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\01020ff6

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\01023d15

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\01026601

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\0a0d020000000000c000000000000046\01023d15

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\01023d0c

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\00033009

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\101f3d0f

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\101e3d0f

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\01020ff6

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\000b3d18

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Outlook\Setup\UpdateProfiles

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Setup\MigratePrefs

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\EnableWIP

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\DisableEDPIsIdentityManagedGate

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\ActivationType

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\Server

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\DllPath

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\Threading

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\TrustLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\RemoteServer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\ActivateAsUser

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\ActivateInSharedBroker

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\ActivateInBrokerForMediumILContainer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\Permissions

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\ActivateOnHostFlags

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\001e3d13

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\001f3d13

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\DisableOutlookAB

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\0003660a

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\000b6602

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\0a0d020000000000c000000000000046\00030429

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Diagnostics\BootDiagnosticsData\ProfileBeingOpened

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\0a0d020000000000c000000000000046\00030455

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\0a0d020000000000c000000000000046\0003036f

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\0a0d020000000000c000000000000046\00030397

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\(Default)

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\InprocServer32\(Default)

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\InprocServer32\ThreadingModel

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\AppID

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\AppID

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475410-B0D6-11D2-8C3B-00104B2A6676}\InProcServer32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{ed475410-b0d6-11d2-8c3b-00104b2a6676}\InsecureQI

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\{ED475418-B0D6-11D2-8C3B-00104B2A6676}

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\LastChangeVer

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\{ED475419-B0D6-11D2-8C3B-00104B2A6676}

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\{ED475420-B0D6-11D2-8C3B-00104B2A6676}

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2\001f3001

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\(Default)

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\InprocServer32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\InprocServer32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\InprocServer32\ThreadingModel

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\AppID

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{ED475414-B0D6-11D2-8C3B-00104B2A6676}\InProcServer32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{ed475414-b0d6-11d2-8c3b-00104b2a6676}\InsecureQI

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\NextAccountID

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\0003300d

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\Version

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\5a835b5131048343a7e9c42aba1a2940\000b6601

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Setup\DisableOffice365SimplifiedAccountCreation

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Diagnostics\OutlookBootFlag

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Diagnostics\BootDiagnosticsData\CantBootResolution

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\Disable

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\DataFilePath

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane1

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane2

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane3

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane4

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane5

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane6

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane7

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane8

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane9

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane10

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane11

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane12

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane13

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane14

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane15

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane16

                    
                        HKEY_CURRENT_USER\Control Panel\Desktop\CaretWidth

                    
                        HKEY_CURRENT_USER\Control Panel\Desktop\CursorBlinkRate

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Globalization.Language\ActivationType

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Globalization.Language\Server

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Globalization.Language\DllPath

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Globalization.Language\Threading

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Globalization.Language\TrustLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Globalization.Language\RemoteServer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Globalization.Language\ActivateAsUser

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Globalization.Language\ActivateInSharedBroker

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Globalization.Language\ActivateInBrokerForMediumILContainer

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Globalization.Language\Permissions

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Globalization.Language\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{00000160-0000-0000-C000-000000000046}\ProxyStubClsid32\(Default)

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\Extensions\DragDropExtension

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\InprocServer32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\InprocServer32\ThreadingModel

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\AppID

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\InProcServer32\(Default)

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\options\DisableO365

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\MS Shell Dlg 2

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\RoamingLastSyncTimeOutlook

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\RoamingConfigurableSettings

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\OOBE\LaunchUserOOBE

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\CTF\(Default)

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\CTF\EnableAnchorContext

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\CTF\EnableAnchorContext

                    
                        HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\FontSubstitutes\Segoe UI

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4590f811-1d3a-11d0-891f-00aa004b2e24}\InsecureQI

                    
                        HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Domain

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\AppID

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\LocalService

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\ServiceParameters

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\RunAs

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\ActivateAtStorage

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\ROTFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\AppIDFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\MGOTFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\ProcessMitigationPolicy

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\LaunchPermission

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\AuthenticationLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\RemoteServerName

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\SRPTrustLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\PreferredServerBitness

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\LoadUserSettings

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\ProtectionLevel

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\DllSurrogate

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{D4781CD6-E5D3-44DF-AD94-930EFE48A887}\ProxyStubClsid32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{9F6C78EF-FCE5-42FA-ABEA-3E7DF91921DC}\ProxyStubClsid32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InprocServer32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InprocServer32\ThreadingModel

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\AppID

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InProcServer32\(Default)

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Security\NoOleLoadFromStreamChecks

                    
                        HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en

                    
                        HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{9556DC99-828C-11CF-A37E-00AA003240C7}\ProxyStubClsid32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32\ThreadingModel

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\AppID

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{2781761E-28E0-4109-99FE-B9D127C57AFE}\InprocServer32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\AMSI\FeatureBits

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InprocServer32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InprocServer32\ThreadingModel

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\AppID

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InProcServer32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{027947E1-D731-11CE-A357-000000000001}\ProxyStubClsid32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\ActivateOnHostFlags

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32\ThreadingModel

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\AppID

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD}\ProxyStubClsid32\(Default)

                    
                        HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD}\ProxyStubClsid32\(Default)

                    
                        HKEY_CURRENT_USER\Control Panel\Desktop\SmoothScroll

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\EnableBalloonTips

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ListviewAlphaSelect

                    
                        HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ListviewShadow

                    
                        HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{2B379600-B42B-4FE9-A59C-A312FB934935}\ApplicationFlags

                    
                        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\(Default)

                    
                        HKEY_CURRENT_USER\Software\Microsoft\IdentityCRL\Immersive\production\Token\{2B379600-B42B-4FE9-A59C-A312FB934935}\DeviceTicket

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\IdentityCRL\GlobalDeviceUpdateTime

                    
                        HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\IdentityCRL\ClockSkew

                    
                
            

        

        

            

                
                
                HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\Sampling\6

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\outlook

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentEcs\outlook\Overrides

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\ExternalFeatureOverrides\outlook

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\ApplicationUpgradeCandidate\outlook

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSessionUpgradeCandidate\outlook

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\outlook

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\outlook\ConfigContextData

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\Common\CrashPersistence\OUTLOOK\2160

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\Common\CrashPersistence\OUTLOOK\2160\0

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Logging

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Logging\(Default)

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Diagnostics

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Diagnostics\OutlookBootFlag

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages\en-US

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\UISnapshotLanguages

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Resiliency\StartupItems

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Resiliency\StartupItems\h0z

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Migration\Outlook

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\SessionId

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Experiment\outlook

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Experiment\outlook\Language

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Experiment\outlook\EcsRequestPending

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet

                
                HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Experiment\outlook\SubscriptionCustomerLicenseInfo

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\OutlookChangeInstallLanguage

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\LastUILanguage

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--syslcid=1033&build=16.0.16924&crev=3\0\StartDate

                
                HKEY_CURRENT_USER\SOFTWARE\Microsoft\Exchange\Forms Registry

                
                HKEY_CURRENT_USER\SOFTWARE\Microsoft\Exchange\Forms Registry\CacheSyncCount

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\CachedLicenseData\outlook.exe

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Options\MSHTML\International

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Options\MSHTML\International\LastIEVersion

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Options\ViewSelectionCOLORREF

                
                HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\OUTLOOK.EXE

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Options\BrowserEmulationModeConfig

                
                HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Protocols\Mapi

                
                HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Protocols\Mapi\OutlookVersionLastIndexed

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\DefaultProfile

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\8503020000000000c000000000000046

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\8503020000000000c000000000000046\0102300b

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\13dbb0c8aa05101a9bb000aa002fc45a

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\0a0d020000000000c000000000000046

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\0a0d020000000000c000000000000046\000b0413

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\0a0d020000000000c000000000000046\000b0412

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\001f3d0a

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\001f3d13

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\101e3d0f

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\001f3d0b

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\00033009

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\001f3d09

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\001f3001

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\001f300a

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\001f3d13

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\00033e03

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\001f3006

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\01023d0c

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\001f3d09

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\001f3001

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\00033009

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2\01023d11

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\1f0c9b68f3d1f74f9fbcf32f572069d8\01023d01

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2\01023d01

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9207f3e0a3b11019908b08002b2a56c2\01023d0e

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\a508edb2cc4f434fa13bc860820ef026\01026601

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\0a0d020000000000c000000000000046\000b0340

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Setup

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Setup\UpdateProfiles

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\0a0d020000000000c000000000000046\00030429

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Diagnostics\BootDiagnosticsData\ProfileBeingOpened

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\0a0d020000000000c000000000000046\00030397

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\{ED475418-B0D6-11D2-8C3B-00104B2A6676}

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\LastChangeVer

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\{ED475419-B0D6-11D2-8C3B-00104B2A6676}

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\{ED475420-B0D6-11D2-8C3B-00104B2A6676}

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\CounterLock

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\NextAccountID

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\clsid

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Mini UID

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Service UID

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Service Name

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\MAPI Provider

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Account Name

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Preferences UID

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\b17d809605e8554093abe24c7fdc4083

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\b17d809605e8554093abe24c7fdc4083\001f3001

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\Version

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\5a835b5131048343a7e9c42aba1a2940

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Diagnostics\BootDiagnosticsData\CantBootResolution

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\RoamingConfigurableSettings

                
                
            

        

        

            

                
                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\MailSettings\ComposeFontSimple

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\MailSettings\ReplyFontSimple

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\MailSettings\TextFontSimple

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\MailSettings\ComposeFontComplex

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\MailSettings\ReplyFontComplex

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\MailSettings\TextFontComplex

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Include in Download

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Migration Flags

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Is Account Disabled

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\New Signature

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Reply-Forward Signature

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Delivery Store EntryID

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Delivery Folder EntryID

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Preferences UID

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Auth Identity UID

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Account UID

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Account Home Realm Discovery Identity

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\Identity Eid

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\XP Status

                
                HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001\XP Provider UID

                
                
            

        

        

            

                
            

        

        

            

                
            

        

        

            

                
                
                Global\ClickToRunPackageLocker

                
                Local\SM0:2160:168:WilStaging_02

                
                Local\_outlook_mutex_

                
                Local\_outlook_keepalive_

                
                Office16.B1E641B5-F92B-4B82-83B7-10DC868435E8

                
                Office.16.916BB0BF-2D21-4499-83C7-555DB4C3F8E8

                
                Local\10MU_ACBPIDS_S-1-5-5-0-203751

                
                Local\10MU_ACB10_S-1-5-5-0-203751

                
                Local\SessionImmersiveColorMutex

                
                Local\ZonesCacheCounterMutex

                
                Local\ZonesLockedCacheCounterMutex

                
                {540C3015-CFCF-4C7C-85E7-E18AD81E4A31}16ContentAnonymousInsights.json

                
                Global\552FFA80-3393-423d-8671-7BA046BB5906

                
                _ClassificationAuditCacheMutex_

                
                Local\OfficeSharedLocks_SharedHeap_Pages_00_S-1-5-21-932793227-1321892499-785312009-1001

                
                Local\OfficeSharedLocks_SharedHeap_BootMutex_00_S-1-5-21-932793227-1321892499-785312009-1001

                
                Local\SM0:2160:64:WilError_03

                
                Local\OLKCRPC.OBJ=SharedMemoryMutex_S-1-5-21-932793227-1321892499-785312009-1001

                
                Local\4F75746C6F6F6B1F0C9B68F3D1F74F9FBCF32F572069D8_S-1-5-21-932793227-1321892499-785312009-1001

                
                Local\4D4150494C6F676F6E0070B872C47FD7101B8BEA00AA0038C699_S-1-5-21-932793227-1321892499-785312009-1001

                
                Local\F99C425F-9135-43ed-BD7D-396DE488DC53_Office16

                
                Local\MSCTF.Asm.MutexDefault1

                
                CicLoadWinStaWinSta0

                
                Local\MSCTF.CtfMonitorInstMutexDefault1

                
                
            

        

        

            

                
            

        

        

            

                
            

        

        

            

                
                
No results

                
            

        

    






    

    

        
    
Sorry! No behavior.



    

    

        

    
    
Sorry! No tracee.

    


    

    

        
    
Sorry! No strace.



    

    

        

    
    
Sorry! No tracee.

    


    

    

        
    
    

        

    
        
No hosts contacted.

    




        



    
        
No TCP connections recorded.

    





        



    
        
No UDP connections recorded.

    




        

    
        
No domains contacted.

    




        
HTTP Requests


    
No HTTP(s) requests performed.




        
SMTP traffic



No SMTP traffic performed.




        
IRC traffic



No IRC requests performed.




        


No ICMP traffic performed.




        

    
CIF Results

    
        
No CIF Results

    




        

    
Suricata Alerts

    
        
No Suricata Alerts

    




        

    
Suricata TLS

    
        
No Suricata TLS

    




        

    
Suricata HTTP

    
        
No Suricata HTTP

    




        

    
Sorry! No Suricata Extracted files.




    


    

    

         



    
Sorry! No dropped files.



    

    
    

         


    
Sorry! No process dumps.