Support loading windows user registry hive directly from ntuser.dat file

[AdamVB]

Is your feature request related to a problem? Please describe. All the checks that rely on registry values being set under HKEY_USERS{SID} can effectively only work when a user is "logged in" e.g. their hive is "loaded" Once a user logs out all entries under HKEY_USERS{SID} are "unloaded" Some customers have windows systems where users aren't logged in during scan time, so all of these checks will not produce any results. If we could load the user hive from NTUSER.DAT on our own we can run the checks without having to rely on a user being logged in. Windows essentially loads C:\Users<username>\ntuser.dat on login too, so we'd be doing the same

Describe the solution you'd like Ideally this would extend the registry resource, maybe under a different property? Something that can load ntuser.dat for each user?

Describe alternatives you've considered There isn't really an alternative to this, other than having checks fail or return no result