Can SekChek analyse Registry keys and NTFS permissions?
Yes.
SekChek can report on values for System Registry keys and analyse DACLs (Discretionary Access Control Lists) and SACLs (System Access Control Lists) for files and directories.
You do this by defining the list of the Registry keys, and the names of the files and directories you want to analyse in file sekchek.inp. See SekChek for Windows Scan instructions for details.