'
metaflows logo
Category Started On Completed On Duration Cuckoo Version
FILE 2016-12-08 09:50:57.188725 2016-12-08 09:53:41.697574 164 seconds 2.0-dev
Machine Label Manager Started On Shutdown On
win7cuckoo2 win7 Clone 2 VirtualBox 2016-12-08 09:51:00 2016-12-08 09:53:40

File Details

File name f319b4adedfb1b758da936112e7d12b1f91f94b7.exe
File size 2587440 bytes
File type PE32 executable for MS Windows (GUI) Intel 80386 32-bit
CRC32 097F5246
MD5 87ef69e9f254391f306620974d906720
SHA1 f319b4adedfb1b758da936112e7d12b1f91f94b7
SHA256 1115e4c5e4b58305b74443a0f9bd31e7c2527e88740b33032687edef9768b1a5
SHA512 106f21ee39f223aa669628b31b093ecd4de38a5544f8581eb8d275cfa9f2f218137a1a6c00d2c83c76aec0249cebdc4d089981ddf55dd1d0b471d4eac69c4ecf
Ssdeep 49152:E82tv01g2Cbs8Vq3EHhDG04RkLrBmElygAEjWwW0UPf9thYv5po+BF:QBZ4RQrBmElyvaWwbUfhYvV
PEiD None matched
Yara None matched
VirusTotal File not found on VirusTotal

MetaFlows Scores

Metaflows Analysis Results (Signatures=75, Anomalies=0, PEiD=0, Yara=0, VT[1481190856]=0): Snort Events=0, AV Events=0
Total Score=75

Signatures

antivm_queries_computername details
has_pdb details
antisandbox_foregroundwindows details
has_wmi details
wmi_antivm details
antiav_detectfile details

Screenshots

No screenshots available.

Static Analysis

Version Infos

Sections

Resources

Imports

Strings

Dropped Files

7620fdeffe02072c_Language.db-journal

811b4931ff69d89b_updateserver.txt

4e8eb70568b16f30_2016.12.08_11.12.44.639375_adawareupdater_pid=6776.txt

90a4b42601f44527_language.db

d6b4dc535bfc1dc0_2016.12.08_11.12.07.843000_f319b4adedfb1b758da936112e7d12b1f91f94b7_pid=2608.txt

de572e3f6c04f24b_partner.xml

31d94440bedb20ca_Language.db-journal

Network Analysis

Hosts Involved

DNS Requests

HTTP Requests

Behavior Summary

File-Read
  • C:\ProgramData\Lavasoft\Ad-Aware 11\Options\Language.db
  • C:\ProgramData\Lavasoft\Ad-Aware 11\Options\Partner.xml
File-Written
  • C:\ProgramData\Lavasoft\Ad-Aware 11\Options\Language.db
  • C:\ProgramData\Lavasoft\Ad-Aware 11\Options\Language.db-journal
  • C:\ProgramData\Lavasoft\Ad-Aware 11\Logs\2016.12.08_11.12.44.639375_AdAwareUpdater_pid=6776.txt
  • C:\ProgramData\Lavasoft\Ad-Aware 11\Logs\2016.12.08_11.12.07.843000_f319b4adedfb1b758da936112e7d12b1f91f94b7_pid=2608.txt
  • C:\ProgramData\Lavasoft\Ad-Aware 11\Options\Partner.xml
  • C:\ProgramData\Lavasoft\Ad-Aware 11\Options\UpdateServer.txt
File-Deleted
  • C:\ProgramData\Lavasoft\Ad-Aware 11\Options\Language.db-journal
File-Opened
  • C:\ProgramData\Lavasoft\Ad-Aware 11\Options\Language.db
  • C:\ProgramData\Lavasoft\Ad-Aware 11\Options\Partner.xml
  • C:\ProgramData\Lavasoft\Ad-Aware 11\Logs\
  • C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\msoshext.dll
  • C:\Windows\Fonts\cour.ttf
  • C:\Windows\Fonts\STENCIL.TTF
  • C:\Windows\Fonts\palabi.ttf
  • C:\Windows\Fonts\taileb.ttf
  • C:\Windows\Fonts\HARNGTON.TTF
  • C:\Windows\Fonts\nyala.ttf
  • C:\Windows\Fonts\raavi.ttf
  • C:\Windows\Fonts\ELEPHNTI.TTF
  • C:\Windows\Fonts\timesi.ttf
  • C:\Windows\Fonts\gulim.ttc
  • C:\Windows\Fonts\LCALLIG.TTF
  • C:\Windows\Fonts\TCMI____.TTF
  • C:\Windows\Fonts\KUNSTLER.TTF
  • C:\Windows\Fonts\malgunbd.ttf
  • C:\Windows\Fonts\dokchamp.ttf
  • C:\Windows\Fonts\CURLZ___.TTF
  • C:\Windows\Fonts\kartikab.ttf
  • C:\Windows\Fonts\kokilab.ttf
  • C:\Windows\Fonts\FRAHV.TTF
  • C:\Windows\Fonts\calibril.ttf
  • C:\Windows\Fonts\cordiab.ttf
  • C:\Windows\Fonts\gautamib.ttf
  • C:\Windows\Fonts\euphemia.ttf
  • C:\Windows\Fonts\georgiai.ttf
  • C:\Windows\Globalization\Sorting\sortdefault.nls
  • C:\Windows\Fonts\mingliub.ttc
  • C:\Windows\Fonts\BOOKOSB.TTF
  • C:\Windows\Fonts\ONYX.TTF
  • C:\Windows\Fonts\BASKVILL.TTF
  • C:\Windows\Fonts\LTYPEO.TTF
  • C:\Windows\Fonts\himalaya.ttf
  • C:\Windows\Fonts\cordia.ttf
  • C:\Windows\Fonts\ebrima.ttf
  • C:\Windows\Fonts\upckbi.ttf
  • C:\Windows\Fonts\angsai.ttf
  • C:\Windows\Fonts\upcfb.ttf
  • C:\Windows\Fonts\msjh.ttf
  • C:\Windows\Fonts\majalla.ttf
  • C:\Windows\Fonts\tunga.ttf
  • C:\Windows\Fonts\GOTHIC.TTF
  • C:\Windows\Fonts\cambriaz.ttf
  • C:\Windows\Fonts\VINERITC.TTF
  • C:\Windows\Fonts\upcibi.ttf
  • C:\Windows\Fonts\mvboli.ttf
  • C:\Windows\Fonts\lvnmbd.ttf
  • C:\Windows\Fonts\LTYPEB.TTF
  • C:\Windows\Fonts\timesbd.ttf
  • C:\Windows\Fonts\HTOWERTI.TTF
  • C:\Windows\Fonts\LSANS.TTF
  • C:\Windows\Fonts\ITCKRIST.TTF
  • C:\Windows\Fonts\marlett.ttf
  • C:\Windows\Fonts\gishabd.ttf
  • C:\Windows\Fonts\FRABK.TTF
  • C:\Windows\Fonts\upcll.ttf
  • C:\Windows\Fonts\upcfbi.ttf
  • C:\Windows\Fonts\ARLRDBD.TTF
  • C:\Windows\Fonts\vrindab.ttf
  • C:\Windows\Fonts\kalingab.ttf
  • C:\Windows\Fonts\calibrii.ttf
  • C:\Windows\Fonts\framdit.ttf
  • C:\Windows\Fonts\FTLTLT.TTF
  • C:\Windows\Fonts\kaiu.ttf
  • C:\Windows\Fonts\msyhbd.ttf
  • C:\Windows\Fonts\trebucbi.ttf
  • C:\Windows\Fonts\GOUDOSB.TTF
  • C:\Windows\Fonts\MSUIGHUB.TTF
  • C:\Windows\Fonts\JOKERMAN.TTF
  • C:\Windows\Fonts\constanb.ttf
  • C:\Windows\Fonts\TEMPSITC.TTF
  • C:\Windows\Fonts\WINGDNG2.TTF
  • C:\Windows\Fonts\BRITANIC.TTF
  • C:\Windows\Fonts\GADUGI.TTF
  • C:\Windows\Fonts\coure.fon
  • C:\Windows\Fonts\BOD_BLAI.TTF
  • C:\Windows\Fonts\calibriz.ttf
  • C:\Windows\Fonts\upcjbi.ttf
  • C:\Windows\Fonts\sserife.fon
  • C:\Windows\Fonts\BKANT.TTF
  • C:\Windows\Fonts\GIGI.TTF
  • C:\Windows\Fonts\constanz.ttf
  • C:\Windows\Fonts\FRADMCN.TTF
  • C:\Windows\Fonts\ANTQUABI.TTF
  • C:\Windows\Fonts\taile.ttf
  • C:\Windows\Fonts\SCHLBKBI.TTF
  • C:\Windows\Fonts\BERNHC.TTF
  • C:\Windows\Fonts\ROCKBI.TTF
  • C:\Users\Harry Dresden\AppData\Local\GDIPFONTCACHEV1.DAT
  • C:\Windows\Fonts\LFAXD.TTF
  • C:\Windows\Fonts\CHILLER.TTF
  • C:\Windows\Fonts\framd.ttf
  • C:\Windows\Fonts\LSANSI.TTF
  • C:\Windows\Fonts\FELIXTI.TTF
  • C:\Windows\Fonts\browab.ttf
  • C:\Windows\Fonts\VLADIMIR.TTF
  • C:\Windows\Fonts\impact.ttf
  • C:\Windows\Fonts\malgun.ttf
  • C:\Windows\Fonts\BROADW.TTF
  • C:\Windows\Fonts\COLONNA.TTF
  • C:\Windows\Fonts\GILB____.TTF
  • C:\Windows\Fonts\wingding.ttf
  • C:\Windows\Fonts\CALISTI.TTF
  • C:\Windows\Fonts\mangalb.ttf
  • C:\Windows\Fonts\kartika.ttf
  • C:\Windows\Fonts\modern.fon
  • C:\Windows\Fonts\CALISTBI.TTF
  • C:\Windows\Fonts\l_10646.ttf
  • C:\Windows\Fonts\upckl.ttf
  • C:\Windows\Fonts\SEGOEUISL.TTF
  • C:\Windows\Fonts\ANTQUAI.TTF
  • C:\Windows\Fonts\BRLNSDB.TTF
  • C:\Windows\Fonts\georgiaz.ttf
  • C:\Windows\Fonts\segoepr.ttf
  • C:\Windows\Fonts\micross.ttf
  • C:\Windows\Fonts\WINGDNG3.TTF
  • C:\Windows\Fonts\kokilabi.ttf
  • C:\Windows\Fonts\GILBI___.TTF
  • C:\Windows\Fonts\PALSCRI.TTF
  • C:\Windows\Fonts\segoeprb.ttf
  • C:\Windows\Fonts\upcfl.ttf
  • C:\Windows\Fonts\verdanai.ttf
  • C:\Windows\Fonts\simsun.ttc
  • C:\Windows\Fonts\cordiaz.ttf
  • C:\Windows\Fonts\simkai.ttf
  • C:\Windows\Fonts\simfang.ttf
  • C:\Windows\Fonts\utsaah.ttf
  • C:\Windows\Fonts\upcil.ttf
  • C:\Windows\Fonts\PAPYRUS.TTF
  • C:\Windows\Fonts\shrutib.ttf
  • C:\Windows\Fonts\BSSYM7.TTF
  • C:\Windows\Fonts\consolai.ttf
  • C:\Windows\Fonts\serife.fon
  • C:\Windows\Fonts\HATTEN.TTF
  • C:\Windows\Fonts\seguisb.ttf
  • C:\Windows\Fonts\tradbdo.ttf
  • C:\Windows\Fonts\kokilai.ttf
  • C:\Windows\Fonts\segoesc.ttf
  • C:\Windows\Fonts\BRLNSR.TTF
  • C:\Windows\Fonts\mangal.ttf
  • C:\Windows\Fonts\mingliu.ttc
  • C:\Windows\Fonts\leelawdb.ttf
  • C:\Windows\Fonts\constani.ttf
  • C:\Windows\Fonts\upcel.ttf
  • C:\Windows\Fonts\cambria.ttc
  • C:\Windows\Fonts\ANTQUAB.TTF
  • C:\Windows\Fonts\BOD_R.TTF
  • C:\Windows\Fonts\MATURASC.TTF
  • C:\Windows\Fonts\GLSNECB.TTF
  • C:\Windows\Fonts\BRUSHSCI.TTF
  • C:\Windows\Fonts\latha.ttf
  • C:\Windows\Fonts\browaui.ttf
  • C:\Windows\Fonts\monbaiti.ttf
  • C:\Windows\Fonts\Candarab.ttf
  • C:\Windows\Fonts\COOPBL.TTF
  • C:\Windows\Fonts\ariblk.ttf
  • C:\Windows\Fonts\corbel.ttf
  • C:\Windows\Fonts\GLECB.TTF
  • C:\Windows\Fonts\gautami.ttf
  • C:\Windows\Fonts\NIAGSOL.TTF
  • C:\Windows\Fonts\msyi.ttf
  • C:\Windows\Fonts\calibrib.ttf
  • C:\Windows\Fonts\lvnm.ttf
  • C:\Windows\Fonts\nrkis.ttf
  • C:\Windows\Fonts\upclb.ttf
  • C:\Windows\Fonts\phagspab.ttf
  • C:\Windows\Fonts\upcib.ttf
  • C:\Windows\Fonts\browauz.ttf
  • C:\Windows\Fonts\JUICE___.TTF
  • C:\Windows\Fonts\LBRITEI.TTF
  • C:\Windows\Fonts\angsa.ttf
  • C:\Windows\Fonts\BRADHITC.TTF
  • C:\Windows\Fonts\angsab.ttf
  • C:\Windows\Fonts\ARIALN.TTF
  • C:\Windows\Fonts\segoeuib.ttf
  • C:\Windows\Fonts\GILLUBCD.TTF
  • C:\Windows\Fonts\Candaraz.ttf
  • C:\Windows\Fonts\BOD_CBI.TTF
  • C:\Windows\Fonts\LFAX.TTF
  • C:\Windows\Fonts\daunpenh.ttf
  • C:\Windows\Fonts\Vani.ttf
  • C:\Windows\Fonts\angsau.ttf
  • C:\Windows\Fonts\msuighur.ttf
  • C:\Windows\Fonts\BOD_CI.TTF
  • C:\Windows\Fonts\courbd.ttf
  • C:\Windows\Fonts\timesbi.ttf
  • C:\Windows\Fonts\upcdb.ttf
  • C:\Windows\Fonts\aparajb.ttf
  • C:\Windows\Fonts\TCM_____.TTF
  • C:\Windows\Fonts\SNAP____.TTF
  • C:\Windows\Fonts\BOOKOSI.TTF
  • C:\Windows\Fonts\ROCKB.TTF
  • C:\Windows\Fonts\CALIBRILI.TTF
  • C:\Windows\Fonts\CALIFB.TTF
  • C:\Windows\Fonts\TCCEB.TTF
  • C:\Windows\Fonts\REFSAN.TTF
  • C:\Windows\Fonts\GARABD.TTF
  • C:\Windows\Fonts\GADUGIB.TTF
  • C:\Windows\Fonts\upcii.ttf
  • C:\Windows\Fonts\batang.ttc
  • C:\Windows\Fonts\MOD20.TTF
  • C:\Windows\Fonts\LTYPE.TTF
  • C:\Windows\Fonts\ERASLGHT.TTF
  • C:\Windows\Fonts\arialbi.ttf
  • C:\Windows\Fonts\browa.ttf
  • C:\Windows\Fonts\ROCCB___.TTF
  • C:\Windows\Fonts\cambriai.ttf
  • C:\Windows\Fonts\CALIFR.TTF
  • C:\Windows\Fonts\upcdbi.ttf
  • C:\Windows\Fonts\ebrimabd.ttf
  • C:\Windows\Fonts\utsaahbi.ttf
  • C:\Windows\Fonts\vijayab.ttf
  • C:\Windows\Fonts\Gabriola.ttf
  • C:\Windows\Fonts\PRISTINA.TTF
  • C:\Windows\Fonts\GILSANUB.TTF
  • C:\Windows\Fonts\TCB_____.TTF
  • C:\Windows\Fonts\BOD_CB.TTF
  • C:\Windows\Fonts\ENGR.TTF
  • C:\Windows\Fonts\Candarai.ttf
  • C:\Windows\Fonts\angsauz.ttf
  • C:\Windows\Fonts\SHOWG.TTF
  • C:\Windows\Fonts\trebucbd.ttf
  • C:\Windows\Fonts\couri.ttf
  • C:\Windows\Fonts\cordiauz.ttf
  • C:\Windows\Fonts\verdanaz.ttf
  • C:\Windows\Fonts\kalinga.ttf
  • C:\Windows\Fonts\aparaj.ttf
  • C:\Windows\Fonts\sylfaen.ttf
  • C:\Windows\Fonts\segoeuii.ttf
  • C:\Windows\Fonts\COPRGTL.TTF
  • C:\Windows\Fonts\PER_____.TTF
  • C:\Windows\Fonts\cordiai.ttf
  • C:\Windows\Fonts\utsaahb.ttf
  • C:\Windows\Fonts\simpbdo.ttf
  • C:\Windows\Fonts\tungab.ttf
  • C:\Windows\Fonts\mriam.ttf
  • C:\Windows\Fonts\GILI____.TTF
  • C:\Windows\Fonts\majallab.ttf
  • C:\Windows\Fonts\comicbd.ttf
  • C:\Windows\Fonts\RAGE.TTF
  • C:\Windows\Fonts\iskpota.ttf
  • C:\Windows\Fonts\PERBI___.TTF
  • C:\Windows\Fonts\Shonar.ttf
  • C:\Windows\Fonts\LATINWD.TTF
  • C:\Windows\Fonts\segoeuil.ttf
  • C:\Windows\Fonts\LFAXDI.TTF
  • C:\Windows\Fonts\mriamc.ttf
  • C:\Windows\Fonts\simhei.ttf
  • C:\Windows\Fonts\browai.ttf
  • C:\Windows\Fonts\corbelz.ttf
  • C:\Windows\Fonts\FORTE.TTF
  • C:\Windows\Fonts\BOD_B.TTF
  • C:\Windows\Fonts\upcji.ttf
  • C:\Windows\Fonts\arialbd.ttf
  • C:\Windows\Fonts\FRAHVIT.TTF
  • C:\Windows\Fonts\comic.ttf
  • C:\Windows\Fonts\shruti.ttf
  • C:\Windows\Fonts\FRSCRIPT.TTF
  • C:\Windows\Fonts\MISTRAL.TTF
  • C:\Windows\Fonts\trado.ttf
  • C:\Windows\Fonts\FRABKIT.TTF
  • C:\Windows\System32\msimsg.dll
  • C:\Windows\Fonts\upcjl.ttf
  • C:\Windows\Fonts\CASTELAR.TTF
  • C:\Windows\Fonts\BELL.TTF
  • C:\Windows\Fonts\BAUHS93.TTF
  • C:\Windows\Fonts\LBRITED.TTF
  • C:\Windows\Fonts\CALISTB.TTF
  • C:\Windows\Fonts\raavib.ttf
  • C:\Windows\Fonts\meiryob.ttc
  • C:\Windows\Fonts\BRLNSB.TTF
  • C:\Windows\Fonts\davidbd.ttf
  • C:\Windows\Fonts\ntailu.ttf
  • C:\Windows\Fonts\FRAMDCN.TTF
  • C:\Windows\Fonts\msmincho.ttc
  • C:\Windows\Fonts\HTOWERT.TTF
  • C:\Windows\Fonts\ROCKI.TTF
  • C:\Windows\Fonts\Vanib.ttf
  • C:\Windows\Fonts\trebuc.ttf
  • C:\Windows\Fonts\corbeli.ttf
  • C:\Windows\Fonts\MTEXTRA.TTF
  • C:\Windows\Fonts\consolab.ttf
  • C:\Windows\Fonts\estre.ttf
  • C:\Windows\Fonts\angsaz.ttf
  • C:\Windows\Fonts\AGENCYB.TTF
  • C:\Windows\Fonts\IMPRISHA.TTF
  • C:\Windows\Fonts\SCRIPTBL.TTF
  • C:\Windows\Fonts\FRADMIT.TTF
  • C:\Windows\Fonts\GOTHICB.TTF
  • C:\Windows\Fonts\georgia.ttf
  • C:\Windows\Fonts\HARLOWSI.TTF
  • C:\Windows\Fonts\ELEPHNT.TTF
  • C:\Windows\Fonts\courbi.ttf
  • C:\Windows\Fonts\corbelb.ttf
  • C:\Windows\Fonts\OCRAEXT.TTF
  • C:\Windows\Fonts\georgiab.ttf
  • C:\Windows\Fonts\palai.ttf
  • C:\Windows\Fonts\BELLI.TTF
  • C:\Windows\Fonts\ERASBD.TTF
  • C:\Windows\Fonts\angsaub.ttf
  • C:\Windows\Fonts\upckb.ttf
  • C:\Windows\Fonts\LaoUIb.ttf
  • C:\Windows\Fonts\aparajbi.ttf
  • C:\Windows\Fonts\FRADM.TTF
  • C:\Windows\Fonts\RAVIE.TTF
  • C:\Windows\Fonts\tahomabd.ttf
  • C:\Windows\Fonts\BOD_I.TTF
  • C:\Windows\Fonts\Shonarb.ttf
  • C:\Windows\Fonts\webdings.ttf
  • C:\Windows\Fonts\consola.ttf
  • C:\Windows\Fonts\browau.ttf
  • C:\Windows\Fonts\NIAGENG.TTF
  • C:\Windows\Fonts\msjhbd.ttf
  • C:\Windows\Fonts\upclbi.ttf
  • C:\Windows\Fonts\andlso.ttf
  • C:\Windows\Fonts\segoeuiz.ttf
  • C:\Windows\Fonts\INFROMAN.TTF
  • C:\Windows\Fonts\smalle.fon
  • C:\Windows\Fonts\kokila.ttf
  • C:\Windows\Fonts\verdana.ttf
  • C:\Windows\Fonts\script.fon
  • C:\Windows\Fonts\ROCK.TTF
  • C:\Windows\Fonts\ARIALNBI.TTF
  • C:\Windows\Fonts\ntailub.ttf
  • C:\Windows\Fonts\GOUDOSI.TTF
  • C:\Windows\Fonts\segoeui.ttf
  • C:\Windows\Fonts\BOD_BI.TTF
  • C:\Windows\Fonts\symbol.ttf
  • C:\Windows\Fonts\upcdi.ttf
  • C:\Windows\Fonts\browaub.ttf
  • C:\Windows\Fonts\aparaji.ttf
  • C:\Windows\Fonts\VIVALDII.TTF
  • C:\Windows\Fonts\BOOKOS.TTF
  • C:\Windows\Fonts\palab.ttf
  • C:\Windows\Fonts\gisha.ttf
  • C:\Windows\Fonts\msyh.ttf
  • C:\Windows\Fonts\arial.ttf
  • C:\Windows\Fonts\tahoma.ttf
  • C:\Windows\Fonts\MAGNETOB.TTF
  • C:\Windows\Fonts\TCCM____.TTF
  • C:\Windows\Fonts\SCHLBKB.TTF
  • C:\Windows\Fonts\frank.ttf
  • C:\Windows\Fonts\LFAXI.TTF
  • C:\Windows\Fonts\simsunb.ttf
  • C:\Windows\Fonts\upcli.ttf
  • C:\Windows\Fonts\ahronbd.ttf
  • C:\Windows\Fonts\verdanab.ttf
  • C:\Windows\Fonts\simpo.ttf
  • C:\Windows\Fonts\GARAIT.TTF
  • C:\Windows\Fonts\PLAYBILL.TTF
  • C:\Windows\Fonts\GARA.TTF
  • C:\Windows\Fonts\CALIFI.TTF
  • C:\Windows\Fonts\LaoUI.ttf
  • C:\Windows\Fonts\upcjb.ttf
  • C:\Windows\Fonts\REFSPCL.TTF
  • C:\Windows\Fonts\NIRMALA.TTF
  • C:\Windows\Fonts\PARCHM.TTF
  • C:\Windows\Fonts\upceb.ttf
  • C:\Windows\Fonts\POORICH.TTF
  • C:\Windows\Fonts\BOD_CR.TTF
  • C:\Windows\Fonts\GOTHICBI.TTF
  • C:\Windows\Fonts\LSANSDI.TTF
  • C:\Windows\Fonts\cambriab.ttf
  • C:\Windows\Fonts\ROCKEB.TTF
  • C:\Windows\Fonts\ERASDEMI.TTF
  • C:\Windows\Fonts\vijaya.ttf
  • C:\Windows\Fonts\LBRITE.TTF
  • C:\Windows\Fonts\AGENCYR.TTF
  • C:\Windows\Fonts\ALGER.TTF
  • C:\Windows\Fonts\ariali.ttf
  • C:\Windows\Fonts\BOD_BLAR.TTF
  • C:\Windows\Fonts\COPRGTB.TTF
  • C:\Windows\Fonts\ITCEDSCR.TTF
  • C:\Windows\Fonts\SCHLBKI.TTF
  • C:\Windows\Fonts\browaz.ttf
  • C:\Windows\Fonts\GOUDYSTO.TTF
  • C:\Windows\Fonts\moolbor.ttf
  • C:\Windows\Fonts\KhmerUIb.ttf
  • C:\Windows\Fonts\CENSCBK.TTF
  • C:\Windows\Fonts\meiryo.ttc
  • C:\Windows\Fonts\LTYPEBO.TTF
  • C:\Windows\Fonts\constan.ttf
  • C:\Windows\Fonts\msgothic.ttc
  • C:\Windows\Fonts\simpfxo.ttf
  • C:\Windows\Fonts\ERASMD.TTF
  • C:\Windows\Fonts\upcebi.ttf
  • C:\Windows\Fonts\pala.ttf
  • C:\Windows\Fonts\ROCC____.TTF
  • C:\Windows\Fonts\MTCORSVA.TTF
  • C:\Windows\Fonts\PERI____.TTF
  • C:\Windows\Fonts\OUTLOOK.TTF
  • C:\Windows\Fonts\upcfi.ttf
  • C:\Windows\Fonts\ARIALNI.TTF
  • C:\Windows\Fonts\rod.ttf
  • C:\Windows\Fonts\PERTILI.TTF
  • C:\Windows\Fonts\calibri.ttf
  • C:\Windows\Fonts\trebucit.ttf
  • C:\Windows\Fonts\GILC____.TTF
  • C:\Windows\Fonts\GOUDOS.TTF
  • C:\Windows\Fonts\lucon.ttf
  • C:\Windows\Fonts\CENTURY.TTF
  • C:\Windows\Fonts\LHANDW.TTF
  • C:\Windows\Fonts\GIL_____.TTF
  • C:\Windows\Fonts\OLDENGL.TTF
  • C:\Windows\Fonts\arabtype.ttf
  • C:\Windows\Fonts\vrinda.ttf
  • C:\Windows\Fonts\ARIALNB.TTF
  • C:\Windows\Fonts\segoescb.ttf
  • C:\Windows\Fonts\CENTAUR.TTF
  • C:\Windows\Fonts\iskpotab.ttf
  • C:\Windows\Fonts\Candara.ttf
  • C:\Windows\Fonts\utsaahi.ttf
  • C:\Windows\Fonts\NIRMALAB.TTF
  • C:\Windows\Fonts\BELLB.TTF
  • C:\Windows\Fonts\leelawad.ttf
  • C:\Windows\Fonts\seguisym.ttf
  • C:\Windows\Fonts\times.ttf
  • C:\Windows\Fonts\FREESCPT.TTF
  • C:\Windows\Fonts\lathab.ttf
  • C:\Windows\Fonts\smallf.fon
  • C:\Windows\Fonts\roman.fon
  • C:\Windows\Fonts\upcdl.ttf
  • C:\Windows\Fonts\TCBI____.TTF
  • C:\Windows\Fonts\LSANSD.TTF
  • C:\Windows\Fonts\cordiaui.ttf
  • C:\Windows\Fonts\phagspa.ttf
  • C:\Windows\Fonts\ITCBLKAD.TTF
  • C:\Windows\Fonts\PERTIBD.TTF
  • C:\Windows\Fonts\consolaz.ttf
  • C:\Windows\Fonts\upcei.ttf
  • C:\Windows\Fonts\LBRITEDI.TTF
  • C:\Windows\Fonts\GOTHICI.TTF
  • C:\Windows\Fonts\MAIAN.TTF
  • C:\Windows\Fonts\TCCB____.TTF
  • C:\Windows\Fonts\cordiau.ttf
  • C:\Windows\Fonts\upcki.ttf
  • C:\Windows\Fonts\angsaui.ttf
  • C:\Windows\Fonts\david.ttf
  • C:\Windows\Fonts\KhmerUI.ttf
  • C:\Windows\Fonts\BOOKOSBI.TTF
  • C:\Windows\Fonts\plantc.ttf
  • C:\Windows\Fonts\PERB____.TTF
  • C:\Windows\Fonts\cordiaub.ttf
  • C:\Windows\Fonts\BOD_PSTC.TTF
  • C:\Windows\Fonts\CALIST.TTF
Network-Connects IP
  • 72.55.154.4
Directory-Created
  • C:\ProgramData\Lavasoft\Ad-Aware 11\Logs
  • C:\ProgramData\Lavasoft\Ad-Aware 11
  • C:\ProgramData\Lavasoft
  • C:\ProgramData\Lavasoft\Ad-Aware 11\Options
Directory-Enumerated
  • C:\ProgramData\Lavasoft\Ad-Aware 11\Logs\*
Registry Key-Opened
  • HKEY_LOCAL_MACHINE\Software\Microsoft\WBEM\CIMOM
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem
  • HKEY_CURRENT_USER\CLSID\{000C103E-0000-0000-C000-000000000046}
  • HKEY_LOCAL_MACHINE\Software\Classes\Installer\Products\F60730A4A66673047777F5728467D401
  • HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\68AB67CA7DA73301B744BA0000000010
  • HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\99E80CA9B0328e74791254777B1F42AE
  • HKEY_CURRENT_USER\Interface\{000C101D-0000-0000-C000-000000000046}
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-3416602863-1947377224-293699093-1003\Installer\Products\00006109C80000000000000000F01FEC
  • HKEY_CURRENT_USER\Interface\{000C101C-0000-0000-C000-000000000046}
  • HKEY_LOCAL_MACHINE\Software\Classes\Installer\Products\99E80CA9B0328e74791254777B1F42AE
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-3416602863-1947377224-293699093-1003\Installer\Products\00006109C80090400000000000F01FEC
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts
  • HKEY_CURRENT_USER\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD}
  • HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware Antivirus\11
  • HKEY_LOCAL_MACHINE\Software\Classes\Installer\Products\96F071321C0420729002000010000000
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-3416602863-1947377224-293699093-1003\Installer\Products\F60730A4A66673047777F5728467D401
  • HKEY_CURRENT_USER\Software\Microsoft\GDIPlus
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-3416602863-1947377224-293699093-1003\Installer\Products\91915B2EA702BE34EA8737F3C976792C
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\Compatibility\f319b4adedfb1b758da936112e7d12b1f91f94b7.exe
  • HKEY_LOCAL_MACHINE\Software\Classes\Installer\Products\1D5E3C0FEDA1E123187686FED06E995A
  • HKEY_LOCAL_MACHINE\Software\Microsoft\CTF\TIP\{0000897b-83df-4b96-be07-0fb58b01c4a4}\LanguageProfile\0x00000000\{0001bea3-ed56-483d-a2e2-aeae25577436}
  • HKEY_LOCAL_MACHINE\Software\Classes\Installer\Products\00006109C80090400000000000F01FEC
  • HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\D7314F9862C648A4DB8BE2A5B47BE100
  • HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\1D5E3C0FEDA1E123187686FED06E995A
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{000C101C-0000-0000-C000-000000000046}\ProxyStubClsid32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\KnownClasses
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\49659C96BBEE0774293B90BF35A1FFED\InstallProperties
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-3416602863-1947377224-293699093-1003\Installer\Products\68AB67CA7DA73301B744BA0000000010
  • HKEY_LOCAL_MACHINE\Software\Classes\Installer\Products\6414876250E69FF3395387C6C7F05BEB
  • HKEY_CURRENT_USER\Control Panel\Desktop
  • HKEY_LOCAL_MACHINE\Software\Classes\Installer\Products\D7314F9862C648A4DB8BE2A5B47BE100
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{423EC01E-2E35-11D2-B604-00104B703EFD}\ProxyStubClsid32
  • HKEY_LOCAL_MACHINE\Software\Classes\Installer\Products\00006109C80000000000000000F01FEC
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-3416602863-1947377224-293699093-1003\Installer\Products\1D5E3C0FEDA1E123187686FED06E995A
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\CTF\
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\App Paths\f319b4adedfb1b758da936112e7d12b1f91f94b7.exe
  • HKEY_LOCAL_MACHINE\Software\Classes\Installer\Products\68AB67CA7DA73301B744BA0000000010
  • HKEY_CLASSES_ROOT\CLSID\{000C101D-0000-0000-C000-000000000046}\DllVersion
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD}\ProxyStubClsid32
  • HKEY_LOCAL_MACHINE\Software\Classes\Installer\Products\91915B2EA702BE34EA8737F3C976792C
  • HKEY_CLASSES_ROOT\CLSID\{FAE3D380-FEA4-4623-8C75-C6B61110B681}\Instance\Disabled
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{000C103E-0000-0000-C000-000000000046}\Progid
  • HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\00006109C80090400000000000F01FEC
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-3416602863-1947377224-293699093-1003\Installer\Products
  • HKEY_CURRENT_USER\Interface\{1C1C45EE-4395-11D2-B60B-00104B703EFD}
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\f319b4adedfb1b758da936112e7d12b1f91f94b7.exe
  • HKEY_LOCAL_MACHINE\Software\Classes\Installer\Products\49659C96BBEE0774293B90BF35A1FFED
  • HKEY_CURRENT_USER\Software\Microsoft\Installer\Products
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-3416602863-1947377224-293699093-1003\Installer\Products\6414876250E69FF3395387C6C7F05BEB
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{000C101D-0000-0000-C000-000000000046}\ProxyStubClsid32
  • HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\49659C96BBEE0774293B90BF35A1FFED
  • HKEY_LOCAL_MACHINE\Software\Classes\Installer\Products
  • HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\F60730A4A66673047777F5728467D401
  • HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\6414876250E69FF3395387C6C7F05BEB
  • HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\00006109C80000000000000000F01FEC
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{000C103E-0000-0000-C000-000000000046}\InprocHandler
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-3416602863-1947377224-293699093-1003\Installer\Products\99E80CA9B0328e74791254777B1F42AE
  • HKEY_CLASSES_ROOT\CLSID\{FAE3D380-FEA4-4623-8C75-C6B61110B681}\Instance
  • HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\91915B2EA702BE34EA8737F3C976792C
  • HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\96F071321C0420729002000010000000
  • HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Installer
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-3416602863-1947377224-293699093-1003\Installer\Products\00006109F80000000100000000F01FEC
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{000C103E-0000-0000-C000-000000000046}\InprocServer32
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{000C103E-0000-0000-C000-000000000046}\Progid
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{000C103E-0000-0000-C000-000000000046}\InprocHandler32
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-3416602863-1947377224-293699093-1003\Installer\Products\96F071321C0420729002000010000000
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-3416602863-1947377224-293699093-1003\Installer\Products\4EA42A62D9304AC4784BF230120776FF
  • HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{000C103E-0000-0000-C000-000000000046}\TreatAs
  • HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\4EA42A62D9304AC4784BF230120776FF
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-3416602863-1947377224-293699093-1003\Installer\Products\D7314F9862C648A4DB8BE2A5B47BE100
  • HKEY_LOCAL_MACHINE\Software\Classes\Installer\Products\00006109F80000000100000000F01FEC
  • HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\00006109F80000000100000000F01FEC
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-3416602863-1947377224-293699093-1003\Installer\Products\49659C96BBEE0774293B90BF35A1FFED
  • HKEY_LOCAL_MACHINE\Software\Classes\Installer\Products\4EA42A62D9304AC4784BF230120776FF
Registry Key-Read
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\ca
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\de-AT
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\00000404
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\de-CH
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\ar-YE
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\de-LI
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\sv-FI
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\nso-ZA
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\en-029
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\cs
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\00000401
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\00000501
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\cy
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\(Default)
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\es-CR
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\es-SV
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\af-ZA
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\sr-Cyrl
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\br
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\bs
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\hr-BA
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\sk-SK
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\dv-MV
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\bn
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\bo
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\es-NI
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\uz-Cyrl-UZ
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\sr-Latn-ME
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\ba
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\bg
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\af-ZA
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\be
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\ps
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\pt
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\ar-SA
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\gu-IN
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\bg-BG
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\lb-LU
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Domain
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\pa
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\am-ET
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\co
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\zh-Hans
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\sms
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\uz-Cyrl-UZ
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\pl
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\ar-SY
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\00000419
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\yo
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\iu-Latn
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\nn
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\kn-IN
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\uz-Cyrl
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\km-KH
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\es-HN
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\sr-Latn-CS
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\sw-KE
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\smn-FI
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\tr-TR
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\arn-CL
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\es-UY
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\zu
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\00000416
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\0000044A
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\ta
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\uz-Latn-UZ
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\sw-KE
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\te
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\tg
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\th
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\wo
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\tk
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\ur-PK
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\es-AR
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\mn-MN
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\tr
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\tt
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\00000412
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\0000047C
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\0000047A
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\co-FR
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\0000047E
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\00001C3B
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\rw-RW
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\nl-NL
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\prs-AF
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\0000203B
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\0000201A
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\smn
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\sma
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\iu-Latn
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\sma-SE
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\0000440A
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\hr-HR
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\es-PY
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\fil
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\bs-Cyrl
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\00000845
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\tn-ZA
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\00000843
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\ar-JO
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\en-NZ
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Tcpip\Parameters\Hostname
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\is-IS
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\bn-IN
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\mt-MT
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\sv-FI
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\00000478
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\sv-SE
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\en-GB
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\es-ES_tradnl
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\00000470
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\vi-VN
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\ru-RU
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\en-PH
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\es-AR
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\00000C0A
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\qps-ploc
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\si-LK
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\ps-AF
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\0000046A
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\no
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\nl
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\0000280A
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\zh-CN
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Language Groups\11
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Language Groups\10
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\ne
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\nb
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\iu
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\oc
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\ar-AE
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\00002401
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\et-EE
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\pl
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\nn-NO
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\kl-GL
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\qps-plocm
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\es-NI
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\qps-ploca
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\mn-Mong
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\bo-CN
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\or
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\0000080C
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\bg-BG
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\lt
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\gu-IN
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\ha-Latn-NG
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\el-GR
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\lv
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\sma-NO
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\syr-SY
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\0000082C
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\de-LU
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\en-BZ
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\bs-Latn
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\smj-NO
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\ar-OM
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\da-DK
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\de-LI
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\gsw
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\th-TH
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\es
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\arn
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\fy
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\si-LK
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\eu
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\et
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\fr
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\or-IN
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\0000241A
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\fr-BE
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\fi
  • HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\00002801