Technical Information
- '<SYSTEM32>\msiexec.exe' -Embedding 24A06EF1AA3857A4858117BA5377D0C1
- '<SYSTEM32>\msiexec.exe' /V
- '<SYSTEM32>\msiexec.exe' /i "%TEMP%\RarSFX0\vc_red.msi" /qb
- C:\eula.1033.txt
- C:\eula.3082.txt
- C:\eula.1036.txt
- C:\eula.1031.txt
- C:\install.res.1042.dll
- C:\eula.2052.txt
- C:\eula.1028.txt
- C:\install.exe
- C:\install.ini
- C:\VC_RED.MSI
- C:\globdata.ini
- C:\eula.1040.txt
- C:\eula.1041.txt
- C:\eula.1042.txt
- %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_x-ww_b8438ace\9.0.21022.8.cat
- %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_x-ww_6ad67377\9.0.21022.8.cat
- C:\install.res.2052.dll
- %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_x-ww_4ee8bb30\9.0.21022.8.cat
- %WINDIR%\WinSxS\Manifests\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a.cat
- %WINDIR%\WinSxS\Manifests\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1.cat
- %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_x-ww_9e7eb501\9.0.21022.8.cat
- C:\install.res.1036.dll
- C:\install.res.1040.dll
- C:\install.res.1041.dll
- C:\install.res.3082.dll
- C:\install.res.1028.dll
- C:\install.res.1031.dll
- C:\install.res.1033.dll
- %WINDIR%\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90.dll
- %WINDIR%\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90u.dll
- %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_x-ww_9e7eb501\9.0.21022.8.policy
- %WINDIR%\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90u.dll
- %WINDIR%\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90ita.dll
- %WINDIR%\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90jpn.dll
- %WINDIR%\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90kor.dll
- %WINDIR%\Installer\$PatchCache$\Managed\6F9E66FF7E38E3A3FA41D89E8A906A4A\9.0.21022\FL_msdia71_dll_2_60035_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8
- %WINDIR%\Installer\3f813.msi
- %TEMP%\~DFBCDF.tmp
- %WINDIR%\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
- %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_x-ww_4ee8bb30\9.0.21022.8.policy
- %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_x-ww_b8438ace\9.0.21022.8.policy
- %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_x-ww_6ad67377\9.0.21022.8.policy
- %WINDIR%\WinSxS\Manifests\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a.manifest
- %WINDIR%\WinSxS\Manifests\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1.manifest
- %WINDIR%\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90.dll
- %WINDIR%\WinSxS\Manifests\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a.manifest
- C:\vcredist.bmp
- C:\VC_RED.cab
- %WINDIR%\WinSxS\Manifests\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_312cf0e9.manifest
- %WINDIR%\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esn.dll
- %WINDIR%\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esp.dll
- %WINDIR%\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90fra.dll
- %WINDIR%\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90enu.dll
- %WINDIR%\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90chs.dll
- %WINDIR%\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90cht.dll
- %WINDIR%\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90deu.dll
- %WINDIR%\WinSxS\Manifests\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a.cat
- %TEMP%\RarSFX0\install.res.1042.dll
- %TEMP%\RarSFX0\install.res.2052.dll
- %TEMP%\RarSFX0\install.res.3082.dll
- %TEMP%\RarSFX0\install.res.1041.dll
- %TEMP%\RarSFX0\install.res.1033.dll
- %TEMP%\RarSFX0\install.res.1036.dll
- %TEMP%\RarSFX0\install.res.1040.dll
- %APPDATA%\Microsoft\CryptnetUrlCache\MetaData\7B2238AACCEDC3F1FFE8E7EB5F575EC9
- %APPDATA%\Microsoft\CryptnetUrlCache\Content\7B2238AACCEDC3F1FFE8E7EB5F575EC9
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_USER_NTUSER_S-1-5-18
- %WINDIR%\Installer\3f80d.msi
- %TEMP%\RarSFX0\vc_red.cab
- %TEMP%\RarSFX0\vc_red.msi
- %TEMP%\RarSFX0\vcredist.bmp
- %TEMP%\RarSFX0\eula.1040.txt
- %TEMP%\RarSFX0\eula.1041.txt
- %TEMP%\RarSFX0\eula.1042.txt
- %TEMP%\RarSFX0\eula.1036.txt
- %TEMP%\RarSFX0\eula.1028.txt
- %TEMP%\RarSFX0\eula.1031.txt
- %TEMP%\RarSFX0\eula.1033.txt
- %TEMP%\RarSFX0\install.ini
- %TEMP%\RarSFX0\install.res.1028.dll
- %TEMP%\RarSFX0\install.res.1031.dll
- %TEMP%\RarSFX0\install.exe
- %TEMP%\RarSFX0\eula.2052.txt
- %TEMP%\RarSFX0\eula.3082.txt
- %TEMP%\RarSFX0\globdata.ini
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\Repository\FS\MAPPING.VER
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\Repository\FS\MAPPING1.MAP
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\Repository\FS\MAPPING2.MAP
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\Repository\FS\INDEX.MAP
- %WINDIR%\Installer\3f80f.ipi
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\Repository\FS\INDEX.BTR
- %TEMP%\~DFE6AB.tmp
- C:\Config.Msi\3f810.rbs
- %WINDIR%\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_312cf0e9\atl90.dll
- %WINDIR%\WinSxS\Manifests\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_312cf0e9.cat
- %WINDIR%\Installer\MSI2.tmp
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\Repository\FS\OBJECTS.DATA
- %WINDIR%\Installer\MSI1.tmp
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\Repository\FS\OBJECTS.MAP
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_USER_NTUSER_S-1-5-21-2052111302-484763869-725345543-1003
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_USER_USRCLASS_S-1-5-21-2052111302-484763869-725345543-1003
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_USER_.DEFAULT
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_USER_USRCLASS_S-1-5-20
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_USER_NTUSER_S-1-5-19
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_USER_USRCLASS_S-1-5-19
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_USER_NTUSER_S-1-5-20
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\ComDb.Dat
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\domain.txt
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\Repository\$WinMgmt.CFG
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_MACHINE_SAM
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_MACHINE_SECURITY
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_MACHINE_SOFTWARE
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_MACHINE_SYSTEM
- %TEMP%\RarSFX0\install.res.1031.dll
- %TEMP%\RarSFX0\install.res.1033.dll
- %TEMP%\RarSFX0\install.res.1036.dll
- %TEMP%\RarSFX0\install.res.1028.dll
- %TEMP%\RarSFX0\globdata.ini
- %TEMP%\RarSFX0\install.exe
- %TEMP%\RarSFX0\install.ini
- %TEMP%\RarSFX0\install.res.1040.dll
- %TEMP%\RarSFX0\vcredist.bmp
- %TEMP%\RarSFX0\vc_red.cab
- %TEMP%\RarSFX0\vc_red.msi
- %TEMP%\RarSFX0\install.res.3082.dll
- %TEMP%\RarSFX0\install.res.1041.dll
- %TEMP%\RarSFX0\install.res.1042.dll
- %TEMP%\RarSFX0\install.res.2052.dll
- %TEMP%\RarSFX0\eula.3082.txt
- C:\Config.Msi\3f810.rbs
- %WINDIR%\Installer\3f80d.msi
- %WINDIR%\Installer\3f80f.ipi
- C:\Config.Msi\3f812.rbf
- %WINDIR%\Installer\MSI1.tmp
- %WINDIR%\Installer\MSI2.tmp
- C:\Config.Msi\3f811.rbf
- %TEMP%\RarSFX0\eula.1028.txt
- %TEMP%\RarSFX0\eula.1041.txt
- %TEMP%\RarSFX0\eula.1042.txt
- %TEMP%\RarSFX0\eula.2052.txt
- %TEMP%\RarSFX0\eula.1040.txt
- %TEMP%\RarSFX0\eula.1031.txt
- %TEMP%\RarSFX0\eula.1033.txt
- %TEMP%\RarSFX0\eula.1036.txt
- from %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_x-ww_b7353f75\9.0.21022.8.cat to C:\Config.Msi\3f812.rbf
- from %WINDIR%\WinSxS\Manifests\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375.cat to C:\Config.Msi\3f811.rbf
- '20#.#6.232.182':80
- 'wp#d':80
- http://crl.microsoft.com/pki/crl/products/CSPCA.crl via 20#.#6.232.182
- http://11#.#11.111.1/wpad.dat via wp#d
- DNS ASK crl.microsoft.com
- DNS ASK wp#d
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''