Technical Information
- %TEMP%\RGI7.tmp
- %TEMP%\RGI6.tmp
- %TEMP%\RGI8.tmp
- %TEMP%\RGIA.tmp
- %TEMP%\RGI9.tmp
- <SYSTEM32>\~GLH001a.TMP
- <SYSTEM32>\~GLH0019.TMP
- <SYSTEM32>\~GLH001c.TMP
- %TEMP%\RGI5.tmp
- %TEMP%\RGI4.tmp
- %TEMP%\RGI11.tmp
- %TEMP%\RGI10.tmp
- %TEMP%\RGI12.tmp
- %TEMP%\RGI14.tmp
- %TEMP%\RGI13.tmp
- %TEMP%\RGIC.tmp
- %TEMP%\RGIB.tmp
- %TEMP%\RGID.tmp
- %TEMP%\RGIF.tmp
- %TEMP%\RGIE.tmp
- <SYSTEM32>\~GLH0018.TMP
- <SYSTEM32>\~GLH0004.TMP
- <SYSTEM32>\~GLH0002.TMP
- <SYSTEM32>\~GLH0005.TMP
- <SYSTEM32>\~GLH0008.TMP
- <SYSTEM32>\~GLH0007.TMP
- %TEMP%\GLJ2.tmp
- %TEMP%\GLC1.tmp
- %TEMP%\~GLH0000.TMP
- <SYSTEM32>\temp.000
- <SYSTEM32>\~GLH0001.TMP
- <SYSTEM32>\~GLH0012.TMP
- <SYSTEM32>\~GLH0010.TMP
- <SYSTEM32>\~GLH0014.TMP
- <SYSTEM32>\~GLH0017.TMP
- <SYSTEM32>\~GLH0016.TMP
- <SYSTEM32>\~GLH000b.TMP
- <SYSTEM32>\~GLH000a.TMP
- <SYSTEM32>\~GLH000c.TMP
- <SYSTEM32>\~GLH000f.TMP
- <SYSTEM32>\~GLH000d.TMP
- %TEMP%\RGI8.tmp
- %TEMP%\RGI7.tmp
- %TEMP%\RGIA.tmp
- %TEMP%\RGI9.tmp
- %TEMP%\RGI6.tmp
- %TEMP%\regtlb32.exe
- <SYSTEM32>\~GLH001c.TMP
- %TEMP%\RGI4.tmp
- %TEMP%\RGI5.tmp
- %TEMP%\RGIB.tmp
- %TEMP%\RGI12.tmp
- %TEMP%\RGI11.tmp
- %TEMP%\RGI14.tmp
- %TEMP%\RGI13.tmp
- %TEMP%\RGI10.tmp
- %TEMP%\RGID.tmp
- %TEMP%\RGIC.tmp
- %TEMP%\RGIF.tmp
- %TEMP%\RGIE.tmp
- <SYSTEM32>\~GLH001a.TMP
- <SYSTEM32>\~GLH0008.TMP
- <SYSTEM32>\~GLH0007.TMP
- <SYSTEM32>\~GLH000b.TMP
- <SYSTEM32>\~GLH000a.TMP
- <SYSTEM32>\~GLH0005.TMP
- <SYSTEM32>\~GLH0001.TMP
- <SYSTEM32>\temp.000
- <SYSTEM32>\~GLH0004.TMP
- <SYSTEM32>\~GLH0002.TMP
- <SYSTEM32>\~GLH000c.TMP
- <SYSTEM32>\~GLH0017.TMP
- <SYSTEM32>\~GLH0016.TMP
- <SYSTEM32>\~GLH0019.TMP
- <SYSTEM32>\~GLH0018.TMP
- <SYSTEM32>\~GLH0014.TMP
- <SYSTEM32>\~GLH000f.TMP
- <SYSTEM32>\~GLH000d.TMP
- <SYSTEM32>\~GLH0012.TMP
- <SYSTEM32>\~GLH0010.TMP
- from <SYSTEM32>\~GLH0013.TMP to <SYSTEM32>\msxml4a.dll
- from <SYSTEM32>\temp.000 to <SYSTEM32>\~GLH0015.TMP
- from <SYSTEM32>\~GLH0011.TMP to <SYSTEM32>\msxml4.dll
- from <SYSTEM32>\temp.000 to <SYSTEM32>\~GLH0013.TMP
- from <SYSTEM32>\~GLH0015.TMP to <SYSTEM32>\msxml4r.dll
- from <SYSTEM32>\temp.000 to <SYSTEM32>\~GLH001d.TMP
- from <SYSTEM32>\~GLH001d.TMP to <SYSTEM32>\COMCT332.OCX
- from <SYSTEM32>\temp.000 to <SYSTEM32>\~GLH001b.TMP
- from <SYSTEM32>\~GLH001b.TMP to <SYSTEM32>\Comctl32.ocx
- from <SYSTEM32>\temp.000 to <SYSTEM32>\~GLH0011.TMP
- from <SYSTEM32>\~GLH0003.TMP to <SYSTEM32>\Cabcntrl.ocx
- from <SYSTEM32>\temp.000 to <SYSTEM32>\~GLH0006.TMP
- from %TEMP%\~GLH0000.TMP to %TEMP%\regtlb32.exe
- from <SYSTEM32>\temp.000 to <SYSTEM32>\~GLH0003.TMP
- from <SYSTEM32>\~GLH0006.TMP to <SYSTEM32>\Comdlg32.ocx
- from <SYSTEM32>\temp.000 to <SYSTEM32>\~GLH000e.TMP
- from <SYSTEM32>\~GLH000e.TMP to <SYSTEM32>\msxml3a.dll
- from <SYSTEM32>\temp.000 to <SYSTEM32>\~GLH0009.TMP
- from <SYSTEM32>\~GLH0009.TMP to <SYSTEM32>\Mscomctl.ocx
- <SYSTEM32>\temp.000
- '%TEMP%\GLJ2.tmp' <SYSTEM32>\asycfilt.dll
- '%TEMP%\regtlb32.exe' /C <SYSTEM32>\Mshtml.tlb
- '%TEMP%\regtlb32.exe' /C <SYSTEM32>\Stdole2.tlb
- '<SYSTEM32>\cmd.exe' /C regsvr32 /s <SYSTEM32>\Oleaut32.dll
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\msxml4a.dll
- '<SYSTEM32>\cmd.exe' /C regsvr32 /s <SYSTEM32>\scrrun.dll
- '<SYSTEM32>\cmd.exe' /C regsvr32 /s <SYSTEM32>\Olepro32.dll
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\msxml4.dll
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\msxml3r.dll
- '<SYSTEM32>\cmd.exe' /C regsvr32 /s <SYSTEM32>\msxml4a.dll
- '<SYSTEM32>\cmd.exe' /C regsvr32 /s <SYSTEM32>\msxml4r.dll
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\msxml3.dll
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\Oleaut32.dll
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\actxprxy.dll
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\Olepro32.dll
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\COMCT332.OCX
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\Comctl32.ocx
- '<SYSTEM32>\cmd.exe' /C regsvr32 /s <SYSTEM32>\actxprxy.dll
- '<SYSTEM32>\cmd.exe' /C regsvr32 /s <SYSTEM32>\COMCT332.OCX
- '<SYSTEM32>\cmd.exe' /C regsvr32 /s <SYSTEM32>\Comctl32.ocx
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\msxml4r.dll
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\scrrun.dll
- '<SYSTEM32>\cmd.exe' /C regsvr32 /s <SYSTEM32>\Dbghelp.dll
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\Comcat.dll
- '<SYSTEM32>\cmd.exe' /C regsvr32 /s <SYSTEM32>\Mscomctl.ocx
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\Cabcntrl.ocx
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\Asycfilt.dll
- '<SYSTEM32>\cmd.exe' /C regsvr32 /s <SYSTEM32>\Cabcntrl.ocx
- '<SYSTEM32>\cmd.exe' /C regsvr32 /s <SYSTEM32>\Asycfilt.dll
- '<SYSTEM32>\cmd.exe' /C regsvr32 /s <SYSTEM32>\Comdlg32.ocx
- '<SYSTEM32>\cmd.exe' /C regsvr32 /s <SYSTEM32>\Comcat.dll
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\Dbghelp.dll
- '<SYSTEM32>\cmd.exe' /C regsvr32 /s <SYSTEM32>\msxml3r.dll
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\Msvbvm60.dll
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\msxml3a.dll
- '<SYSTEM32>\cmd.exe' /C regsvr32 /s <SYSTEM32>\msxml4.dll
- '<SYSTEM32>\cmd.exe' /C regsvr32 /s <SYSTEM32>\msxml3a.dll
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\Mscomctl.ocx
- '<SYSTEM32>\cmd.exe' /C regsvr32 /s <SYSTEM32>\Msvbvm60.dll
- '<SYSTEM32>\cmd.exe' /C regsvr32 /s <SYSTEM32>\msxml3.dll
- '<SYSTEM32>\regsvr32.exe' /s <SYSTEM32>\Comdlg32.ocx