Technical Information
- '<SYSTEM32>\msiexec.exe' -Embedding EBAA27B217038ED4A7C7B612D0DC866E M Global\MSI0000
- '%ProgramFiles%\Microsoft Games for Windows - LIVE\Redist\DirectX\DXSETUP.exe' /silent
- '<SYSTEM32>\DirectX\DX5.tmp\dxdllreg.exe' -PATCH
- '<SYSTEM32>\msiexec.exe' /i "%TEMP%\RarSFX0\xliveredist.msi" /qb
- '<SYSTEM32>\msiexec.exe' /V
- '<SYSTEM32>\msiexec.exe' -Embedding F815A8F1DDE9C0C1DB2AB19224A4B71C
- <SYSTEM32>\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\7B2238AACCEDC3F1FFE8E7EB5F575EC9
- <SYSTEM32>\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\7B2238AACCEDC3F1FFE8E7EB5F575EC9
- %WINDIR%\Installer\MSI4.tmp
- %WINDIR%\Logs\DirectX.log
- <SYSTEM32>\DirectX\DX5.tmp\dxupdate.dll
- <SYSTEM32>\DirectX\DX5.tmp\dxdllreg_x86.inf
- <SYSTEM32>\DirectX\DX5.tmp\apr2007_xinput_x86.inf
- <SYSTEM32>\DirectX\DX5.tmp\dxupdate.inf
- <SYSTEM32>\DirectX\DX5.tmp\dxupdate.cif
- %ProgramFiles%\Microsoft Games for Windows - LIVE\Redist\DirectX\APR2007_xinput_x86.cab
- <SYSTEM32>\xlive\sqmapi.dll
- %ProgramFiles%\Microsoft Games for Windows - LIVE\Redist\DirectX\DXSETUP.exe
- %ProgramFiles%\Microsoft Games for Windows - LIVE\Redist\DirectX\dxupdate.cab
- <SYSTEM32>\xlive.dll
- %WINDIR%\Installer\1facc.msi
- %WINDIR%\Installer\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}\GameForWindowsLiveRedist.exe
- <SYSTEM32>\xlive.dll.cat
- <SYSTEM32>\xlivefnt.dll
- <SYSTEM32>\DirectX\DX5.tmp\AUG2009_d3dx9_42_x86.inf
- <SYSTEM32>\SET9.tmp
- <SYSTEM32>\DirectX\DX5.tmp\d3dx10_42.dll
- <SYSTEM32>\DirectX\DX5.tmp\d3dx9_42_x86.inf
- <SYSTEM32>\DirectX\DX5.tmp\d3dx9_42_x86_xp.inf
- <SYSTEM32>\DirectX\DX5.tmp\d3dx10_42_x86.cat
- <SYSTEM32>\SETA.tmp
- %TEMP%\~DF3CC8.tmp
- <SYSTEM32>\DirectX\DX5.tmp\d3dx10_42_x86.inf
- <SYSTEM32>\DirectX\DX5.tmp\d3dx10_42_x86_xp.inf
- <SYSTEM32>\DirectX\DX5.tmp\xinput1_3_x86.cat
- <SYSTEM32>\DirectX\DX5.tmp\xinput1_3.dll
- <SYSTEM32>\DirectX\DX5.tmp\AUG2009_d3dx10_42_x86.inf
- <SYSTEM32>\DirectX\DX5.tmp\dxdllreg.exe
- <SYSTEM32>\DirectX\DX5.tmp\xinput1_3_x86.inf
- <SYSTEM32>\DirectX\DX5.tmp\d3dx9_42.dll
- <SYSTEM32>\DirectX\DX5.tmp\d3dx9_42_x86.cat
- <SYSTEM32>\DirectX\DX5.tmp\xinput1_3_x86_xp.inf
- <SYSTEM32>\SET8.tmp
- %ProgramFiles%\Microsoft Games for Windows - LIVE\Redist\DirectX\Aug2009_d3dx9_42_x86.cab
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_USER_NTUSER_S-1-5-21-2052111302-484763869-725345543-1003
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_USER_USRCLASS_S-1-5-21-2052111302-484763869-725345543-1003
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_USER_NTUSER_S-1-5-20
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_USER_USRCLASS_S-1-5-20
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_USER_.DEFAULT
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_MACHINE_SYSTEM
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_MACHINE_SAM
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_MACHINE_SECURITY
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_MACHINE_SOFTWARE
- %APPDATA%\Microsoft\CryptnetUrlCache\MetaData\696F3DE637E6DE85B458996D49D759AD
- %APPDATA%\Microsoft\CryptnetUrlCache\Content\696F3DE637E6DE85B458996D49D759AD
- %TEMP%\RarSFX0\xliveredist.msi
- %WINDIR%\Installer\1fac6.msi
- %APPDATA%\Microsoft\CryptnetUrlCache\MetaData\A1377F7115F1F126A15360369B165211
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_USER_NTUSER_S-1-5-19
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_USER_USRCLASS_S-1-5-19
- %APPDATA%\Microsoft\CryptnetUrlCache\Content\A1377F7115F1F126A15360369B165211
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\_REGISTRY_USER_NTUSER_S-1-5-18
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\ComDb.Dat
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\Repository\FS\OBJECTS.MAP
- %WINDIR%\Installer\MSI2.tmp
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\Repository\FS\OBJECTS.DATA
- %WINDIR%\Installer\MSI1.tmp
- C:\Config.Msi\1fac9.rbs
- %ProgramFiles%\Microsoft Games for Windows - LIVE\Redist\DirectX\DSETUP.dll
- %ProgramFiles%\Microsoft Games for Windows - LIVE\Redist\DirectX\Aug2009_d3dx10_42_x86.cab
- %ProgramFiles%\Microsoft Games for Windows - LIVE\Redist\DirectX\dxdllreg_x86.cab
- %ProgramFiles%\Microsoft Games for Windows - LIVE\Redist\DirectX\dsetup32.dll
- %WINDIR%\Installer\1fac8.ipi
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\Repository\FS\INDEX.BTR
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\domain.txt
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\Repository\$WinMgmt.CFG
- %TEMP%\~DFD27.tmp
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\Repository\FS\MAPPING1.MAP
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\Repository\FS\MAPPING2.MAP
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\Repository\FS\INDEX.MAP
- C:\System Volume Information\_restore{E7F0F64C-F7E5-4319-8757-E9A20C1C4E14}\RP16\snapshot\Repository\FS\MAPPING.VER
- <SYSTEM32>\DirectX\DX5.tmp\xinput1_3_x86.inf
- <SYSTEM32>\DirectX\DX5.tmp\xinput1_3_x86_xp.inf
- %WINDIR%\Installer\MSI4.tmp
- <SYSTEM32>\DirectX\DX5.tmp\xinput1_3_x86.cat
- <SYSTEM32>\DirectX\DX5.tmp\dxupdate.cif
- <SYSTEM32>\DirectX\DX5.tmp\dxupdate.dll
- <SYSTEM32>\DirectX\DX5.tmp\dxupdate.inf
- %WINDIR%\Installer\1fac6.msi
- %WINDIR%\Installer\1fac8.ipi
- %TEMP%\RarSFX0\xliveredist.msi
- C:\Config.Msi\1fac9.rbs
- %WINDIR%\Installer\MSI2.tmp
- C:\Config.Msi\1faca.rbf
- C:\Config.Msi\1facb.rbf
- <SYSTEM32>\DirectX\DX5.tmp\dxdllreg_x86.inf
- <SYSTEM32>\DirectX\DX5.tmp\apr2007_xinput_x86.inf
- <SYSTEM32>\DirectX\DX5.tmp\AUG2009_d3dx10_42_x86.inf
- <SYSTEM32>\DirectX\DX5.tmp\AUG2009_d3dx9_42_x86.inf
- <SYSTEM32>\DirectX\DX5.tmp\d3dx10_42.dll
- %WINDIR%\Installer\MSI1.tmp
- <SYSTEM32>\DirectX\DX5.tmp\xinput1_3.dll
- <SYSTEM32>\DirectX\DX5.tmp\d3dx9_42.dll
- <SYSTEM32>\DirectX\DX5.tmp\d3dx9_42_x86.inf
- <SYSTEM32>\DirectX\DX5.tmp\d3dx9_42_x86_xp.inf
- <SYSTEM32>\DirectX\DX5.tmp\dxdllreg.exe
- <SYSTEM32>\DirectX\DX5.tmp\d3dx9_42_x86.cat
- <SYSTEM32>\DirectX\DX5.tmp\d3dx10_42_x86.cat
- <SYSTEM32>\DirectX\DX5.tmp\d3dx10_42_x86.inf
- <SYSTEM32>\DirectX\DX5.tmp\d3dx10_42_x86_xp.inf
- from %WINDIR%\WinSxS\Policies\x86_policy.9.0.Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_x-ww_b7353f75\9.0.21022.8.cat to C:\Config.Msi\1facb.rbf
- from %WINDIR%\WinSxS\Manifests\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375.cat to C:\Config.Msi\1faca.rbf
- from <SYSTEM32>\SETA.tmp to <SYSTEM32>\d3dx10_42.dll
- from <SYSTEM32>\SET9.tmp to <SYSTEM32>\D3DX9_42.dll
- from <SYSTEM32>\SET8.tmp to <SYSTEM32>\xinput1_3.dll
- '20#.#6.232.182':80
- 'wp#d':80
- http://crl.microsoft.com/pki/crl/products/CodeSigPCA.crl via 20#.#6.232.182
- http://crl.microsoft.com/pki/crl/products/CSPCA.crl via 20#.#6.232.182
- http://11#.#11.111.1/wpad.dat via wp#d
- http://crl.microsoft.com/pki/crl/products/microsoftrootcert.crl via 20#.#6.232.182
- DNS ASK crl.microsoft.com
- DNS ASK wp#d
- ClassName: 'Shell_TrayWnd' WindowName: ''
- ClassName: 'EDIT' WindowName: ''