1 5:29:12 PM explorer.exe:1272 OPEN C:\Documents and Settings\BRENT\Desktop\Filemon.exe SUCCESS Options: Open Access: All 2 5:29:12 PM explorer.exe:1272 QUERY INFORMATION C:\Documents and Settings\BRENT\Desktop\Filemon.exe SUCCESS Attributes: A 3 5:29:12 PM explorer.exe:1272 CLOSE C:\Documents and Settings\BRENT\Desktop\Filemon.exe SUCCESS 4 5:29:12 PM explorer.exe:1272 OPEN C:\Documents and Settings\BRENT\Desktop\Filemon.exe SUCCESS Options: Open Access: All 5 5:29:12 PM explorer.exe:1272 QUERY INFORMATION C:\Documents and Settings\BRENT\Desktop\Filemon.exe SUCCESS Attributes: A 6 5:29:12 PM explorer.exe:1272 CLOSE C:\Documents and Settings\BRENT\Desktop\Filemon.exe SUCCESS 7 5:29:12 PM explorer.exe:1272 OPEN C:\Documents and Settings\BRENT\Desktop\Filemon.exe SUCCESS Options: Open Access: All 8 5:29:12 PM explorer.exe:1272 QUERY INFORMATION C:\Documents and Settings\BRENT\Desktop\Filemon.exe SUCCESS Attributes: A 9 5:29:12 PM explorer.exe:1272 CLOSE C:\Documents and Settings\BRENT\Desktop\Filemon.exe SUCCESS 10 5:29:13 PM csrss.exe:544 OPEN C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_en-US_580a28ff\ NOT FOUND Options: Open Directory Access: All 11 5:29:13 PM csrss.exe:544 OPEN C:\WINDOWS\Assembly\GAC\Policy.6.0.Microsoft.Windows.Common-Controls\ PATH NOT FOUND Options: Open Directory Access: All 12 5:29:13 PM csrss.exe:544 OPEN C:\WINDOWS\System32\en-US NOT FOUND Options: Open Access: All 13 5:29:13 PM csrss.exe:544 OPEN C:\WINDOWS\System32\en NOT FOUND Options: Open Access: All 14 5:29:13 PM csrss.exe:544 OPEN C:\WINDOWS\System32\ SUCCESS Options: Open Access: All 15 5:29:13 PM csrss.exe:544 QUERY INFORMATION C:\WINDOWS\System32\ SUCCESS Attributes: D 16 5:29:13 PM csrss.exe:544 CLOSE C:\WINDOWS\System32\ SUCCESS 17 5:29:13 PM csrss.exe:544 OPEN C:\WINDOWS\System32\ SUCCESS Options: Open Access: All 18 5:29:13 PM csrss.exe:544 QUERY INFORMATION C:\WINDOWS\System32\ SUCCESS Attributes: D 19 5:29:13 PM csrss.exe:544 CLOSE C:\WINDOWS\System32\ SUCCESS 20 5:29:13 PM csrss.exe:544 OPEN C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_en-US_f6b1e800.Manifest NOT FOUND Options: Open Access: All 21 5:29:13 PM csrss.exe:544 OPEN C:\WINDOWS\assembly\GAC\Microsoft.Windows.Common-Controls\6.0.0.0_en-US_6595b64144ccf1df\Microsoft.Windows.Common-Controls.DLL PATH NOT FOUND Options: Open Access: All 22 5:29:13 PM csrss.exe:544 OPEN C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_en_66c5eee6\ NOT FOUND Options: Open Directory Access: All 23 5:29:13 PM csrss.exe:544 OPEN C:\WINDOWS\Assembly\GAC\Policy.6.0.Microsoft.Windows.Common-Controls\ PATH NOT FOUND Options: Open Directory Access: All 24 5:29:13 PM csrss.exe:544 OPEN C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_en_5cce9bd9.Manifest NOT FOUND Options: Open Access: All 25 5:29:13 PM csrss.exe:544 OPEN C:\WINDOWS\assembly\GAC\Microsoft.Windows.Common-Controls\6.0.0.0_en_6595b64144ccf1df\Microsoft.Windows.Common-Controls.DLL PATH NOT FOUND Options: Open Access: All 26 5:29:13 PM csrss.exe:544 OPEN C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\ SUCCESS Options: Open Directory Access: All 27 5:29:13 PM csrss.exe:544 DIRECTORY C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\ SUCCESS FileBothDirectoryInformation: *.policy 28 5:29:13 PM csrss.exe:544 DIRECTORY C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\ NO MORE FILES FileBothDirectoryInformation 29 5:29:13 PM csrss.exe:544 CLOSE C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\ SUCCESS 30 5:29:13 PM csrss.exe:544 OPEN C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\6.0.2600.2180.Policy SUCCESS Options: Open Sequential Access: All 31 5:29:13 PM csrss.exe:544 QUERY INFORMATION C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\6.0.2600.2180.Policy SUCCESS FileFsVolumeInformation 32 5:29:13 PM csrss.exe:544 QUERY INFORMATION C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\6.0.2600.2180.Policy BUFFER OVERFLOW FileAllInformation 33 5:29:13 PM csrss.exe:544 READ C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\6.0.2600.2180.Policy SUCCESS Offset: 0 Length: 4095 34 5:29:13 PM csrss.exe:544 READ C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\6.0.2600.2180.Policy END OF FILE Offset: 621 Length: 8178 35 5:29:13 PM csrss.exe:544 CLOSE C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\6.0.2600.2180.Policy SUCCESS 36 5:29:13 PM csrss.exe:544 OPEN C:\WINDOWS\Assembly\GAC\Policy.6.0.Microsoft.Windows.Common-Controls\ PATH NOT FOUND Options: Open Directory Access: All 37 5:29:13 PM csrss.exe:544 OPEN C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.Manifest SUCCESS Options: Open Access: All 38 5:29:13 PM csrss.exe:544 QUERY INFORMATION C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.Manifest SUCCESS Attributes: 39 5:29:13 PM csrss.exe:544 CLOSE C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.Manifest SUCCESS 40 5:29:13 PM csrss.exe:544 OPEN C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.Manifest SUCCESS Options: Open Access: All 41 5:29:13 PM csrss.exe:544 QUERY INFORMATION C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.Manifest SUCCESS Attributes: 42 5:29:13 PM csrss.exe:544 CLOSE C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.Manifest SUCCESS 43 5:29:13 PM csrss.exe:544 OPEN C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls.mui_6595b64144ccf1df_en-US_186470ec\ NOT FOUND Options: Open Directory Access: All 44 5:29:13 PM csrss.exe:544 OPEN C:\WINDOWS\Assembly\GAC\Policy.6.0.Microsoft.Windows.Common-Controls.mui\ PATH NOT FOUND Options: Open Directory Access: All 45 5:29:13 PM csrss.exe:544 OPEN C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls.mui_6595b64144ccf1df_6.0.2600.2180_en-US_90e45242.Manifest NOT FOUND Options: Open Access: All 46 5:29:13 PM csrss.exe:544 OPEN C:\WINDOWS\assembly\GAC\Microsoft.Windows.Common-Controls.mui\6.0.2600.2180_en-US_6595b64144ccf1df\Microsoft.Windows.Common-Controls.mui.DLL PATH NOT FOUND Options: Open Access: All 47 5:29:13 PM csrss.exe:544 OPEN C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls.mui_6595b64144ccf1df_en_272036d3\ NOT FOUND Options: Open Directory Access: All 48 5:29:13 PM csrss.exe:544 OPEN C:\WINDOWS\Assembly\GAC\Policy.6.0.Microsoft.Windows.Common-Controls.mui\ PATH NOT FOUND Options: Open Directory Access: All 49 5:29:13 PM csrss.exe:544 OPEN C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls.mui_6595b64144ccf1df_6.0.2600.2180_en_f701061b.Manifest NOT FOUND Options: Open Access: All 50 5:29:13 PM csrss.exe:544 OPEN C:\WINDOWS\assembly\GAC\Microsoft.Windows.Common-Controls.mui\6.0.2600.2180_en_6595b64144ccf1df\Microsoft.Windows.Common-Controls.mui.DLL PATH NOT FOUND Options: Open Access: All 51 5:29:13 PM csrss.exe:544 OPEN C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.Manifest SUCCESS Options: Open Sequential Access: All 52 5:29:13 PM csrss.exe:544 READ C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.Manifest SUCCESS Offset: 0 Length: 2 53 5:29:13 PM csrss.exe:544 CLOSE C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.Manifest SUCCESS 54 5:29:13 PM csrss.exe:544 OPEN C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.Manifest SUCCESS Options: Open Sequential Access: All 55 5:29:13 PM csrss.exe:544 QUERY INFORMATION C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.Manifest SUCCESS FileFsVolumeInformation 56 5:29:13 PM csrss.exe:544 QUERY INFORMATION C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.Manifest BUFFER OVERFLOW FileAllInformation 57 5:29:13 PM csrss.exe:544 READ C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.Manifest SUCCESS Offset: 0 Length: 4095 58 5:29:13 PM csrss.exe:544 READ C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.Manifest END OF FILE Offset: 1862 Length: 8178 59 5:29:13 PM csrss.exe:544 CLOSE C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.Manifest SUCCESS