1	6:38:40 PM	explorer.exe:1272	OPEN	C:\Documents and Settings\BRENT\Desktop\Filemon.exe	SUCCESS	Options: Open  Access: All	
2	6:38:40 PM	explorer.exe:1272	QUERY INFORMATION	C:\Documents and Settings\BRENT\Desktop\Filemon.exe	SUCCESS	Attributes: A	
3	6:38:40 PM	explorer.exe:1272	CLOSE	C:\Documents and Settings\BRENT\Desktop\Filemon.exe	SUCCESS		
4	6:38:40 PM	explorer.exe:1272	OPEN	C:\Documents and Settings\BRENT\Desktop\Filemon.exe	SUCCESS	Options: Open  Access: All	
5	6:38:40 PM	explorer.exe:1272	QUERY INFORMATION	C:\Documents and Settings\BRENT\Desktop\Filemon.exe	SUCCESS	Attributes: A	
6	6:38:40 PM	explorer.exe:1272	CLOSE	C:\Documents and Settings\BRENT\Desktop\Filemon.exe	SUCCESS		
7	6:38:40 PM	explorer.exe:1272	OPEN	C:\Documents and Settings\BRENT\Desktop\Filemon.exe	SUCCESS	Options: Open  Access: All	
8	6:38:40 PM	explorer.exe:1272	QUERY INFORMATION	C:\Documents and Settings\BRENT\Desktop\Filemon.exe	SUCCESS	Attributes: A	
9	6:38:40 PM	explorer.exe:1272	CLOSE	C:\Documents and Settings\BRENT\Desktop\Filemon.exe	SUCCESS		
10	6:38:41 PM	csrss.exe:544	OPEN	C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_en-US_580a28ff\	NOT FOUND	Options: Open Directory  Access: All	
11	6:38:41 PM	csrss.exe:544	OPEN	C:\WINDOWS\Assembly\GAC\Policy.6.0.Microsoft.Windows.Common-Controls\	PATH NOT FOUND	Options: Open Directory  Access: All	
12	6:38:41 PM	csrss.exe:544	OPEN	C:\WINDOWS\System32\en-US	NOT FOUND	Options: Open  Access: All	
13	6:38:41 PM	csrss.exe:544	OPEN	C:\WINDOWS\System32\en	NOT FOUND	Options: Open  Access: All	
14	6:38:41 PM	csrss.exe:544	OPEN	C:\WINDOWS\System32\	SUCCESS	Options: Open  Access: All	
15	6:38:41 PM	csrss.exe:544	QUERY INFORMATION	C:\WINDOWS\System32\	SUCCESS	Attributes: D	
16	6:38:41 PM	csrss.exe:544	CLOSE	C:\WINDOWS\System32\	SUCCESS		
17	6:38:41 PM	csrss.exe:544	OPEN	C:\WINDOWS\System32\	SUCCESS	Options: Open  Access: All	
18	6:38:41 PM	csrss.exe:544	QUERY INFORMATION	C:\WINDOWS\System32\	SUCCESS	Attributes: D	
19	6:38:41 PM	csrss.exe:544	CLOSE	C:\WINDOWS\System32\	SUCCESS		
20	6:38:41 PM	csrss.exe:544	OPEN	C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_en-US_f6b1e800.Manifest	NOT FOUND	Options: Open  Access: All	
21	6:38:41 PM	csrss.exe:544	OPEN	C:\WINDOWS\assembly\GAC\Microsoft.Windows.Common-Controls\6.0.0.0_en-US_6595b64144ccf1df\Microsoft.Windows.Common-Controls.DLL	PATH NOT FOUND	Options: Open  Access: All	
22	6:38:41 PM	csrss.exe:544	OPEN	C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_en_66c5eee6\	NOT FOUND	Options: Open Directory  Access: All	
23	6:38:41 PM	csrss.exe:544	OPEN	C:\WINDOWS\Assembly\GAC\Policy.6.0.Microsoft.Windows.Common-Controls\	PATH NOT FOUND	Options: Open Directory  Access: All	
24	6:38:41 PM	csrss.exe:544	OPEN	C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_en_5cce9bd9.Manifest	NOT FOUND	Options: Open  Access: All	
25	6:38:41 PM	csrss.exe:544	OPEN	C:\WINDOWS\assembly\GAC\Microsoft.Windows.Common-Controls\6.0.0.0_en_6595b64144ccf1df\Microsoft.Windows.Common-Controls.DLL	PATH NOT FOUND	Options: Open  Access: All	
26	6:38:41 PM	csrss.exe:544	OPEN	C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\	SUCCESS	Options: Open Directory  Access: All	
27	6:38:41 PM	csrss.exe:544	DIRECTORY	C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\	SUCCESS	FileBothDirectoryInformation: *.policy	
28	6:38:41 PM	csrss.exe:544	DIRECTORY	C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\	NO MORE FILES	FileBothDirectoryInformation	
29	6:38:41 PM	csrss.exe:544	CLOSE	C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\	SUCCESS		
30	6:38:41 PM	csrss.exe:544	OPEN	C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\6.0.2600.2180.Policy	SUCCESS	Options: Open Sequential  Access: All	
31	6:38:41 PM	csrss.exe:544	QUERY INFORMATION	C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\6.0.2600.2180.Policy	SUCCESS	FileFsVolumeInformation	
32	6:38:41 PM	csrss.exe:544	QUERY INFORMATION	C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\6.0.2600.2180.Policy	BUFFER OVERFLOW	FileAllInformation	
33	6:38:41 PM	csrss.exe:544	READ 	C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\6.0.2600.2180.Policy	SUCCESS	Offset: 0 Length: 4095	
34	6:38:41 PM	csrss.exe:544	READ	C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\6.0.2600.2180.Policy	END OF FILE	Offset: 621 Length: 8178	
35	6:38:41 PM	csrss.exe:544	CLOSE	C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls_6595b64144ccf1df_x-ww_5ddad775\6.0.2600.2180.Policy	SUCCESS		
36	6:38:41 PM	csrss.exe:544	OPEN	C:\WINDOWS\Assembly\GAC\Policy.6.0.Microsoft.Windows.Common-Controls\	PATH NOT FOUND	Options: Open Directory  Access: All	
37	6:38:41 PM	csrss.exe:544	OPEN	C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.Manifest	SUCCESS	Options: Open  Access: All	
38	6:38:41 PM	csrss.exe:544	QUERY INFORMATION	C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.Manifest	SUCCESS	Attributes: 	
39	6:38:41 PM	csrss.exe:544	CLOSE	C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.Manifest	SUCCESS		
40	6:38:41 PM	csrss.exe:544	OPEN	C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.Manifest	SUCCESS	Options: Open  Access: All	
41	6:38:41 PM	csrss.exe:544	QUERY INFORMATION	C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.Manifest	SUCCESS	Attributes: 	
42	6:38:41 PM	csrss.exe:544	CLOSE	C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.Manifest	SUCCESS		
43	6:38:41 PM	csrss.exe:544	OPEN	C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls.mui_6595b64144ccf1df_en-US_186470ec\	NOT FOUND	Options: Open Directory  Access: All	
44	6:38:41 PM	csrss.exe:544	OPEN	C:\WINDOWS\Assembly\GAC\Policy.6.0.Microsoft.Windows.Common-Controls.mui\	PATH NOT FOUND	Options: Open Directory  Access: All	
45	6:38:41 PM	csrss.exe:544	OPEN	C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls.mui_6595b64144ccf1df_6.0.2600.2180_en-US_90e45242.Manifest	NOT FOUND	Options: Open  Access: All	
46	6:38:41 PM	csrss.exe:544	OPEN	C:\WINDOWS\assembly\GAC\Microsoft.Windows.Common-Controls.mui\6.0.2600.2180_en-US_6595b64144ccf1df\Microsoft.Windows.Common-Controls.mui.DLL	PATH NOT FOUND	Options: Open  Access: All	
47	6:38:41 PM	csrss.exe:544	OPEN	C:\WINDOWS\WinSxS\Policies\x86_Policy.6.0.Microsoft.Windows.Common-Controls.mui_6595b64144ccf1df_en_272036d3\	NOT FOUND	Options: Open Directory  Access: All	
48	6:38:41 PM	csrss.exe:544	OPEN	C:\WINDOWS\Assembly\GAC\Policy.6.0.Microsoft.Windows.Common-Controls.mui\	PATH NOT FOUND	Options: Open Directory  Access: All	
49	6:38:41 PM	csrss.exe:544	OPEN	C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls.mui_6595b64144ccf1df_6.0.2600.2180_en_f701061b.Manifest	NOT FOUND	Options: Open  Access: All	
50	6:38:41 PM	csrss.exe:544	OPEN	C:\WINDOWS\assembly\GAC\Microsoft.Windows.Common-Controls.mui\6.0.2600.2180_en_6595b64144ccf1df\Microsoft.Windows.Common-Controls.mui.DLL	PATH NOT FOUND	Options: Open  Access: All	
51	6:38:41 PM	csrss.exe:544	OPEN	C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.Manifest	SUCCESS	Options: Open Sequential  Access: All	
52	6:38:41 PM	csrss.exe:544	READ 	C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.Manifest	SUCCESS	Offset: 0 Length: 2	
53	6:38:41 PM	csrss.exe:544	CLOSE	C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.Manifest	SUCCESS		
54	6:38:41 PM	csrss.exe:544	OPEN	C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.Manifest	SUCCESS	Options: Open Sequential  Access: All	
55	6:38:41 PM	csrss.exe:544	QUERY INFORMATION	C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.Manifest	SUCCESS	FileFsVolumeInformation	
56	6:38:41 PM	csrss.exe:544	QUERY INFORMATION	C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.Manifest	BUFFER OVERFLOW	FileAllInformation	
57	6:38:41 PM	csrss.exe:544	READ 	C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.Manifest	SUCCESS	Offset: 0 Length: 4095	
58	6:38:41 PM	csrss.exe:544	READ	C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.Manifest	END OF FILE	Offset: 1862 Length: 8178	
59	6:38:41 PM	csrss.exe:544	CLOSE	C:\WINDOWS\WinSxS\Manifests\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9.Manifest	SUCCESS		
60	6:38:45 PM	explorer.exe:1272	OPEN	C:\Documents and Settings\BRENT\Desktop\Filemon.exe	SUCCESS	Options: Open  Access: Execute	
61	6:38:45 PM	explorer.exe:1272	QUERY INFORMATION	C:\Documents and Settings\BRENT\Desktop\Filemon.exe	SUCCESS	Length: 446464	
62	6:38:45 PM	explorer.exe:1272	CLOSE	C:\Documents and Settings\BRENT\Desktop\Filemon.exe	SUCCESS		
63	6:38:45 PM	explorer.exe:1272	OPEN	C:\Documents and Settings\BRENT\Desktop\Filemon.exe	SUCCESS	Options: Open  Access: All	
64	6:38:45 PM	explorer.exe:1272	QUERY INFORMATION	C:\Documents and Settings\BRENT\Desktop\Filemon.exe	SUCCESS	Attributes: A	
65	6:38:45 PM	explorer.exe:1272	CLOSE	C:\Documents and Settings\BRENT\Desktop\Filemon.exe	SUCCESS		
66	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\Prefetch\FILEMON.EXE-138F2908.pf	SUCCESS	Options: Open  Access: All	
67	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\Prefetch\FILEMON.EXE-138F2908.pf	SUCCESS	Length: 15036	
68	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\Prefetch\FILEMON.EXE-138F2908.pf	SUCCESS	Length: 15036	
69	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\Prefetch\FILEMON.EXE-138F2908.pf	SUCCESS		
70	6:38:50 PM	svchost.exe:900	OPEN	C:\DOCUMENTS AND SETTINGS\BRENT\DESKTOP\FILEMON.EXE	SUCCESS	Options: Open  Access: All	
71	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\DOCUMENTS AND SETTINGS\BRENT\DESKTOP\FILEMON.EXE	SUCCESS	Attributes: A	
72	6:38:50 PM	svchost.exe:900	CLOSE	C:\DOCUMENTS AND SETTINGS\BRENT\DESKTOP\FILEMON.EXE	SUCCESS		
73	6:38:50 PM	svchost.exe:900	OPEN	C:\DOCUMENTS AND SETTINGS\BRENT\DESKTOP\FILEMON.EXE	SUCCESS	Options: Open  Access: All	
74	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\DOCUMENTS AND SETTINGS\BRENT\DESKTOP\FILEMON.EXE	SUCCESS	FileInternalInformation	
75	6:38:50 PM	svchost.exe:900	CLOSE	C:\DOCUMENTS AND SETTINGS\BRENT\DESKTOP\FILEMON.EXE	SUCCESS		
76	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\APPPATCH\DRVMAIN.SDB	SUCCESS	Options: Open  Access: All	
77	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\APPPATCH\DRVMAIN.SDB	SUCCESS	Attributes: A	
78	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\APPPATCH\DRVMAIN.SDB	SUCCESS		
79	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\EXPLORER.EXE	SUCCESS	Options: Open  Access: All	
80	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\EXPLORER.EXE	SUCCESS	Attributes: A	
81	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\EXPLORER.EXE	SUCCESS		
82	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\EXPLORER.EXE	SUCCESS	Options: Open  Access: All	
83	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\EXPLORER.EXE	SUCCESS	FileInternalInformation	
84	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\EXPLORER.EXE	SUCCESS		
85	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\REGISTRATION\R000000000007.CLB	SUCCESS	Options: Open  Access: All	
86	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\REGISTRATION\R000000000007.CLB	SUCCESS	Attributes: A	
87	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\REGISTRATION\R000000000007.CLB	SUCCESS		
88	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\REGISTRATION\R000000000007.CLB	SUCCESS	Options: Open  Access: All	
89	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\REGISTRATION\R000000000007.CLB	SUCCESS	FileInternalInformation	
90	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\REGISTRATION\R000000000007.CLB	SUCCESS		
91	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\ADVAPI32.DLL	SUCCESS	Options: Open  Access: All	
92	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\ADVAPI32.DLL	SUCCESS	Attributes: A	
93	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\ADVAPI32.DLL	SUCCESS		
94	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\ADVAPI32.DLL	SUCCESS	Options: Open  Access: All	
95	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\ADVAPI32.DLL	SUCCESS	FileInternalInformation	
96	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\ADVAPI32.DLL	SUCCESS		
97	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\APPHELP.DLL	SUCCESS	Options: Open  Access: All	
98	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\APPHELP.DLL	SUCCESS	Attributes: A	
99	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\APPHELP.DLL	SUCCESS		
100	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\APPHELP.DLL	SUCCESS	Options: Open  Access: All	
101	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\APPHELP.DLL	SUCCESS	FileInternalInformation	
102	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\APPHELP.DLL	SUCCESS		
103	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\CLBCATQ.DLL	SUCCESS	Options: Open  Access: All	
104	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\CLBCATQ.DLL	SUCCESS	Attributes: A	
105	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\CLBCATQ.DLL	SUCCESS		
106	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\CLBCATQ.DLL	SUCCESS	Options: Open  Access: All	
107	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\CLBCATQ.DLL	SUCCESS	FileInternalInformation	
108	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\CLBCATQ.DLL	SUCCESS		
109	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\COMDLG32.DLL	SUCCESS	Options: Open  Access: All	
110	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\COMDLG32.DLL	SUCCESS	Attributes: A	
111	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\COMDLG32.DLL	SUCCESS		
112	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\COMDLG32.DLL	SUCCESS	Options: Open  Access: All	
113	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\COMDLG32.DLL	SUCCESS	FileInternalInformation	
114	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\COMDLG32.DLL	SUCCESS		
115	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\COMRES.DLL	SUCCESS	Options: Open  Access: All	
116	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\COMRES.DLL	SUCCESS	Attributes: A	
117	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\COMRES.DLL	SUCCESS		
118	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\COMRES.DLL	SUCCESS	Options: Open  Access: All	
119	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\COMRES.DLL	SUCCESS	FileInternalInformation	
120	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\COMRES.DLL	SUCCESS		
121	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\CSCDLL.DLL	SUCCESS	Options: Open  Access: All	
122	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\CSCDLL.DLL	SUCCESS	Attributes: A	
123	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\CSCDLL.DLL	SUCCESS		
124	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\CSCDLL.DLL	SUCCESS	Options: Open  Access: All	
125	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\CSCDLL.DLL	SUCCESS	FileInternalInformation	
126	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\CSCDLL.DLL	SUCCESS		
127	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\CSCUI.DLL	SUCCESS	Options: Open  Access: All	
128	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\CSCUI.DLL	SUCCESS	Attributes: A	
129	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\CSCUI.DLL	SUCCESS		
130	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\CSCUI.DLL	SUCCESS	Options: Open  Access: All	
131	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\CSCUI.DLL	SUCCESS	FileInternalInformation	
132	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\CSCUI.DLL	SUCCESS		
133	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\CTYPE.NLS	SUCCESS	Options: Open  Access: All	
134	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\CTYPE.NLS	SUCCESS	Attributes: A	
135	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\CTYPE.NLS	SUCCESS		
136	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\CTYPE.NLS	SUCCESS	Options: Open  Access: All	
137	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\CTYPE.NLS	SUCCESS	FileInternalInformation	
138	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\CTYPE.NLS	SUCCESS		
139	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\GDI32.DLL	SUCCESS	Options: Open  Access: All	
140	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\GDI32.DLL	SUCCESS	Attributes: A	
141	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\GDI32.DLL	SUCCESS		
142	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\GDI32.DLL	SUCCESS	Options: Open  Access: All	
143	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\GDI32.DLL	SUCCESS	FileInternalInformation	
144	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\GDI32.DLL	SUCCESS		
145	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\KERNEL32.DLL	SUCCESS	Options: Open  Access: All	
146	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\KERNEL32.DLL	SUCCESS	Attributes: A	
147	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\KERNEL32.DLL	SUCCESS		
148	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\KERNEL32.DLL	SUCCESS	Options: Open  Access: All	
149	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\KERNEL32.DLL	SUCCESS	FileInternalInformation	
150	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\KERNEL32.DLL	SUCCESS		
151	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\LOCALE.NLS	SUCCESS	Options: Open  Access: All	
152	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\LOCALE.NLS	SUCCESS	Attributes: A	
153	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\LOCALE.NLS	SUCCESS		
154	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\LOCALE.NLS	SUCCESS	Options: Open  Access: All	
155	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\LOCALE.NLS	SUCCESS	FileInternalInformation	
156	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\LOCALE.NLS	SUCCESS		
157	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\MSVCRT.DLL	SUCCESS	Options: Open  Access: All	
158	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\MSVCRT.DLL	SUCCESS	Attributes: N	
159	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\MSVCRT.DLL	SUCCESS		
160	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\MSVCRT.DLL	SUCCESS	Options: Open  Access: All	
161	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\MSVCRT.DLL	SUCCESS	FileInternalInformation	
162	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\MSVCRT.DLL	SUCCESS		
163	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\NTDLL.DLL	SUCCESS	Options: Open  Access: All	
164	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\NTDLL.DLL	SUCCESS	Attributes: A	
165	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\NTDLL.DLL	SUCCESS		
166	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\NTDLL.DLL	SUCCESS	Options: Open  Access: All	
167	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\NTDLL.DLL	SUCCESS	FileInternalInformation	
168	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\NTDLL.DLL	SUCCESS		
169	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\OLE32.DLL	SUCCESS	Options: Open  Access: All	
170	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\OLE32.DLL	SUCCESS	Attributes: A	
171	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\OLE32.DLL	SUCCESS		
172	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\OLE32.DLL	SUCCESS	Options: Open  Access: All	
173	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\OLE32.DLL	SUCCESS	FileInternalInformation	
174	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\OLE32.DLL	SUCCESS		
175	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\OLEAUT32.DLL	SUCCESS	Options: Open  Access: All	
176	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\OLEAUT32.DLL	SUCCESS	Attributes: A	
177	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\OLEAUT32.DLL	SUCCESS		
178	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\OLEAUT32.DLL	SUCCESS	Options: Open  Access: All	
179	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\OLEAUT32.DLL	SUCCESS	FileInternalInformation	
180	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\OLEAUT32.DLL	SUCCESS		
181	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\RPCRT4.DLL	SUCCESS	Options: Open  Access: All	
182	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\RPCRT4.DLL	SUCCESS	Attributes: A	
183	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\RPCRT4.DLL	SUCCESS		
184	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\RPCRT4.DLL	SUCCESS	Options: Open  Access: All	
185	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\RPCRT4.DLL	SUCCESS	FileInternalInformation	
186	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\RPCRT4.DLL	SUCCESS		
187	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\RPCSS.DLL	SUCCESS	Options: Open  Access: All	
188	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\RPCSS.DLL	SUCCESS	Attributes: A	
189	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\RPCSS.DLL	SUCCESS		
190	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\RPCSS.DLL	SUCCESS	Options: Open  Access: All	
191	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\RPCSS.DLL	SUCCESS	FileInternalInformation	
192	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\RPCSS.DLL	SUCCESS		
193	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\SETUPAPI.DLL	SUCCESS	Options: Open  Access: All	
194	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\SETUPAPI.DLL	SUCCESS	Attributes: A	
195	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\SETUPAPI.DLL	SUCCESS		
196	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\SETUPAPI.DLL	SUCCESS	Options: Open  Access: All	
197	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\SETUPAPI.DLL	SUCCESS	FileInternalInformation	
198	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\SETUPAPI.DLL	SUCCESS		
199	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\SHELL32.DLL	SUCCESS	Options: Open  Access: All	
200	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\SHELL32.DLL	SUCCESS	Attributes: A	
201	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\SHELL32.DLL	SUCCESS		
202	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\SHELL32.DLL	SUCCESS	Options: Open  Access: All	
203	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\SHELL32.DLL	SUCCESS	FileInternalInformation	
204	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\SHELL32.DLL	SUCCESS		
205	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\SHLWAPI.DLL	SUCCESS	Options: Open  Access: All	
206	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\SHLWAPI.DLL	SUCCESS	Attributes: A	
207	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\SHLWAPI.DLL	SUCCESS		
208	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\SHLWAPI.DLL	SUCCESS	Options: Open  Access: All	
209	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\SHLWAPI.DLL	SUCCESS	FileInternalInformation	
210	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\SHLWAPI.DLL	SUCCESS		
211	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\SORTKEY.NLS	SUCCESS	Options: Open  Access: All	
212	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\SORTKEY.NLS	SUCCESS	Attributes: A	
213	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\SORTKEY.NLS	SUCCESS		
214	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\SORTKEY.NLS	SUCCESS	Options: Open  Access: All	
215	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\SORTKEY.NLS	SUCCESS	FileInternalInformation	
216	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\SORTKEY.NLS	SUCCESS		
217	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\SORTTBLS.NLS	SUCCESS	Options: Open  Access: All	
218	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\SORTTBLS.NLS	SUCCESS	Attributes: A	
219	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\SORTTBLS.NLS	SUCCESS		
220	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\SORTTBLS.NLS	SUCCESS	Options: Open  Access: All	
221	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\SORTTBLS.NLS	SUCCESS	FileInternalInformation	
222	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\SORTTBLS.NLS	SUCCESS		
223	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\UNICODE.NLS	SUCCESS	Options: Open  Access: All	
224	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\UNICODE.NLS	SUCCESS	Attributes: A	
225	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\UNICODE.NLS	SUCCESS		
226	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\UNICODE.NLS	SUCCESS	Options: Open  Access: All	
227	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\UNICODE.NLS	SUCCESS	FileInternalInformation	
228	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\UNICODE.NLS	SUCCESS		
229	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\USER32.DLL	SUCCESS	Options: Open  Access: All	
230	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\USER32.DLL	SUCCESS	Attributes: A	
231	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\USER32.DLL	SUCCESS		
232	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\USER32.DLL	SUCCESS	Options: Open  Access: All	
233	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\USER32.DLL	SUCCESS	FileInternalInformation	
234	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\USER32.DLL	SUCCESS		
235	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\UXTHEME.DLL	SUCCESS	Options: Open  Access: All	
236	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\UXTHEME.DLL	SUCCESS	Attributes: A	
237	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\UXTHEME.DLL	SUCCESS		
238	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\UXTHEME.DLL	SUCCESS	Options: Open  Access: All	
239	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\UXTHEME.DLL	SUCCESS	FileInternalInformation	
240	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\UXTHEME.DLL	SUCCESS		
241	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\VERSION.DLL	SUCCESS	Options: Open  Access: All	
242	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\VERSION.DLL	SUCCESS	Attributes: A	
243	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\VERSION.DLL	SUCCESS		
244	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\VERSION.DLL	SUCCESS	Options: Open  Access: All	
245	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\VERSION.DLL	SUCCESS	FileInternalInformation	
246	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\VERSION.DLL	SUCCESS		
247	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\WINDOWSSHELL.MANIFEST	SUCCESS	Options: Open  Access: All	
248	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\WINDOWSSHELL.MANIFEST	SUCCESS	Attributes: RHA	
249	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\WINDOWSSHELL.MANIFEST	SUCCESS		
250	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\WINDOWSSHELL.MANIFEST	SUCCESS	Options: Open  Access: All	
251	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\WINDOWSSHELL.MANIFEST	SUCCESS	FileInternalInformation	
252	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\WINDOWSSHELL.MANIFEST	SUCCESS		
253	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.2600.2180_X-WW_A84F1FF9\COMCTL32.DLL	SUCCESS	Options: Open  Access: All	
254	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.2600.2180_X-WW_A84F1FF9\COMCTL32.DLL	SUCCESS	Attributes: A	
255	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.2600.2180_X-WW_A84F1FF9\COMCTL32.DLL	SUCCESS		
256	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.2600.2180_X-WW_A84F1FF9\COMCTL32.DLL	SUCCESS	Options: Open  Access: All	
257	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.2600.2180_X-WW_A84F1FF9\COMCTL32.DLL	SUCCESS	FileInternalInformation	
258	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.2600.2180_X-WW_A84F1FF9\COMCTL32.DLL	SUCCESS		
259	6:38:50 PM	svchost.exe:900	OPEN	C:\	SUCCESS	Options: Open  Access: All	
260	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\	SUCCESS	FileInternalInformation	
261	6:38:50 PM	svchost.exe:900	CLOSE	C:\	SUCCESS		
262	6:38:50 PM	svchost.exe:900	OPEN	C:\DOCUMENTS AND SETTINGS\	SUCCESS	Options: Open  Access: All	
263	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\DOCUMENTS AND SETTINGS\	SUCCESS	FileInternalInformation	
264	6:38:50 PM	svchost.exe:900	CLOSE	C:\DOCUMENTS AND SETTINGS\	SUCCESS		
265	6:38:50 PM	svchost.exe:900	OPEN	C:\DOCUMENTS AND SETTINGS\BRENT\	SUCCESS	Options: Open  Access: All	
266	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\DOCUMENTS AND SETTINGS\BRENT\	SUCCESS	FileInternalInformation	
267	6:38:50 PM	svchost.exe:900	CLOSE	C:\DOCUMENTS AND SETTINGS\BRENT\	SUCCESS		
268	6:38:50 PM	svchost.exe:900	OPEN	C:\DOCUMENTS AND SETTINGS\BRENT\DESKTOP\	SUCCESS	Options: Open  Access: All	
269	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\DOCUMENTS AND SETTINGS\BRENT\DESKTOP\	SUCCESS	FileInternalInformation	
270	6:38:50 PM	svchost.exe:900	CLOSE	C:\DOCUMENTS AND SETTINGS\BRENT\DESKTOP\	SUCCESS		
271	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\	SUCCESS	Options: Open  Access: All	
272	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\	SUCCESS	FileInternalInformation	
273	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\	SUCCESS		
274	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\REGISTRATION\	SUCCESS	Options: Open  Access: All	
275	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\REGISTRATION\	SUCCESS	FileInternalInformation	
276	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\REGISTRATION\	SUCCESS		
277	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\SYSTEM32\	SUCCESS	Options: Open  Access: All	
278	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\SYSTEM32\	SUCCESS	FileInternalInformation	
279	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\SYSTEM32\	SUCCESS		
280	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\WINSXS\	SUCCESS	Options: Open  Access: All	
281	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\WINSXS\	SUCCESS	FileInternalInformation	
282	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\WINSXS\	SUCCESS		
283	6:38:50 PM	svchost.exe:900	OPEN	C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.2600.2180_X-WW_A84F1FF9\	SUCCESS	Options: Open  Access: All	
284	6:38:50 PM	svchost.exe:900	QUERY INFORMATION	C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.2600.2180_X-WW_A84F1FF9\	SUCCESS	FileInternalInformation	
285	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.2600.2180_X-WW_A84F1FF9\	SUCCESS		
286	6:38:50 PM	svchost.exe:900	CREATE	C:\WINDOWS\Prefetch\FILEMON.EXE-138F2908.pf	SUCCESS	Options: OverwriteIf  Access: All	
287	6:38:50 PM	svchost.exe:900	WRITE 	C:\WINDOWS\Prefetch\FILEMON.EXE-138F2908.pf	SUCCESS	Offset: 0 Length: 15036	
288	6:38:50 PM	svchost.exe:900	CLOSE	C:\WINDOWS\Prefetch\FILEMON.EXE-138F2908.pf	SUCCESS		
289	6:38:55 PM	explorer.exe:1272	OPEN	C:\	SUCCESS	Options: Open Directory  Access: All	
290	6:38:55 PM	explorer.exe:1272	QUERY INFORMATION	C:\	SUCCESS	FileFsFullSizeInformation	
291	6:38:55 PM	explorer.exe:1272	CLOSE	C:\	SUCCESS		
292	6:38:55 PM	explorer.exe:1272	OPEN	E:\	SUCCESS	Options: Open Directory  Access: All	
293	6:38:55 PM	explorer.exe:1272	QUERY INFORMATION	E:\	SUCCESS	FileFsFullSizeInformation	
294	6:38:55 PM	explorer.exe:1272	CLOSE	E:\	SUCCESS