Trouble with Opening Folder

[TevashSzat]

Well basically, if I go to C: and highlight or try to click on my Document and Settings folder, the whole my computer window freezes up and I have to end explorer.exe and rerun it after which the problem is fixed.

Funny thing is that if I input the address ie C:\Documents and Settings and open it that way, everything is perfectly fine.

Now this is usually not a problem as one usually doesn't need to go poke around there, but when I am moving files or doing random stuff that has me looking in the Programs Folder, I often misclick or highlight and have to restart all over again.

[Ramses II CP]

You've got antivirus up and running and regularly use Spybot?

If so it could be a symptom of a larger problem. Run chkdsk. If the drive is okay I'd check to make sure no new user accounts have shown up on your machine.

You could also try using your XP CD to 'repair' Windows, presuming you're using XP.

[TevashSzat]

You've got antivirus up and running and regularly use Spybot?

If so it could be a symptom of a larger problem. Run chkdsk. If the drive is okay I'd check to make sure no new user accounts have shown up on your machine.

You could also try using your XP CD to 'repair' Windows, presuming you're using XP.

I got more antivirus/malware checkers than is needed. So thats probably not the problem

This might be relevent that I have played around with some files in there and deleted some. They were ghost accounts, ie accounts that I had before, but no longer have now

Also, I recently had to boot a chkdsk program from a floppy to fix a problem caused by drivers from Daemon Tools, but I don't have it anymore.

[Ramses II CP]

If you hand deleted user account folders, which usually contain protected folders, I suppose that might have caused the problem. I wouldn't be confident enough in that diagnosis to call it a done deal though.

[Xiahou]

If it were me, I'd fire up filemon and see exactly what's going on when that happens. My knee-jerk reaction to that is the same as Ramses II CP- malware, but I'm sure it could be caused by other problems.

[Whacker]

What exactly do you run in terms of antivirus and anti-spypware programs? I didn't get a warm fuzzy with your answer.

[TevashSzat]

I'll run that program tonight, but I have AVG, Spybot, and Adaware

[sapi]

Try clearing your thumbnail cache; I've seen corrupted ones do funny things before (right click on C: > properties > disc cleanup)

[R'as al Ghul]

Try clearing your thumbnail cache; I've seen corrupted ones do funny things before (right click on C: > properties > disc cleanup)

That's a great tip to an unrelated problem I have.
When I try to look at my MP3 folder in "Thumbnail mode" the explorer crashes. Most subfolders in there contain a folder.jpg file which should be displayed. I now believe that clearing the cache could work. I'll let you know.

[TevashSzat]

Well, I used process monitor and this is only part of what happens:

Spoiler Alert, click show to read: 

6942 11:01.8 Explorer.EXE 184 CreateFile C:\NeverwinterNights\NWN\docs\NWN_OnlineManual.pdf PATH NOT FOUND "Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a"
6972 11:01.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users\Start Menu\Programs\Neverwinter Nights\Readme.txt.lnk SUCCESS "Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
6974 11:01.8 Explorer.EXE 184 ReadFile C:\Documents and Settings\All Users\Start Menu\Programs\Neverwinter Nights\Readme.txt.lnk SUCCESS "Offset: 0, Length: 4,096, I/O Flags: Non-cached, Paging I/O, Synchronous Paging I/O"
7022 11:01.8 Explorer.EXE 184 ReadFile C:\Documents and Settings\All Users\Start Menu\Programs\Neverwinter Nights\Readme.txt.lnk SUCCESS "Offset: 0, Length: 1,600"
7025 11:01.8 Explorer.EXE 184 QueryInformationVolume C:\Documents and Settings\All Users\Start Menu\Programs\Neverwinter Nights\Readme.txt.lnk SUCCESS "VolumeCreationTime: 1/18/2007 8:40:45 AM, VolumeSerialNumber: 2843-91DF, SupportsObjects: True, VolumeLabel: "
7031 11:01.8 Explorer.EXE 184 QueryAllInformationFile C:\Documents and Settings\All Users\Start Menu\Programs\Neverwinter Nights\Readme.txt.lnk BUFFER OVERFLOW "CreationTime: 2/22/2007 2:48:20 PM, LastAccessTime: 1/1/2008 4:05:25 PM, LastWriteTime: 2/22/2007 2:48:20 PM, ChangeTime: 12/28/2007 2:17:30 PM, FileAttributes: AC, AllocationSize: 4,096, EndOfFile: 1,600, NumberOfLinks: 1, DeletePending: False, Directory: False, IndexNumber: 0x1000000015865, EaSize: 0, Access: Generic Read, Position: 1,600, Mode: Synchronous IO Non-Alert, AlignmentRequirement: Word"
7035 11:01.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users\Start Menu\Programs\Neverwinter Nights\Readme.txt.lnk SUCCESS
7146 11:01.8 Explorer.EXE 184 CreateFile C:\NeverwinterNights\NWN\docs\ PATH NOT FOUND "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
7147 11:01.8 Explorer.EXE 184 CreateFile C:\ SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7149 11:01.8 Explorer.EXE 184 QueryNameInformationFile C:\ SUCCESS Name: \
7150 11:01.8 Explorer.EXE 184 QueryInformationVolume C:\ SUCCESS "VolumeCreationTime: 1/18/2007 8:40:45 AM, VolumeSerialNumber: 2843-91DF, SupportsObjects: True, VolumeLabel: "
7156 11:01.8 Explorer.EXE 184 CloseFile C:\ SUCCESS
7173 11:01.8 Explorer.EXE 184 CreateFile C:\ SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7176 11:01.8 Explorer.EXE 184 QueryDirectory C:\NeverwinterNights NO SUCH FILE Filter: NeverwinterNights
7177 11:01.8 Explorer.EXE 184 CloseFile C:\ SUCCESS
7189 11:01.8 Explorer.EXE 184 QueryOpen C:\WINDOWS\system32\shell32.dll SUCCESS "CreationTime: 8/12/2004 9:05:10 AM, LastAccessTime: 2/29/2008 9:10:47 PM, LastWriteTime: 10/25/2007 10:36:51 PM, ChangeTime: 2/29/2008 9:08:16 PM, AllocationSize: 5,029,888, EndOfFile: 8,454,656, FileAttributes: AC"
7430 11:02.5 Explorer.EXE 184 CreateFile C:\NeverwinterNights\NWN\docs\readme.txt PATH NOT FOUND "Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a"
7489 11:02.5 Explorer.EXE 184 QueryOpen C:\NeverwinterNights\NWN\docs PATH NOT FOUND
7490 11:02.5 Explorer.EXE 184 QueryOpen C:\NeverwinterNights\NWN PATH NOT FOUND
7491 11:02.5 Explorer.EXE 184 QueryOpen C:\NeverwinterNights NAME NOT FOUND
7492 11:02.5 Explorer.EXE 184 QueryOpen C:\ SUCCESS "CreationTime: 1/18/2007 8:40:45 AM, LastAccessTime: 2/29/2008 9:11:02 PM, LastWriteTime: 2/29/2008 5:59:56 PM, ChangeTime: 2/29/2008 5:59:56 PM, AllocationSize: 0, EndOfFile: 0, FileAttributes: HSDC"
7493 11:02.5 Explorer.EXE 184 CreateFile C:\ SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7494 11:02.5 Explorer.EXE 184 QueryDirectory C:\* SUCCESS "Filter: *, 1: ATI"
7495 11:02.5 Explorer.EXE 184 QueryDirectory C:\ SUCCESS "0: ATMA_config.ini, 1: AUTOEXEC.BAT, 2: boot.ini, 3: CanoScan, 4: Config.Msi, 5: CONFIG.SYS, 6: DELL, 7: Documents and Settings, 8: hiberfil.sys, 9: IO.SYS, 10: moduleName.txt, 11: MSDOS.SYS, 12: NTDETECT.COM, 13: ntldr, 14: pagefile.sys, 15: Program Files, 16: RECYCLER, 17: System Volume Information, 18: WINDOWS, 19: _NavCClt.Log"
7496 11:02.5 Explorer.EXE 184 CreateFile C:\moduleName.txt SUCCESS "Desired Access: Read Attributes, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
7497 11:02.5 Explorer.EXE 184 QueryCompressionInformationFile C:\moduleName.txt SUCCESS
7498 11:02.5 Explorer.EXE 184 CloseFile C:\moduleName.txt SUCCESS
7500 11:02.5 Explorer.EXE 184 QueryDirectory C:\ NO MORE FILES
7501 11:02.5 Explorer.EXE 184 CloseFile C:\ SUCCESS
7503 11:02.5 Explorer.EXE 184 CreateFile C:\ATI SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7504 11:02.5 Explorer.EXE 184 QueryDirectory C:\ATI\* SUCCESS "Filter: *, 1: ."
7505 11:02.5 Explorer.EXE 184 QueryDirectory C:\ATI SUCCESS "0: .., 1: SUPPORT"
7506 11:02.5 Explorer.EXE 184 QueryDirectory C:\ATI NO MORE FILES
7507 11:02.5 Explorer.EXE 184 CloseFile C:\ATI SUCCESS
7509 11:02.5 Explorer.EXE 184 CreateFile C:\ATI\SUPPORT SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7510 11:02.5 Explorer.EXE 184 QueryDirectory C:\ATI\SUPPORT\* SUCCESS "Filter: *, 1: ."
7511 11:02.5 Explorer.EXE 184 QueryDirectory C:\ATI\SUPPORT SUCCESS "0: .., 1: 7-2_xp_dd_ccc_wdm_enu_41238, 2: 7-9_xp32_dd_ccc_wdm_enu_52443"
7512 11:02.5 Explorer.EXE 184 QueryDirectory C:\ATI\SUPPORT NO MORE FILES
7513 11:02.5 Explorer.EXE 184 CloseFile C:\ATI\SUPPORT SUCCESS
7515 11:02.5 Explorer.EXE 184 CreateFile C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238 SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7516 11:02.5 Explorer.EXE 184 QueryDirectory C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\* SUCCESS "Filter: *, 1: ."
7517 11:02.5 Explorer.EXE 184 QueryDirectory C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238 SUCCESS "0: .., 1: AtiCim.bin, 2: AtiCimUn.exe, 3: BIN, 4: Catalyst.bmp, 5: CCC, 6: CheckVer.exe, 7: data1.cab, 8: data1.hdr, 9: data2.cab, 10: Driver, 11: DrvUI64A.exe, 12: ikernel.ex_, 13: INSTALL.INI, 14: issetup.exe, 15: layout.bin, 16: makensisw.exe, 17: psapi.dll, 18: SBDrv, 19: Setup.exe, 20: Setup.ini, 21: setup.inx, 22: WDM_ALL"
7518 11:02.5 Explorer.EXE 184 QueryDirectory C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238 NO MORE FILES
7519 11:02.5 Explorer.EXE 184 CloseFile C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238 SUCCESS
7521 11:02.5 Explorer.EXE 184 CreateFile C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\BIN SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7522 11:02.5 Explorer.EXE 184 QueryDirectory C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\BIN\*.txt NO SUCH FILE Filter: *.txt
7524 11:02.5 Explorer.EXE 184 CloseFile C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\BIN SUCCESS
7526 11:02.5 Explorer.EXE 184 CreateFile C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\CCC SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7527 11:02.5 Explorer.EXE 184 QueryDirectory C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\CCC\*.txt NO SUCH FILE Filter: *.txt
7528 11:02.5 Explorer.EXE 184 CloseFile C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\CCC SUCCESS
7530 11:02.5 Explorer.EXE 184 CreateFile C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\Driver SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7531 11:02.5 Explorer.EXE 184 QueryDirectory C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\Driver\*.txt NO SUCH FILE Filter: *.txt
7532 11:02.5 Explorer.EXE 184 CloseFile C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\Driver SUCCESS
7534 11:02.5 Explorer.EXE 184 CreateFile C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\SBDrv SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7535 11:02.5 Explorer.EXE 184 QueryDirectory C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\SBDrv\*.txt NO SUCH FILE Filter: *.txt
7536 11:02.5 Explorer.EXE 184 CloseFile C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\SBDrv SUCCESS
7538 11:02.5 Explorer.EXE 184 CreateFile C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\WDM_ALL SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7539 11:02.5 Explorer.EXE 184 QueryDirectory C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\WDM_ALL\*.txt NO SUCH FILE Filter: *.txt
7541 11:02.5 Explorer.EXE 184 CloseFile C:\ATI\SUPPORT\7-2_xp_dd_ccc_wdm_enu_41238\WDM_ALL SUCCESS
7543 11:02.5 Explorer.EXE 184 CreateFile C:\ATI\SUPPORT\7-9_xp32_dd_ccc_wdm_enu_52443 SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7544 11:02.5 Explorer.EXE 184 QueryDirectory C:\ATI\SUPPORT\7-9_xp32_dd_ccc_wdm_enu_52443\* SUCCESS "Filter: *, 1: ."
7545 11:02.5 Explorer.EXE 184 QueryDirectory C:\ATI\SUPPORT\7-9_xp32_dd_ccc_wdm_enu_52443 SUCCESS "0: .., 1: Driver"
7546 11:02.5 Explorer.EXE 184 QueryDirectory C:\ATI\SUPPORT\7-9_xp32_dd_ccc_wdm_enu_52443 NO MORE FILES
7547 11:02.5 Explorer.EXE 184 CloseFile C:\ATI\SUPPORT\7-9_xp32_dd_ccc_wdm_enu_52443 SUCCESS
7549 11:02.6 Explorer.EXE 184 CreateFile C:\ATI\SUPPORT\7-9_xp32_dd_ccc_wdm_enu_52443\Driver SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7550 11:02.6 Explorer.EXE 184 QueryDirectory C:\ATI\SUPPORT\7-9_xp32_dd_ccc_wdm_enu_52443\Driver\*.txt NO SUCH FILE Filter: *.txt
7551 11:02.6 Explorer.EXE 184 CloseFile C:\ATI\SUPPORT\7-9_xp32_dd_ccc_wdm_enu_52443\Driver SUCCESS
7553 11:02.6 Explorer.EXE 184 CreateFile C:\CanoScan SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7554 11:02.6 Explorer.EXE 184 QueryDirectory C:\CanoScan\* SUCCESS "Filter: *, 1: ."
7555 11:02.6 Explorer.EXE 184 QueryDirectory C:\CanoScan SUCCESS "0: .., 1: CNQL50"
7556 11:02.6 Explorer.EXE 184 QueryDirectory C:\CanoScan NO MORE FILES
7557 11:02.6 Explorer.EXE 184 CloseFile C:\CanoScan SUCCESS
7559 11:02.6 Explorer.EXE 184 CreateFile C:\CanoScan\CNQL50 SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7560 11:02.6 Explorer.EXE 184 QueryDirectory C:\CanoScan\CNQL50\* SUCCESS "Filter: *, 1: ."
7561 11:02.6 Explorer.EXE 184 QueryDirectory C:\CanoScan\CNQL50 SUCCESS "0: .., 1: CNQL50, 2: CNQL50.CAT, 3: CNQSG71"
7562 11:02.6 Explorer.EXE 184 QueryDirectory C:\CanoScan\CNQL50 NO MORE FILES
7563 11:02.6 Explorer.EXE 184 CloseFile C:\CanoScan\CNQL50 SUCCESS
7565 11:02.6 Explorer.EXE 184 CreateFile C:\CanoScan\CNQL50\CNQL50 SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7566 11:02.6 Explorer.EXE 184 QueryDirectory C:\CanoScan\CNQL50\CNQL50\* SUCCESS "Filter: *, 1: ."
7567 11:02.6 Explorer.EXE 184 QueryDirectory C:\CanoScan\CNQL50\CNQL50 SUCCESS "0: .., 1: CNQL1208.DLL, 2: CNQL50.DAT, 3: CNQL50C.DAT, 4: CNQL50R.DAT, 5: CNS12N.ICC"
7568 11:02.6 Explorer.EXE 184 QueryDirectory C:\CanoScan\CNQL50\CNQL50 NO MORE FILES
7569 11:02.6 Explorer.EXE 184 CloseFile C:\CanoScan\CNQL50\CNQL50 SUCCESS
7571 11:02.6 Explorer.EXE 184 CreateFile C:\CanoScan\CNQL50\CNQSG71 SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7572 11:02.6 Explorer.EXE 184 QueryDirectory C:\CanoScan\CNQL50\CNQSG71\* SUCCESS "Filter: *, 1: ."
7574 11:02.6 Explorer.EXE 184 QueryDirectory C:\CanoScan\CNQL50\CNQSG71 SUCCESS "0: .., 1: CANOIT32.EXE, 2: CISDS.DS, 3: CNQU71.DLL, 4: CNZ005.ICC, 5: CSUI.DLL, 6: CSUI_RES.DLL, 7: DEV.DLL, 8: IMGENH.DLL, 9: IOP.DLL, 10: ITLIB32.DLL, 11: JDA_CIMG.DLL, 12: MSVCRT.DLL, 13: NBS4MB.DLL, 14: NBSCOR4M.DLL, 15: RMSLANTC.DLL, 16: SCANINTF.DLL, 17: SCRPRMV.DLL, 18: SGUI.DLL, 19: TPM.DLL, 20: TWAIN.DLL, 21: TWAIN_32.DLL, 22: TWUNK_16.EXE, 23: TWUNK_32.EXE, 24: UCS32P.DLL"
7575 11:02.6 Explorer.EXE 184 QueryDirectory C:\CanoScan\CNQL50\CNQSG71 NO MORE FILES
7576 11:02.6 Explorer.EXE 184 CloseFile C:\CanoScan\CNQL50\CNQSG71 SUCCESS
7578 11:02.6 Explorer.EXE 184 CreateFile C:\DELL SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7579 11:02.6 Explorer.EXE 184 QueryDirectory C:\DELL\* SUCCESS "Filter: *, 1: ."
7580 11:02.6 Explorer.EXE 184 QueryDirectory C:\DELL SUCCESS "0: .., 1: drivers, 2: ModemCD, 3: Thumbs.db"
7581 11:02.6 Explorer.EXE 184 QueryDirectory C:\DELL NO MORE FILES
7582 11:02.6 Explorer.EXE 184 CloseFile C:\DELL SUCCESS
7584 11:02.6 Explorer.EXE 184 CreateFile C:\DELL\drivers SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7585 11:02.6 Explorer.EXE 184 QueryDirectory C:\DELL\drivers\* SUCCESS "Filter: *, 1: ."
7586 11:02.6 Explorer.EXE 184 QueryDirectory C:\DELL\drivers SUCCESS "0: .., 1: R119713, 2: R119717, 3: R78500, 4: R87461, 5: R92022, 6: R94481"
7587 11:02.6 Explorer.EXE 184 QueryDirectory C:\DELL\drivers NO MORE FILES
7588 11:02.6 Explorer.EXE 184 CloseFile C:\DELL\drivers SUCCESS
7590 11:02.6 Explorer.EXE 184 CreateFile C:\DELL\drivers\R119713 SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7591 11:02.6 Explorer.EXE 184 QueryDirectory C:\DELL\drivers\R119713\* SUCCESS "Filter: *, 1: ."
7592 11:02.6 Explorer.EXE 184 QueryDirectory C:\DELL\drivers\R119713 SUCCESS "0: .., 1: AtiCim.bin, 2: AtiCimUn.exe, 3: BIN, 4: CheckVer.exe, 5: CPanel, 6: data1.cab, 7: data1.hdr, 8: data2.cab, 9: Driver, 10: DrvUI64A.exe, 11: ikernel.ex_, 12: INSTALL.INI, 13: issetup.exe, 14: layout.bin, 15: psapi.dll, 16: Setup.exe, 17: SETUP.INI, 18: setup.inx, 19: Version.txt"
7593 11:02.6 Explorer.EXE 184 CreateFile C:\DELL\drivers\R119713\Version.txt SUCCESS "Desired Access: Read Attributes, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
7595 11:02.6 Explorer.EXE 184 QueryCompressionInformationFile C:\DELL\drivers\R119713\Version.txt SUCCESS
7596 11:02.6 Explorer.EXE 184 CloseFile C:\DELL\drivers\R119713\Version.txt SUCCESS
7598 11:02.6 Explorer.EXE 184 QueryDirectory C:\DELL\drivers\R119713 NO MORE FILES
7599 11:02.6 Explorer.EXE 184 CloseFile C:\DELL\drivers\R119713 SUCCESS
7601 11:02.6 Explorer.EXE 184 CreateFile C:\DELL\drivers\R119713\BIN SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7602 11:02.6 Explorer.EXE 184 QueryDirectory C:\DELL\drivers\R119713\BIN\*.txt NO SUCH FILE Filter: *.txt
7604 11:02.6 Explorer.EXE 184 CloseFile C:\DELL\drivers\R119713\BIN SUCCESS
7606 11:02.6 Explorer.EXE 184 CreateFile C:\DELL\drivers\R119713\CPanel SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7607 11:02.6 Explorer.EXE 184 QueryDirectory C:\DELL\drivers\R119713\CPanel\*.txt NO SUCH FILE Filter: *.txt
7609 11:02.6 Explorer.EXE 184 CloseFile C:\DELL\drivers\R119713\CPanel SUCCESS
7611 11:02.6 Explorer.EXE 184 CreateFile C:\DELL\drivers\R119713\Driver SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7612 11:02.6 Explorer.EXE 184 QueryDirectory C:\DELL\drivers\R119713\Driver\*.txt NO SUCH FILE Filter: *.txt
7613 11:02.6 Explorer.EXE 184 CloseFile C:\DELL\drivers\R119713\Driver SUCCESS
7615 11:02.6 Explorer.EXE 184 CreateFile C:\DELL\drivers\R119717 SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7616 11:02.6 Explorer.EXE 184 QueryDirectory C:\DELL\drivers\R119717\* SUCCESS "Filter: *, 1: ."
7617 11:02.6 Explorer.EXE 184 QueryDirectory C:\DELL\drivers\R119717 SUCCESS "0: .., 1: AtiCim.bin, 2: AtiCimUn.exe, 3: BIN, 4: CheckVer.exe, 5: CPanel, 6: data1.cab, 7: data1.hdr, 8: data2.cab, 9: Driver, 10: DrvUI64A.exe, 11: ikernel.ex_, 12: INSTALL.INI, 13: issetup.exe, 14: layout.bin, 15: psapi.dll, 16: Setup.exe, 17: SETUP.INI, 18: setup.inx, 19: Version.txt"
7618 11:02.6 Explorer.EXE 184 CreateFile C:\DELL\drivers\R119717\Version.txt SUCCESS "Desired Access: Read Attributes, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
7619 11:02.6 Explorer.EXE 184 QueryCompressionInformationFile C:\DELL\drivers\R119717\Version.txt SUCCESS
7620 11:02.6 Explorer.EXE 184 CloseFile C:\DELL\drivers\R119717\Version.txt SUCCESS
7622 11:02.6 Explorer.EXE 184 QueryDirectory C:\DELL\drivers\R119717 NO MORE FILES
7623 11:02.6 Explorer.EXE 184 CloseFile C:\DELL\drivers\R119717 SUCCESS
7625 11:02.6 Explorer.EXE 184 CreateFile C:\DELL\drivers\R119717\BIN SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7626 11:02.6 Explorer.EXE 184 QueryDirectory C:\DELL\drivers\R119717\BIN\*.txt NO SUCH FILE Filter: *.txt
7628 11:02.6 Explorer.EXE 184 CloseFile C:\DELL\drivers\R119717\BIN SUCCESS
7630 11:02.6 Explorer.EXE 184 CreateFile C:\DELL\drivers\R119717\CPanel SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7631 11:02.6 Explorer.EXE 184 QueryDirectory C:\DELL\drivers\R119717\CPanel\*.txt NO SUCH FILE Filter: *.txt
7633 11:02.6 Explorer.EXE 184 CloseFile C:\DELL\drivers\R119717\CPanel SUCCESS
7635 11:02.6 Explorer.EXE 184 CreateFile C:\DELL\drivers\R119717\Driver SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7636 11:02.6 Explorer.EXE 184 QueryDirectory C:\DELL\drivers\R119717\Driver\*.txt NO SUCH FILE Filter: *.txt
7637 11:02.6 Explorer.EXE 184 CloseFile C:\DELL\drivers\R119717\Driver SUCCESS
7639 11:02.6 Explorer.EXE 184 CreateFile C:\DELL\drivers\R78500 SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7640 11:02.6 Explorer.EXE 184 QueryDirectory C:\DELL\drivers\R78500\* SUCCESS "Filter: *, 1: ."
7642 11:02.6 Explorer.EXE 184 QueryDirectory C:\DELL\drivers\R78500 SUCCESS "0: .., 1: BInstDll.dll, 2: setup.exe, 3: setup.iss, 4: unin3x.iss, 5: unin5x.iss, 6: unin7x.iss, 7: Version.txt"
7643 11:02.6 Explorer.EXE 184 CreateFile C:\DELL\drivers\R78500\Version.txt SUCCESS "Desired Access: Read Attributes, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
7644 11:02.6 Explorer.EXE 184 QueryCompressionInformationFile C:\DELL\drivers\R78500\Version.txt SUCCESS
7645 11:02.6 Explorer.EXE 184 CloseFile C:\DELL\drivers\R78500\Version.txt SUCCESS
7647 11:02.6 Explorer.EXE 184 QueryDirectory C:\DELL\drivers\R78500 NO MORE FILES
7648 11:02.6 Explorer.EXE 184 CloseFile C:\DELL\drivers\R78500 SUCCESS
7650 11:02.6 Explorer.EXE 184 CreateFile C:\DELL\drivers\R87461 SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7651 11:02.6 Explorer.EXE 184 QueryDirectory C:\DELL\drivers\R87461\* SUCCESS "Filter: *, 1: ."
7653 11:02.6 Explorer.EXE 184 QueryDirectory C:\DELL\drivers\R87461 SUCCESS "0: .., 1: BInstDll.dll, 2: DOS, 3: readme.txt, 4: setup.exe, 5: setup.iss, 6: uninst.iss, 7: Version.txt, 8: Win2K, 9: WinXP"
7654 11:02.6 Explorer.EXE 184 CreateFile C:\DELL\drivers\R87461\readme.txt SUCCESS "Desired Access: Read Attributes, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
7655 11:02.6 Explorer.EXE 184 ReadFile C:\$Directory SUCCESS "Offset: 4,300,800, Length: 4,096, I/O Flags: Non-cached, Paging I/O, Synchronous Paging I/O"
7656 11:02.6 Explorer.EXE 184 QueryCompressionInformationFile C:\DELL\drivers\R87461\readme.txt SUCCESS
7657 11:02.6 Explorer.EXE 184 CloseFile C:\DELL\drivers\R87461\readme.txt SUCCESS
7659 11:02.6 Explorer.EXE 184 CreateFile C:\DELL\drivers\R87461\Version.txt SUCCESS "Desired Access: Read Attributes, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
7660 11:02.6 Explorer.EXE 184 QueryCompressionInformationFile C:\DELL\drivers\R87461\Version.txt SUCCESS
7661 11:02.6 Explorer.EXE 184 CloseFile C:\DELL\drivers\R87461\Version.txt SUCCESS
7663 11:02.7 Explorer.EXE 184 QueryDirectory C:\DELL\drivers\R87461 NO MORE FILES
7664 11:02.7 Explorer.EXE 184 CloseFile C:\DELL\drivers\R87461 SUCCESS
7666 11:02.7 Explorer.EXE 184 CreateFile C:\DELL\drivers\R87461\DOS SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7667 11:02.7 Explorer.EXE 184 QueryDirectory C:\DELL\drivers\R87461\DOS\*.txt NO SUCH FILE Filter: *.txt
7668 11:02.7 Explorer.EXE 184 CloseFile C:\DELL\drivers\R87461\DOS SUCCESS
7670 11:02.7 Explorer.EXE 184 CreateFile C:\DELL\drivers\R87461\Win2K SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7671 11:02.7 Explorer.EXE 184 QueryDirectory C:\DELL\drivers\R87461\Win2K\*.txt NO SUCH FILE Filter: *.txt
7672 11:02.7 Explorer.EXE 184 CloseFile C:\DELL\drivers\R87461\Win2K SUCCESS
7674 11:02.7 Explorer.EXE 184 CreateFile C:\DELL\drivers\R87461\WinXP SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7675 11:02.7 Explorer.EXE 184 QueryDirectory C:\DELL\drivers\R87461\WinXP\*.txt NO SUCH FILE Filter: *.txt
7676 11:02.7 Explorer.EXE 184 CloseFile C:\DELL\drivers\R87461\WinXP SUCCESS
7678 11:02.7 Explorer.EXE 184 CreateFile C:\DELL\drivers\R92022 SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7679 11:02.7 Explorer.EXE 184 QueryDirectory C:\DELL\drivers\R92022\* SUCCESS "Filter: *, 1: ."
7680 11:02.7 Explorer.EXE 184 QueryDirectory C:\DELL\drivers\R92022 SUCCESS "0: .., 1: setup.exe"
7681 11:02.7 Explorer.EXE 184 QueryDirectory C:\DELL\drivers\R92022 NO MORE FILES
7682 11:02.7 Explorer.EXE 184 CloseFile C:\DELL\drivers\R92022 SUCCESS
7684 11:02.7 Explorer.EXE 184 CreateFile C:\DELL\drivers\R94481 SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7685 11:02.7 Explorer.EXE 184 QueryDirectory C:\DELL\drivers\R94481\* SUCCESS "Filter: *, 1: ."
7686 11:02.7 Explorer.EXE 184 QueryDirectory C:\DELL\drivers\R94481 SUCCESS "0: .., 1: AEEnable.exe, 2: CPApp.ico, 3: data.tag, 4: data1.cab, 5: data1.hdr, 6: data2.cab, 7: DevInst.dll, 8: engine32.cab, 9: layout.bin, 10: platform.bin, 11: readme.txt, 12: setup.exe, 13: setup.ibt, 14: setup.ini, 15: setup.inx, 16: setup.iss, 17: SMax3CP.ico, 18: SMAXWDM, 19: SM_Sensa, 20: Sys, 21: Version.txt, 22: win256_3.bmp"
7687 11:02.7 Explorer.EXE 184 CreateFile C:\DELL\drivers\R94481\readme.txt SUCCESS "Desired Access: Read Attributes, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
7689 11:02.7 Explorer.EXE 184 QueryCompressionInformationFile C:\DELL\drivers\R94481\readme.txt SUCCESS
7690 11:02.7 Explorer.EXE 184 CloseFile C:\DELL\drivers\R94481\readme.txt SUCCESS
7692 11:02.7 Explorer.EXE 184 CreateFile C:\DELL\drivers\R94481\Version.txt SUCCESS "Desired Access: Read Attributes, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
7694 11:02.7 Explorer.EXE 184 QueryCompressionInformationFile C:\DELL\drivers\R94481\Version.txt SUCCESS
7695 11:02.7 Explorer.EXE 184 CloseFile C:\DELL\drivers\R94481\Version.txt SUCCESS
7697 11:02.7 Explorer.EXE 184 QueryDirectory C:\DELL\drivers\R94481 NO MORE FILES
7698 11:02.7 Explorer.EXE 184 CloseFile C:\DELL\drivers\R94481 SUCCESS
7700 11:02.7 Explorer.EXE 184 CreateFile C:\DELL\drivers\R94481\SMAXWDM SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7701 11:02.7 Explorer.EXE 184 QueryDirectory C:\DELL\drivers\R94481\SMAXWDM\*.txt NO SUCH FILE Filter: *.txt
7702 11:02.7 Explorer.EXE 184 CloseFile C:\DELL\drivers\R94481\SMAXWDM SUCCESS
7704 11:02.7 Explorer.EXE 184 CreateFile C:\DELL\drivers\R94481\SM_Sensa SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7705 11:02.7 Explorer.EXE 184 QueryDirectory C:\DELL\drivers\R94481\SM_Sensa\*.txt NO SUCH FILE Filter: *.txt
7706 11:02.7 Explorer.EXE 184 CloseFile C:\DELL\drivers\R94481\SM_Sensa SUCCESS
7708 11:02.7 Explorer.EXE 184 CreateFile C:\DELL\drivers\R94481\Sys SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7709 11:02.7 Explorer.EXE 184 QueryDirectory C:\DELL\drivers\R94481\Sys\*.txt NO SUCH FILE Filter: *.txt
7710 11:02.7 Explorer.EXE 184 CloseFile C:\DELL\drivers\R94481\Sys SUCCESS
7712 11:02.7 Explorer.EXE 184 CreateFile C:\DELL\ModemCD SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7713 11:02.7 Explorer.EXE 184 QueryDirectory C:\DELL\ModemCD\* SUCCESS "Filter: *, 1: ."
7715 11:02.7 Explorer.EXE 184 QueryDirectory C:\DELL\ModemCD SUCCESS "0: .., 1: Default.htm, 2: language.txt, 3: mdmlist.txt, 4: MDM_Util.js, 5: MDM_Util.log, 6: Model.tmp, 7: PCIScan.txt, 8: REGScan.txt, 9: Template.htm"
7716 11:02.7 Explorer.EXE 184 CreateFile C:\DELL\ModemCD\language.txt SUCCESS "Desired Access: Read Attributes, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
7717 11:02.7 Explorer.EXE 184 QueryCompressionInformationFile C:\DELL\ModemCD\language.txt SUCCESS
7718 11:02.7 Explorer.EXE 184 CloseFile C:\DELL\ModemCD\language.txt SUCCESS
7720 11:02.7 Explorer.EXE 184 CreateFile C:\DELL\ModemCD\mdmlist.txt SUCCESS "Desired Access: Read Attributes, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
7722 11:02.7 Explorer.EXE 184 QueryCompressionInformationFile C:\DELL\ModemCD\mdmlist.txt SUCCESS
7723 11:02.7 Explorer.EXE 184 CloseFile C:\DELL\ModemCD\mdmlist.txt SUCCESS
7725 11:02.7 Explorer.EXE 184 CreateFile C:\DELL\ModemCD\PCIScan.txt SUCCESS "Desired Access: Read Attributes, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
7726 11:02.7 Explorer.EXE 184 QueryCompressionInformationFile C:\DELL\ModemCD\PCIScan.txt SUCCESS
7727 11:02.7 Explorer.EXE 184 CloseFile C:\DELL\ModemCD\PCIScan.txt SUCCESS
7729 11:02.7 Explorer.EXE 184 CreateFile C:\DELL\ModemCD\REGScan.txt SUCCESS "Desired Access: Read Attributes, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
7730 11:02.7 Explorer.EXE 184 QueryCompressionInformationFile C:\DELL\ModemCD\REGScan.txt SUCCESS
7731 11:02.7 Explorer.EXE 184 CloseFile C:\DELL\ModemCD\REGScan.txt SUCCESS
7733 11:02.7 Explorer.EXE 184 QueryDirectory C:\DELL\ModemCD NO MORE FILES
7734 11:02.7 Explorer.EXE 184 CloseFile C:\DELL\ModemCD SUCCESS
7736 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7737 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\* SUCCESS "Filter: *, 1: ."
7738 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings SUCCESS "0: .., 1: Administrator, 2: All Users, 3: All Users.WINDOWS, 4: Default User, 5: Default User.WINDOWS, 6: Henry.HEJIA, 7: LocalService, 8: LocalService.NT AUTHORITY, 9: LocalService.NT AUTHORITY.000, 10: Mingyi.LOG, 11: NetworkService, 12: NetworkService.NT AUTHORITY, 13: NetworkService.NT AUTHORITY.000"
7739 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings NO MORE FILES
7740 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings SUCCESS
7742 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\Administrator SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7743 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\* SUCCESS "Filter: *, 1: ."
7744 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator SUCCESS "0: .., 1: Application Data, 2: Cookies, 3: Desktop, 4: Favorites, 5: Local Settings, 6: My Documents, 7: NetHood, 8: NTUSER.DAT, 9: ntuser.dat.LOG, 10: ntuser.ini, 11: PrintHood, 12: Recent, 13: SendTo, 14: Start Menu, 15: Templates"
7745 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator NO MORE FILES
7746 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\Administrator SUCCESS
7748 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\Administrator\Application Data SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7749 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\Application Data\* SUCCESS "Filter: *, 1: ."
7750 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\Application Data SUCCESS "0: .., 1: desktop.ini, 2: Microsoft"
7751 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\Application Data NO MORE FILES
7752 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\Administrator\Application Data SUCCESS
7754 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\Administrator\Application Data\Microsoft SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7755 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\Application Data\Microsoft\*.txt NO SUCH FILE Filter: *.txt
7757 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\Administrator\Application Data\Microsoft SUCCESS
7759 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\Administrator\Cookies SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7760 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\Cookies\* SUCCESS "Filter: *, 1: ."
7761 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\Cookies SUCCESS "0: .., 1: index.dat"
7762 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\Cookies NO MORE FILES
7763 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\Administrator\Cookies SUCCESS
7765 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\Administrator\Desktop SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7766 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\Desktop\* SUCCESS "Filter: *, 1: ."
7767 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\Desktop SUCCESS 0: ..
7768 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\Desktop NO MORE FILES
7769 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\Administrator\Desktop SUCCESS
7771 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\Administrator\Favorites SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7772 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\Favorites\* SUCCESS "Filter: *, 1: ."
7773 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\Favorites SUCCESS 0: ..
7774 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\Favorites NO MORE FILES
7775 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\Administrator\Favorites SUCCESS
7777 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\Administrator\Local Settings SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7778 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\Local Settings\* SUCCESS "Filter: *, 1: ."
7779 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\Local Settings SUCCESS "0: .., 1: Application Data, 2: desktop.ini, 3: History, 4: Temp, 5: Temporary Internet Files"
7780 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\Local Settings NO MORE FILES
7781 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\Administrator\Local Settings SUCCESS
7783 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\Administrator\Local Settings\Application Data SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7784 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\Local Settings\Application Data\*.txt NO SUCH FILE Filter: *.txt
7785 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\Administrator\Local Settings\Application Data SUCCESS
7787 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\Administrator\Local Settings\History SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7788 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\Local Settings\History\*.txt NO SUCH FILE Filter: *.txt
7789 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\Administrator\Local Settings\History SUCCESS
7791 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\Administrator\Local Settings\Temp SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7792 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\Local Settings\Temp\*.txt NO SUCH FILE Filter: *.txt
7793 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\Administrator\Local Settings\Temp SUCCESS
7795 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7796 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\*.txt NO SUCH FILE Filter: *.txt
7797 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files SUCCESS
7799 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\Administrator\My Documents SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7800 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\My Documents\* SUCCESS "Filter: *, 1: ."
7801 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\My Documents SUCCESS 0: ..
7802 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\My Documents NO MORE FILES
7803 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\Administrator\My Documents SUCCESS
7805 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\Administrator\NetHood SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7806 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\NetHood\* SUCCESS "Filter: *, 1: ."
7807 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\NetHood SUCCESS 0: ..
7808 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\NetHood NO MORE FILES
7809 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\Administrator\NetHood SUCCESS
7811 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\Administrator\PrintHood SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7812 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\PrintHood\* SUCCESS "Filter: *, 1: ."
7813 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\PrintHood SUCCESS 0: ..
7814 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\PrintHood NO MORE FILES
7815 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\Administrator\PrintHood SUCCESS
7817 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\Administrator\Recent SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7818 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\Recent\* SUCCESS "Filter: *, 1: ."
7819 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\Recent SUCCESS 0: ..
7820 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\Recent NO MORE FILES
7821 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\Administrator\Recent SUCCESS
7823 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\Administrator\SendTo SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7824 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\SendTo\* SUCCESS "Filter: *, 1: ."
7826 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\SendTo SUCCESS "0: .., 1: Compressed (zipped) Folder.ZFSendToTarget, 2: Desktop (create shortcut).DeskLink, 3: desktop.ini, 4: Mail Recipient.MAPIMail"
7827 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\SendTo NO MORE FILES
7828 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\Administrator\SendTo SUCCESS
7830 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\Administrator\Start Menu SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7831 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\Start Menu\* SUCCESS "Filter: *, 1: ."
7832 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\Start Menu SUCCESS "0: .., 1: desktop.ini, 2: Programs"
7833 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\Start Menu NO MORE FILES
7834 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\Administrator\Start Menu SUCCESS
7836 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\Administrator\Start Menu\Programs SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7837 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\Start Menu\Programs\*.txt NO SUCH FILE Filter: *.txt
7838 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\Administrator\Start Menu\Programs SUCCESS
7840 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\Administrator\Templates SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7841 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\Templates\* SUCCESS "Filter: *, 1: ."
7843 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\Templates SUCCESS "0: .., 1: amipro.sam, 2: excel.xls, 3: excel4.xls, 4: lotus.wk4, 5: powerpnt.ppt, 6: presenta.shw, 7: quattro.wb2, 8: sndrec.wav, 9: winword.doc, 10: winword2.doc, 11: wordpfct.wpd, 12: wordpfct.wpg"
7844 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Administrator\Templates NO MORE FILES
7845 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\Administrator\Templates SUCCESS
7847 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7848 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\* SUCCESS "Filter: *, 1: ."
7849 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users SUCCESS "0: .., 1: Application Data, 2: Desktop, 3: Documents, 4: DRM, 5: Favorites, 6: ntuser.dat, 7: ntuser.dat.LOG, 8: Start Menu, 9: Templates"
7850 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users NO MORE FILES
7851 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users SUCCESS
7853 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users\Application Data SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7854 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Application Data\* SUCCESS "Filter: *, 1: ."
7855 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Application Data SUCCESS "0: .., 1: Apple Computer, 2: avg7, 3: Avg7(2), 4: desktop.ini, 5: Google, 6: Grisoft, 7: Grisoft(2), 8: Microsoft, 9: Microsoft Help, 10: pdf995, 11: QTSBandwidthCache, 12: Symantec, 13: Windows Genuine Advantage"
7856 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Application Data NO MORE FILES
7857 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users\Application Data SUCCESS
7859 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users\Application Data\Apple Computer SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7860 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Application Data\Apple Computer\*.txt NO SUCH FILE Filter: *.txt
7861 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users\Application Data\Apple Computer SUCCESS
7863 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users\Application Data\avg7 SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7864 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Application Data\avg7\*.txt NO SUCH FILE Filter: *.txt
7866 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users\Application Data\avg7 SUCCESS
7868 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users\Application Data\Avg7(2) SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7869 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Application Data\Avg7(2)\*.txt NO SUCH FILE Filter: *.txt
7871 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users\Application Data\Avg7(2) SUCCESS
7873 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users\Application Data\Google SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7874 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Application Data\Google\*.txt NO SUCH FILE Filter: *.txt
7875 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users\Application Data\Google SUCCESS
7877 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users\Application Data\Grisoft SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7878 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Application Data\Grisoft\*.txt NO SUCH FILE Filter: *.txt
7879 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users\Application Data\Grisoft SUCCESS
7881 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users\Application Data\Grisoft(2) SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7882 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Application Data\Grisoft(2)\*.txt NO SUCH FILE Filter: *.txt
7883 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users\Application Data\Grisoft(2) SUCCESS
7885 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users\Application Data\Microsoft SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7886 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Application Data\Microsoft\*.txt NO SUCH FILE Filter: *.txt
7887 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users\Application Data\Microsoft SUCCESS
7889 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users\Application Data\Microsoft Help SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7890 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Application Data\Microsoft Help\*.txt NO SUCH FILE Filter: *.txt
7892 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users\Application Data\Microsoft Help SUCCESS
7894 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users\Application Data\pdf995 SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7895 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Application Data\pdf995\*.txt NO SUCH FILE Filter: *.txt
7896 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users\Application Data\pdf995 SUCCESS
7898 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users\Application Data\Symantec SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7899 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Application Data\Symantec\*.txt NO SUCH FILE Filter: *.txt
7900 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users\Application Data\Symantec SUCCESS
7902 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7903 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage\*.txt NO SUCH FILE Filter: *.txt
7904 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage SUCCESS
7906 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users\Desktop SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7907 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Desktop\* SUCCESS "Filter: *, 1: ."
7908 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Desktop SUCCESS "0: .., 1: AVG Anti-Spyware.lnk, 2: AVG Free.lnk, 3: BitTorrent.lnk, 4: Civilization 4.lnk, 5: DeductionPro 2006.lnk, 6: Dell Printer Supplies - Inkjet.lnk, 7: DivX Player.lnk, 8: Executive Software Diskeeper.lnk, 9: Freelancer.lnk, 10: Google Earth.lnk, 11: Medieval II Total War.lnk, 12: Mozilla Firefox.lnk, 13: Neverwinter Nights.lnk, 14: Oblivion.lnk, 15: QuickTime Player.lnk, 16: TES Construction Set (Oblivion).lnk, 17: The Sims 2.lnk, 18: Xfire.lnk"
7909 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Desktop NO MORE FILES
7910 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users\Desktop SUCCESS
7912 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users\Documents SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7913 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Documents\* SUCCESS "Filter: *, 1: ."
7914 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Documents SUCCESS "0: .., 1: desktop.ini, 2: My Music, 3: My Pictures, 4: My Videos"
7915 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Documents NO MORE FILES
7916 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users\Documents SUCCESS
7918 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users\Documents\My Music SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7919 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Documents\My Music\*.txt NO SUCH FILE Filter: *.txt
7920 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users\Documents\My Music SUCCESS
7922 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users\Documents\My Pictures SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7923 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Documents\My Pictures\*.txt NO SUCH FILE Filter: *.txt
7924 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users\Documents\My Pictures SUCCESS
7926 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users\Documents\My Videos SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7927 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Documents\My Videos\*.txt NO SUCH FILE Filter: *.txt
7928 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users\Documents\My Videos SUCCESS
7930 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users\Favorites SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7931 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Favorites\* SUCCESS "Filter: *, 1: ."
7932 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Favorites SUCCESS 0: ..
7933 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Favorites NO MORE FILES
7934 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users\Favorites SUCCESS
7936 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users\Start Menu SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7937 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Start Menu\* SUCCESS "Filter: *, 1: ."
7938 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Start Menu SUCCESS "0: .., 1: desktop.ini, 2: New Office Document.lnk, 3: Open Office Document.lnk, 4: Programs, 5: Set Program Access and Defaults.lnk, 6: Windows Catalog.lnk, 7: Windows Update.lnk"
7939 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Start Menu NO MORE FILES
7940 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users\Start Menu SUCCESS
7942 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users\Start Menu\Programs SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7943 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Start Menu\Programs\*.txt NO SUCH FILE Filter: *.txt
7944 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users\Start Menu\Programs SUCCESS
7946 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users\Templates SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7947 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Templates\* SUCCESS "Filter: *, 1: ."
7948 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Templates SUCCESS 0: ..
7949 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users\Templates NO MORE FILES
7950 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users\Templates SUCCESS
7952 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users.WINDOWS SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7953 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\* SUCCESS "Filter: *, 1: ."
7954 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS SUCCESS "0: .., 1: Application Data, 2: Desktop, 3: Documents, 4: DRM, 5: Favorites, 6: ntuser.dat, 7: ntuser.dat.LOG, 8: Start Menu, 9: Templates"
7955 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS NO MORE FILES
7956 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users.WINDOWS SUCCESS
7958 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users.WINDOWS\Application Data SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7959 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Application Data\* SUCCESS "Filter: *, 1: ."
7960 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Application Data SUCCESS "0: .., 1: Adobe, 2: Apple, 3: avg7, 4: CanonBJ, 5: desktop.ini, 6: Diskeeper Corporation, 7: Google, 8: great coal love default, 9: Grisoft, 10: InstallShield, 11: Lavasoft, 12: MailFrontier, 13: Microsoft, 14: QTSBandwidthCache, 15: ScanSoft, 16: SimCity Societies, 17: Spybot - Search & Destroy, 18: Support.com, 19: Trymedia, 20: Windows Genuine Advantage"
7961 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Application Data NO MORE FILES
7962 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users.WINDOWS\Application Data SUCCESS
7964 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7965 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe\*.txt NO SUCH FILE Filter: *.txt
7966 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe SUCCESS
7968 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7969 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple\*.txt NO SUCH FILE Filter: *.txt
7970 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple SUCCESS
7972 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users.WINDOWS\Application Data\avg7 SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7973 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Application Data\avg7\*.txt NO SUCH FILE Filter: *.txt
7974 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users.WINDOWS\Application Data\avg7 SUCCESS
7976 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users.WINDOWS\Application Data\CanonBJ SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7977 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Application Data\CanonBJ\*.txt NO SUCH FILE Filter: *.txt
7978 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users.WINDOWS\Application Data\CanonBJ SUCCESS
7980 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users.WINDOWS\Application Data\Diskeeper Corporation SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7981 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Application Data\Diskeeper Corporation\*.txt NO SUCH FILE Filter: *.txt
7982 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users.WINDOWS\Application Data\Diskeeper Corporation SUCCESS
7984 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users.WINDOWS\Application Data\Google SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7985 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Application Data\Google\*.txt NO SUCH FILE Filter: *.txt
7986 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users.WINDOWS\Application Data\Google SUCCESS
7988 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users.WINDOWS\Application Data\great coal love default SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7989 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Application Data\great coal love default\*.txt NO SUCH FILE Filter: *.txt
7990 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users.WINDOWS\Application Data\great coal love default SUCCESS
7992 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7993 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft\*.txt NO SUCH FILE Filter: *.txt
7994 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft SUCCESS
7996 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users.WINDOWS\Application Data\InstallShield SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
7997 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Application Data\InstallShield\*.txt NO SUCH FILE Filter: *.txt
7998 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users.WINDOWS\Application Data\InstallShield SUCCESS
8000 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8001 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft\*.txt NO SUCH FILE Filter: *.txt
8002 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft SUCCESS
8004 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users.WINDOWS\Application Data\MailFrontier SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8005 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Application Data\MailFrontier\*.txt NO SUCH FILE Filter: *.txt
8006 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users.WINDOWS\Application Data\MailFrontier SUCCESS
8008 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8009 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\*.txt NO SUCH FILE Filter: *.txt
8010 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft SUCCESS
8012 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users.WINDOWS\Application Data\ScanSoft SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8013 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Application Data\ScanSoft\*.txt NO SUCH FILE Filter: *.txt
8014 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users.WINDOWS\Application Data\ScanSoft SUCCESS
8016 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users.WINDOWS\Application Data\SimCity Societies SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8017 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Application Data\SimCity Societies\*.txt NO SUCH FILE Filter: *.txt
8018 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users.WINDOWS\Application Data\SimCity Societies SUCCESS
8020 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8021 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\*.txt NO SUCH FILE Filter: *.txt
8022 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy SUCCESS
8024 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users.WINDOWS\Application Data\Support.com SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8025 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Application Data\Support.com\*.txt NO SUCH FILE Filter: *.txt
8026 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users.WINDOWS\Application Data\Support.com SUCCESS
8028 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users.WINDOWS\Application Data\Trymedia SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8029 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Application Data\Trymedia\*.txt NO SUCH FILE Filter: *.txt
8030 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users.WINDOWS\Application Data\Trymedia SUCCESS
8032 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users.WINDOWS\Application Data\Windows Genuine Advantage SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8033 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Application Data\Windows Genuine Advantage\*.txt NO SUCH FILE Filter: *.txt
8034 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users.WINDOWS\Application Data\Windows Genuine Advantage SUCCESS
8036 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users.WINDOWS\Desktop SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8037 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Desktop\* SUCCESS "Filter: *, 1: ."
8038 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Desktop SUCCESS "0: .., 1: ATMA V.lnk, 2: Executive Software Diskeeper.lnk, 3: hamachi.lnk, 4: Ventrilo.lnk, 5: X3 Reunion.lnk"
8039 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Desktop NO MORE FILES
8040 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users.WINDOWS\Desktop SUCCESS
8042 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users.WINDOWS\Documents SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8043 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Documents\* SUCCESS "Filter: *, 1: ."
8044 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Documents SUCCESS "0: .., 1: desktop.ini, 2: My Music, 3: My Pictures"
8045 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Documents NO MORE FILES
8046 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users.WINDOWS\Documents SUCCESS
8048 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users.WINDOWS\Documents\My Music SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8049 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Documents\My Music\*.txt NO SUCH FILE Filter: *.txt
8050 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users.WINDOWS\Documents\My Music SUCCESS
8052 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users.WINDOWS\Documents\My Pictures SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8053 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Documents\My Pictures\*.txt NO SUCH FILE Filter: *.txt
8054 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users.WINDOWS\Documents\My Pictures SUCCESS
8056 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users.WINDOWS\Favorites SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8057 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Favorites\* SUCCESS "Filter: *, 1: ."
8058 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Favorites SUCCESS 0: ..
8059 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Favorites NO MORE FILES
8060 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users.WINDOWS\Favorites SUCCESS
8062 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users.WINDOWS\Start Menu SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8063 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Start Menu\* SUCCESS "Filter: *, 1: ."
8064 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Start Menu SUCCESS "0: .., 1: desktop.ini, 2: New Office Document.lnk, 3: Open Office Document.lnk, 4: Programs, 5: Set Program Access and Defaults.lnk, 6: Windows Catalog.lnk, 7: Windows Update.lnk"
8065 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Start Menu NO MORE FILES
8066 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users.WINDOWS\Start Menu SUCCESS
8068 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8069 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\*.txt NO SUCH FILE Filter: *.txt
8070 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs SUCCESS
8072 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\All Users.WINDOWS\Templates SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8073 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Templates\* SUCCESS "Filter: *, 1: ."
8074 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Templates SUCCESS 0: ..
8075 11:02.7 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\All Users.WINDOWS\Templates NO MORE FILES
8076 11:02.7 Explorer.EXE 184 CloseFile C:\Documents and Settings\All Users.WINDOWS\Templates SUCCESS
8078 11:02.7 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8079 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\* SUCCESS "Filter: *, 1: ."
8080 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User SUCCESS "0: .., 1: Application Data, 2: Cookies, 3: Desktop, 4: Favorites, 5: Local Settings, 6: My Documents, 7: NetHood, 8: NTUSER.DAT, 9: ntuser.dat.LOG, 10: PrintHood, 11: Recent, 12: SendTo, 13: Start Menu, 14: Templates"
8081 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User NO MORE FILES
8082 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User SUCCESS
8084 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User\Application Data SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8085 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\Application Data\* SUCCESS "Filter: *, 1: ."
8086 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\Application Data SUCCESS "0: .., 1: desktop.ini, 2: Microsoft"
8087 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\Application Data NO MORE FILES
8088 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User\Application Data SUCCESS
8090 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User\Application Data\Microsoft SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8091 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\Application Data\Microsoft\*.txt NO SUCH FILE Filter: *.txt
8093 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User\Application Data\Microsoft SUCCESS
8095 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User\Cookies SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8096 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\Cookies\* SUCCESS "Filter: *, 1: ."
8097 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\Cookies SUCCESS "0: .., 1: index.dat"
8098 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\Cookies NO MORE FILES
8099 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User\Cookies SUCCESS
8101 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User\Desktop SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8102 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\Desktop\* SUCCESS "Filter: *, 1: ."
8103 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\Desktop SUCCESS 0: ..
8104 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\Desktop NO MORE FILES
8105 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User\Desktop SUCCESS
8107 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User\Favorites SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8108 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\Favorites\* SUCCESS "Filter: *, 1: ."
8109 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\Favorites SUCCESS 0: ..
8110 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\Favorites NO MORE FILES
8111 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User\Favorites SUCCESS
8113 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User\Local Settings SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8114 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\Local Settings\* SUCCESS "Filter: *, 1: ."
8115 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\Local Settings SUCCESS "0: .., 1: Application Data, 2: desktop.ini, 3: History, 4: Temp, 5: Temporary Internet Files"
8116 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\Local Settings NO MORE FILES
8117 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User\Local Settings SUCCESS
8119 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User\Local Settings\Application Data SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8120 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\Local Settings\Application Data\*.txt NO SUCH FILE Filter: *.txt
8121 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User\Local Settings\Application Data SUCCESS
8123 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User\Local Settings\History SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8124 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\Local Settings\History\*.txt NO SUCH FILE Filter: *.txt
8125 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User\Local Settings\History SUCCESS
8127 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User\Local Settings\Temp SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8128 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\Local Settings\Temp\*.txt NO SUCH FILE Filter: *.txt
8129 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User\Local Settings\Temp SUCCESS
8131 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8132 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\*.txt NO SUCH FILE Filter: *.txt
8133 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files SUCCESS
8135 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User\My Documents SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8136 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\My Documents\* SUCCESS "Filter: *, 1: ."
8137 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\My Documents SUCCESS 0: ..
8138 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\My Documents NO MORE FILES
8139 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User\My Documents SUCCESS
8141 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User\NetHood SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8142 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\NetHood\* SUCCESS "Filter: *, 1: ."
8143 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\NetHood SUCCESS 0: ..
8144 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\NetHood NO MORE FILES
8145 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User\NetHood SUCCESS
8147 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User\PrintHood SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8148 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\PrintHood\* SUCCESS "Filter: *, 1: ."
8149 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\PrintHood SUCCESS 0: ..
8150 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\PrintHood NO MORE FILES
8151 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User\PrintHood SUCCESS
8153 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User\Recent SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8154 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\Recent\* SUCCESS "Filter: *, 1: ."
8155 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\Recent SUCCESS 0: ..
8156 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\Recent NO MORE FILES
8157 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User\Recent SUCCESS
8159 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User\SendTo SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8160 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\SendTo\* SUCCESS "Filter: *, 1: ."
8162 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\SendTo SUCCESS "0: .., 1: Compressed (zipped) Folder.ZFSendToTarget, 2: Desktop (create shortcut).DeskLink, 3: desktop.ini, 4: Mail Recipient.MAPIMail"
8163 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\SendTo NO MORE FILES
8164 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User\SendTo SUCCESS
8166 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User\Start Menu SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8167 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\Start Menu\* SUCCESS "Filter: *, 1: ."
8168 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\Start Menu SUCCESS "0: .., 1: desktop.ini, 2: Programs"
8169 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\Start Menu NO MORE FILES
8170 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User\Start Menu SUCCESS
8172 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User\Start Menu\Programs SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8173 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\Start Menu\Programs\*.txt NO SUCH FILE Filter: *.txt
8174 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User\Start Menu\Programs SUCCESS
8176 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User\Templates SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8177 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\Templates\* SUCCESS "Filter: *, 1: ."
8179 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\Templates SUCCESS "0: .., 1: amipro.sam, 2: excel.xls, 3: excel4.xls, 4: lotus.wk4, 5: powerpnt.ppt, 6: presenta.shw, 7: quattro.wb2, 8: sndrec.wav, 9: winword.doc, 10: winword2.doc, 11: wordpfct.wpd, 12: wordpfct.wpg"
8180 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User\Templates NO MORE FILES
8181 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User\Templates SUCCESS
8183 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User.WINDOWS SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8184 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\* SUCCESS "Filter: *, 1: ."
8185 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS SUCCESS "0: .., 1: Application Data, 2: Cookies, 3: Desktop, 4: Favorites, 5: Local Settings, 6: My Documents, 7: NetHood, 8: NTUSER.DAT, 9: ntuser.dat.LOG, 10: PrintHood, 11: Recent, 12: SendTo, 13: Start Menu, 14: Templates"
8186 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS NO MORE FILES
8187 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User.WINDOWS SUCCESS
8189 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User.WINDOWS\Application Data SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8190 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\Application Data\* SUCCESS "Filter: *, 1: ."
8191 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\Application Data SUCCESS "0: .., 1: desktop.ini, 2: Microsoft"
8192 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\Application Data NO MORE FILES
8193 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User.WINDOWS\Application Data SUCCESS
8195 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User.WINDOWS\Application Data\Microsoft SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8196 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\Application Data\Microsoft\*.txt NO SUCH FILE Filter: *.txt
8197 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User.WINDOWS\Application Data\Microsoft SUCCESS
8199 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User.WINDOWS\Cookies SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8200 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\Cookies\* SUCCESS "Filter: *, 1: ."
8201 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\Cookies SUCCESS "0: .., 1: index.dat"
8202 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\Cookies NO MORE FILES
8203 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User.WINDOWS\Cookies SUCCESS
8205 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User.WINDOWS\Desktop SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8206 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\Desktop\* SUCCESS "Filter: *, 1: ."
8207 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\Desktop SUCCESS 0: ..
8208 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\Desktop NO MORE FILES
8209 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User.WINDOWS\Desktop SUCCESS
8211 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User.WINDOWS\Favorites SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8212 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\Favorites\* SUCCESS "Filter: *, 1: ."
8213 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\Favorites SUCCESS 0: ..
8214 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\Favorites NO MORE FILES
8215 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User.WINDOWS\Favorites SUCCESS
8217 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User.WINDOWS\Local Settings SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8218 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\Local Settings\* SUCCESS "Filter: *, 1: ."
8219 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\Local Settings SUCCESS "0: .., 1: Application Data, 2: desktop.ini, 3: History, 4: Temp, 5: Temporary Internet Files"
8220 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\Local Settings NO MORE FILES
8221 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User.WINDOWS\Local Settings SUCCESS
8223 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User.WINDOWS\Local Settings\Application Data SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8224 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\Local Settings\Application Data\*.txt NO SUCH FILE Filter: *.txt
8225 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User.WINDOWS\Local Settings\Application Data SUCCESS
8227 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User.WINDOWS\Local Settings\History SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8228 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\Local Settings\History\*.txt NO SUCH FILE Filter: *.txt
8229 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User.WINDOWS\Local Settings\History SUCCESS
8231 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User.WINDOWS\Local Settings\Temp SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8232 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\Local Settings\Temp\*.txt NO SUCH FILE Filter: *.txt
8233 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User.WINDOWS\Local Settings\Temp SUCCESS
8235 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User.WINDOWS\Local Settings\Temporary Internet Files SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8236 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\Local Settings\Temporary Internet Files\*.txt NO SUCH FILE Filter: *.txt
8237 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User.WINDOWS\Local Settings\Temporary Internet Files SUCCESS
8239 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User.WINDOWS\My Documents SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8240 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\My Documents\* SUCCESS "Filter: *, 1: ."
8241 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\My Documents SUCCESS 0: ..
8242 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\My Documents NO MORE FILES
8243 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User.WINDOWS\My Documents SUCCESS
8245 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User.WINDOWS\NetHood SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8246 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\NetHood\* SUCCESS "Filter: *, 1: ."
8247 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\NetHood SUCCESS 0: ..
8248 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\NetHood NO MORE FILES
8249 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User.WINDOWS\NetHood SUCCESS
8251 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User.WINDOWS\PrintHood SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8252 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\PrintHood\* SUCCESS "Filter: *, 1: ."
8253 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\PrintHood SUCCESS 0: ..
8254 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\PrintHood NO MORE FILES
8255 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User.WINDOWS\PrintHood SUCCESS
8257 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User.WINDOWS\Recent SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8258 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\Recent\* SUCCESS "Filter: *, 1: ."
8259 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\Recent SUCCESS 0: ..
8260 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\Recent NO MORE FILES
8261 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User.WINDOWS\Recent SUCCESS
8263 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User.WINDOWS\SendTo SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8264 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\SendTo\* SUCCESS "Filter: *, 1: ."
8266 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\SendTo SUCCESS "0: .., 1: Compressed (zipped) Folder.ZFSendToTarget, 2: Desktop (create shortcut).DeskLink, 3: desktop.ini, 4: Mail Recipient.MAPIMail"
8267 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\SendTo NO MORE FILES
8268 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User.WINDOWS\SendTo SUCCESS
8270 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User.WINDOWS\Start Menu SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8271 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\Start Menu\* SUCCESS "Filter: *, 1: ."
8272 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\Start Menu SUCCESS "0: .., 1: desktop.ini, 2: Programs"
8273 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\Start Menu NO MORE FILES
8274 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User.WINDOWS\Start Menu SUCCESS
8276 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User.WINDOWS\Start Menu\Programs SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8277 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\Start Menu\Programs\*.txt NO SUCH FILE Filter: *.txt
8278 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User.WINDOWS\Start Menu\Programs SUCCESS
8280 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Default User.WINDOWS\Templates SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8281 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\Templates\* SUCCESS "Filter: *, 1: ."
8283 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\Templates SUCCESS "0: .., 1: amipro.sam, 2: excel.xls, 3: excel4.xls, 4: lotus.wk4, 5: powerpnt.ppt, 6: presenta.shw, 7: quattro.wb2, 8: sndrec.wav, 9: winword.doc, 10: winword2.doc, 11: wordpfct.wpd, 12: wordpfct.wpg"
8284 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Default User.WINDOWS\Templates NO MORE FILES
8285 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Default User.WINDOWS\Templates SUCCESS
8287 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8288 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\* SUCCESS "Filter: *, 1: ."
8289 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA SUCCESS "0: .., 1: Application Data, 2: Cookies, 3: Desktop, 4: Favorites, 5: Local Settings, 6: My Documents, 7: NetHood, 8: NTUSER.DAT, 9: ntuser.dat.LOG, 10: ntuser.ini, 11: output.txt, 12: PrintHood, 13: Recent, 14: SendTo, 15: sfa.txt, 16: Start Menu, 17: Templates, 18: UserData, 19: win.test, 20: WINDOWS"
8290 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\output.txt SUCCESS "Desired Access: Read Attributes, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
8291 11:02.8 Explorer.EXE 184 ReadFile C:\$Directory SUCCESS "Offset: 12,689,408, Length: 4,096, I/O Flags: Non-cached, Paging I/O, Synchronous Paging I/O"
8292 11:02.8 Explorer.EXE 184 QueryCompressionInformationFile C:\Documents and Settings\Henry.HEJIA\output.txt SUCCESS
8293 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\output.txt SUCCESS
8295 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\sfa.txt SUCCESS "Desired Access: Read Attributes, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
8296 11:02.8 Explorer.EXE 184 QueryCompressionInformationFile C:\Documents and Settings\Henry.HEJIA\sfa.txt SUCCESS
8297 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\sfa.txt SUCCESS
8299 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA NO MORE FILES
8300 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA SUCCESS
8302 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Application Data SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8303 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data\* SUCCESS "Filter: *, 1: ."
8304 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data SUCCESS "0: .., 1: Adobe, 2: Apple Computer, 3: ATI, 4: AVG7, 5: Bioshock, 6: Canon, 7: CyberLink, 8: DAEMON Tools Pro, 9: desktop.ini, 10: DivX, 11: GetRightToGo, 12: Google, 13: Hamachi, 14: Help, 15: Identities, 16: Leadertech, 17: Macromedia, 18: Microsoft, 19: Microsoft Web Folders, 20: Mozilla, 21: My Games, 22: Real, 23: ScanSoft, 24: SecuROM, 25: Sonic, 26: Sun, 27: Talkback, 28: U3, 29: uTorrent, 30: Ventrilo, 31: vlc, 32: WinRAR"
8305 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data NO MORE FILES
8306 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Application Data SUCCESS
8308 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Application Data\Adobe SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8309 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data\Adobe\*.txt NO SUCH FILE Filter: *.txt
8310 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Application Data\Adobe SUCCESS
8312 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Application Data\Apple Computer SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8313 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data\Apple Computer\*.txt NO SUCH FILE Filter: *.txt
8314 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Application Data\Apple Computer SUCCESS
8316 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Application Data\ATI SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8317 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data\ATI\*.txt NO SUCH FILE Filter: *.txt
8318 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Application Data\ATI SUCCESS
8320 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Application Data\AVG7 SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8321 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data\AVG7\*.txt NO SUCH FILE Filter: *.txt
8322 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Application Data\AVG7 SUCCESS
8324 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Application Data\Bioshock SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8325 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data\Bioshock\*.txt NO SUCH FILE Filter: *.txt
8326 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Application Data\Bioshock SUCCESS
8328 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Application Data\Canon SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8329 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data\Canon\*.txt NO SUCH FILE Filter: *.txt
8330 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Application Data\Canon SUCCESS
8332 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Application Data\CyberLink SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8333 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data\CyberLink\*.txt NO SUCH FILE Filter: *.txt
8334 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Application Data\CyberLink SUCCESS
8336 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Application Data\DAEMON Tools Pro SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8337 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data\DAEMON Tools Pro\*.txt NO SUCH FILE Filter: *.txt
8338 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Application Data\DAEMON Tools Pro SUCCESS
8340 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Application Data\DivX SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8341 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data\DivX\*.txt NO SUCH FILE Filter: *.txt
8342 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Application Data\DivX SUCCESS
8344 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Application Data\GetRightToGo SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8345 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data\GetRightToGo\*.txt NO SUCH FILE Filter: *.txt
8347 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Application Data\GetRightToGo SUCCESS
8349 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Application Data\Google SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8350 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data\Google\*.txt NO SUCH FILE Filter: *.txt
8351 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Application Data\Google SUCCESS
8353 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Application Data\Hamachi SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8354 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data\Hamachi\*.txt NO SUCH FILE Filter: *.txt
8355 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Application Data\Hamachi SUCCESS
8357 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Application Data\Help SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8358 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data\Help\*.txt NO SUCH FILE Filter: *.txt
8359 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Application Data\Help SUCCESS
8361 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Application Data\Identities SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8362 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data\Identities\*.txt NO SUCH FILE Filter: *.txt
8363 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Application Data\Identities SUCCESS
8365 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Application Data\Leadertech SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8366 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data\Leadertech\*.txt NO SUCH FILE Filter: *.txt
8367 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Application Data\Leadertech SUCCESS
8369 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Application Data\Macromedia SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8370 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data\Macromedia\*.txt NO SUCH FILE Filter: *.txt
8371 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Application Data\Macromedia SUCCESS
8373 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Application Data\Microsoft SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8374 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data\Microsoft\*.txt NO SUCH FILE Filter: *.txt
8375 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Application Data\Microsoft SUCCESS
8377 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Application Data\Microsoft Web Folders SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8378 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data\Microsoft Web Folders\*.txt NO SUCH FILE Filter: *.txt
8379 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Application Data\Microsoft Web Folders SUCCESS
8381 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Application Data\Mozilla SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8382 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data\Mozilla\*.txt NO SUCH FILE Filter: *.txt
8383 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Application Data\Mozilla SUCCESS
8385 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Application Data\My Games SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8386 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data\My Games\*.txt NO SUCH FILE Filter: *.txt
8387 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Application Data\My Games SUCCESS
8389 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Application Data\Real SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8390 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data\Real\*.txt NO SUCH FILE Filter: *.txt
8391 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Application Data\Real SUCCESS
8393 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Application Data\ScanSoft SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8394 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data\ScanSoft\*.txt NO SUCH FILE Filter: *.txt
8395 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Application Data\ScanSoft SUCCESS
8397 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Application Data\SecuROM SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8398 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data\SecuROM\*.txt NO SUCH FILE Filter: *.txt
8399 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Application Data\SecuROM SUCCESS
8401 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Application Data\Sonic SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8402 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data\Sonic\*.txt NO SUCH FILE Filter: *.txt
8403 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Application Data\Sonic SUCCESS
8405 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Application Data\Sun SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8406 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data\Sun\*.txt NO SUCH FILE Filter: *.txt
8407 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Application Data\Sun SUCCESS
8409 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Application Data\Talkback SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8410 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data\Talkback\*.txt NO SUCH FILE Filter: *.txt
8411 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Application Data\Talkback SUCCESS
8413 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Application Data\U3 SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8414 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data\U3\*.txt NO SUCH FILE Filter: *.txt
8415 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Application Data\U3 SUCCESS
8417 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Application Data\uTorrent SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8418 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data\uTorrent\*.txt NO SUCH FILE Filter: *.txt
8420 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Application Data\uTorrent SUCCESS
8422 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Application Data\Ventrilo SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8423 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data\Ventrilo\*.txt NO SUCH FILE Filter: *.txt
8424 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Application Data\Ventrilo SUCCESS
8426 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Application Data\vlc SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8427 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data\vlc\*.txt NO SUCH FILE Filter: *.txt
8428 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Application Data\vlc SUCCESS
8430 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Application Data\WinRAR SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8431 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Application Data\WinRAR\*.txt NO SUCH FILE Filter: *.txt
8432 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Application Data\WinRAR SUCCESS
8434 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Desktop SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8435 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Desktop\* SUCCESS "Filter: *, 1: ."
8436 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Desktop SUCCESS "0: .., 1: Connection.lnk, 2: Diablo II.lnk, 3: Freespace 2.lnk, 4: Homeworld2.lnk, 5: Internet Explorer.lnk, 6: Microsoft Word.lnk, 7: Mozilla Firefox.lnk, 8: Warcraft III The Frozen Throne.lnk, 9: WC3Banlist.lnk, 10: ?æTorrent.lnk"
8437 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Desktop NO MORE FILES
8438 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Desktop SUCCESS
8440 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Favorites SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8441 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Favorites\* SUCCESS "Filter: *, 1: ."
8442 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Favorites SUCCESS "0: .., 1: Desktop.ini, 2: Diablo 2 Forums - Powered by vBulletin.url, 3: DotA Allstars Discussion (Powered by Invision Power Board).url, 4: DXD League Forums.url, 5: Freewebs - xdeathfire.url, 6: Image hosting, free photo sharing & video sharing at Photobucket.url, 7: isoHunt - World's largest BitTorrent and P2P search engine.url, 8: Main Page - Wikipedia, the free encyclopedia.url, 9: SCI FI FORUMS - Stargate Atlantis.url, 10: Spanish Verb Conjugations.url, 11: The Arreat Summit - News.url, 12: The Guild - Powered by vBulletin.url, 13: Video Game Cheats - Video Game Reviews - Video Game Codes - Video Game Web Site - GameFAQs.url, 14: Weapon Speed Calculator.url, 15: Yahoo! Mail - The best web-based email!.url, 16: YouTube - Broadcast Yourself..url"
8443 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Favorites NO MORE FILES
8444 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Favorites SUCCESS
8446 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Local Settings SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8447 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Local Settings\* SUCCESS "Filter: *, 1: ."
8448 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Local Settings SUCCESS "0: .., 1: Application Data, 2: Apps, 3: desktop.ini, 4: History, 5: Temp, 6: Temporary Internet Files"
8449 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Local Settings NO MORE FILES
8450 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Local Settings SUCCESS
8452 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Local Settings\Application Data SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8453 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Local Settings\Application Data\*.txt NO SUCH FILE Filter: *.txt
8454 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Local Settings\Application Data SUCCESS
8456 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Local Settings\Apps SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8457 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Local Settings\Apps\*.txt NO SUCH FILE Filter: *.txt
8458 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Local Settings\Apps SUCCESS
8460 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Local Settings\Temp SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8461 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Local Settings\Temp\*.txt SUCCESS "Filter: *.txt, 1: wecerr.txt"
8462 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\Local Settings\Temp\wecerr.txt SUCCESS "Desired Access: Read Attributes, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
8463 11:02.8 Explorer.EXE 184 QueryCompressionInformationFile C:\Documents and Settings\Henry.HEJIA\Local Settings\Temp\wecerr.txt SUCCESS
8464 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Local Settings\Temp\wecerr.txt SUCCESS
8466 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\Local Settings\Temp NO MORE FILES
8467 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\Local Settings\Temp SUCCESS
8469 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\My Documents SUCCESS "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
8470 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\My Documents\* SUCCESS "Filter: *, 1: ."
8471 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\My Documents SUCCESS "0: .., 1: 1850-1920 chart.doc, 2: 2008%20Concerto%20Competition%20Letter.pdf, 3: 411 model.doc, 4: Act II Crucible.doc, 5: Act III Crucible.doc, 6: AP Essay Outline.doc, 7: Baal Scores.txt, 8: Bible Allusion.doc, 9: Bill Clinton Speech Essay.doc, 10: Billy Budd Critical Approaches.doc, 11: bio220labsupl_stud_revisedFall2007.doc, 12: Calc.doc, 13: Concerto Order Reference Number.doc, 14: cover letter.doc, 15: Crucible Discussion.doc, 16: Dear Dr.doc-germino.doc, 17: desktop.ini, 18: Early Republic Political Parties.doc, 19: Egosoft, 20: Engineering Vocab.doc, 21: English Argument Essays Assignment.doc, 22: English Free Response.doc, 23: FBLA officer speech.doc, 24: Final Works Cited.doc, 25: Flavie, 26: Henry Resume.doc, 27: Henry Wang 21.doc, 28: Hopkins Application.doc"
8472 11:02.8 Explorer.EXE 184 CreateFile C:\Documents and Settings\Henry.HEJIA\My Documents\Baal Scores.txt SUCCESS "Desired Access: Read Attributes, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
8473 11:02.8 Explorer.EXE 184 QueryCompressionInformationFile C:\Documents and Settings\Henry.HEJIA\My Documents\Baal Scores.txt SUCCESS
8474 11:02.8 Explorer.EXE 184 CloseFile C:\Documents and Settings\Henry.HEJIA\My Documents\Baal Scores.txt SUCCESS
8476 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\My Documents SUCCESS "0: Memoir.doc, 1: Mod Readme, 2: MODEL.doc, 3: My Music, 4: My Pictures, 5: My PSP8 Files, 6: My Videos, 7: Nature Meditation.doc, 8: Newtons Second Law.doc, 9: NHS officer speech.doc, 10: Noticias Diarias.doc, 11: Outline.doc, 12: Precis 1.doc, 13: Precis 2.doc, 14: procmon.chm, 15: Procmon.exe, 16: Research Paper.doc, 17: Shooting an Elephant.doc, 18: Spanish Card.doc, 19: Spanish December.doc, 20: Spanish essay.doc, 21: Spanish February.doc, 22: Spanish January.doc, 23: Spanish.doc, 24: sparknotes format.doc, 25: Speech Analysis, 26: Speech.doc, 27: Thumbs.db, 28: Trade List.doc, 29: Tries to show that neither pure good or pure evil could exist.doc, 30: Type I Projectile.doc"
8477 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\My Documents SUCCESS "0: Uniform Motion.doc, 1: US Questions Chp 21.doc, 2: US UNIT 1.doc, 3: US UNIT 2.doc, 4: US UNIT 3.doc, 5: US UNIT 4.doc, 6: US UNIT 5.doc, 7: US UNIT 6.doc, 8: US UNIT 7 1.doc, 9: US UNIT 7 2.doc, 10: US UNIT 7 3.doc, 11: US UNIT 7 4.doc, 12: US UNIT 7.doc, 13: US UNIT 8 1.doc, 14: US UNIT 8 2.doc, 15: US UNIT 9 1.doc, 16: What is An American Speech Analysis.doc, 17: What is an American Speech by Harold Ickes.doc, 18: Why didn.doc, 19: X3-Handbook-2.pdf, 20: ~$anish Card.doc, 21: ~$nry Resume.doc, 22: ~$ver letter.doc, 23: ~WRL0001.tmp, 24: ~WRL0002.tmp, 25: ~WRL0003.tmp, 26: ~WRL0004.tmp, 27: ~WRL0005.tmp, 28: ~WRL0006.tmp, 29: ~WRL0007.tmp, 30: ~WRL0008.tmp, 31: ~WRL0009.tmp"
8478 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\My Documents SUCCESS "0: ~WRL0010.tmp, 1: ~WRL0011.tmp, 2: ~WRL0014.tmp, 3: ~WRL0025.tmp, 4: ~WRL0026.tmp, 5: ~WRL0027.tmp, 6: ~WRL0031.tmp, 7: ~WRL0064.tmp, 8: ~WRL0082.tmp, 9: ~WRL0085.tmp, 10: ~WRL0098.tmp, 11: ~WRL0133.tmp, 12: ~WRL0159.tmp, 13: ~WRL0176.tmp, 14: ~WRL0208.tmp, 15: ~WRL0209.tmp, 16: ~WRL0224.tmp, 17: ~WRL0261.tmp, 18: ~WRL0272.tmp, 19: ~WRL0295.tmp, 20: ~WRL0345.tmp, 21: ~WRL0356.tmp, 22: ~WRL0368.tmp, 23: ~WRL0391.tmp, 24: ~WRL0413.tmp, 25: ~WRL0435.tmp, 26: ~WRL0436.tmp, 27: ~WRL0474.tmp, 28: ~WRL0491.tmp, 29: ~WRL0535.tmp, 30: ~WRL0580.tmp, 31: ~WRL0591.tmp, 32: ~WRL0606.tmp, 33: ~WRL0621.tmp"
8479 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\My Documents SUCCESS "0: ~WRL0651.tmp, 1: ~WRL0675.tmp, 2: ~WRL0681.tmp, 3: ~WRL0701.tmp, 4: ~WRL0707.tmp, 5: ~WRL0736.tmp, 6: ~WRL0737.tmp, 7: ~WRL0738.tmp, 8: ~WRL0743.tmp, 9: ~WRL0785.tmp, 10: ~WRL0822.tmp, 11: ~WRL0845.tmp, 12: ~WRL0858.tmp, 13: ~WRL0860.tmp, 14: ~WRL0873.tmp, 15: ~WRL0898.tmp, 16: ~WRL0948.tmp, 17: ~WRL0972.tmp, 18: ~WRL0987.tmp, 19: ~WRL1008.tmp, 20: ~WRL1026.tmp, 21: ~WRL1036.tmp, 22: ~WRL1061.tmp, 23: ~WRL1090.tmp, 24: ~WRL1119.tmp, 25: ~WRL1134.tmp, 26: ~WRL1208.tmp, 27: ~WRL1244.tmp, 28: ~WRL1245.tmp, 29: ~WRL1264.tmp, 30: ~WRL1301.tmp, 31: ~WRL1304.tmp, 32: ~WRL1322.tmp, 33: ~WRL1417.tmp"
8480 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\My Documents SUCCESS "0: ~WRL1425.tmp, 1: ~WRL1437.tmp, 2: ~WRL1458.tmp, 3: ~WRL1462.tmp, 4: ~WRL1496.tmp, 5: ~WRL1513.tmp, 6: ~WRL1534.tmp, 7: ~WRL1557.tmp, 8: ~WRL1579.tmp, 9: ~WRL1582.tmp, 10: ~WRL1583.tmp, 11: ~WRL1595.tmp, 12: ~WRL1630.tmp, 13: ~WRL1636.tmp, 14: ~WRL1641.tmp, 15: ~WRL1684.tmp, 16: ~WRL1685.tmp, 17: ~WRL1711.tmp, 18: ~WRL1724.tmp, 19: ~WRL1737.tmp, 20: ~WRL1757.tmp, 21: ~WRL1774.tmp, 22: ~WRL1788.tmp, 23: ~WRL1811.tmp, 24: ~WRL1821.tmp, 25: ~WRL1838.tmp, 26: ~WRL1856.tmp, 27: ~WRL1859.tmp, 28: ~WRL1885.tmp, 29: ~WRL1948.tmp, 30: ~WRL1958.tmp, 31: ~WRL1960.tmp, 32: ~WRL1979.tmp, 33: ~WRL1980.tmp"
8481 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\My Documents SUCCESS "0: ~WRL2003.tmp, 1: ~WRL2005.tmp, 2: ~WRL2055.tmp, 3: ~WRL2056.tmp, 4: ~WRL2095.tmp, 5: ~WRL2102.tmp, 6: ~WRL2103.tmp, 7: ~WRL2120.tmp, 8: ~WRL2169.tmp, 9: ~WRL2172.tmp, 10: ~WRL2174.tmp, 11: ~WRL2189.tmp, 12: ~WRL2237.tmp, 13: ~WRL2256.tmp, 14: ~WRL2260.tmp, 15: ~WRL2269.tmp, 16: ~WRL2270.tmp, 17: ~WRL2274.tmp, 18: ~WRL2366.tmp, 19: ~WRL2371.tmp, 20: ~WRL2372.tmp, 21: ~WRL2373.tmp, 22: ~WRL2415.tmp, 23: ~WRL2440.tmp, 24: ~WRL2470.tmp, 25: ~WRL2476.tmp, 26: ~WRL2484.tmp, 27: ~WRL2495.tmp, 28: ~WRL2507.tmp, 29: ~WRL2508.tmp, 30: ~WRL2545.tmp, 31: ~WRL2554.tmp, 32: ~WRL2574.tmp, 33: ~WRL2584.tmp"
8482 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\My Documents SUCCESS "0: ~WRL2614.tmp, 1: ~WRL2629.tmp, 2: ~WRL2641.tmp, 3: ~WRL2708.tmp, 4: ~WRL2730.tmp, 5: ~WRL2738.tmp, 6: ~WRL2785.tmp, 7: ~WRL2819.tmp, 8: ~WRL2834.tmp, 9: ~WRL2841.tmp, 10: ~WRL2864.tmp, 11: ~WRL2888.tmp, 12: ~WRL2910.tmp, 13: ~WRL2928.tmp, 14: ~WRL2983.tmp, 15: ~WRL3012.tmp, 16: ~WRL3031.tmp, 17: ~WRL3051.tmp, 18: ~WRL3055.tmp, 19: ~WRL3070.tmp, 20: ~WRL3101.tmp, 21: ~WRL3143.tmp, 22: ~WRL3159.tmp, 23: ~WRL3175.tmp, 24: ~WRL3191.tmp, 25: ~WRL3208.tmp, 26: ~WRL3212.tmp, 27: ~WRL3221.tmp, 28: ~WRL3259.tmp, 29: ~WRL3260.tmp, 30: ~WRL3277.tmp, 31: ~WRL3313.tmp, 32: ~WRL3370.tmp, 33: ~WRL3380.tmp"
8483 11:02.8 Explorer.EXE 184 QueryDirectory C:\Documents and Settings\Henry.HEJIA\My Documents SUCCESS "0: ~WRL3390.tmp, 1: ~WRL3392.tmp, 2: ~WRL3398.tmp, 3: ~WRL3409.tmp, 4: ~WRL3412.tmp, 5: ~WRL3416.tmp, 6: ~WRL3432.tmp, 7: ~WRL3454.tmp, 8: ~WRL3466.tmp, 9: ~WRL3491.tmp, 10: ~WRL3493.tmp, 11: ~WRL3541.tmp, 12: ~WRL3543.tmp, 13: ~WRL3566.tmp, 14: ~WRL3576.tmp, 15: ~WRL3585.tmp, 16: ~WRL3588.tmp, 17: ~WRL3596.tmp, 18: ~WRL3610.tmp, 19: ~WRL3620.tmp, 20: ~WRL3621.tmp, 21: ~WRL3629.tmp, 22: ~WRL3645.tmp, 23: ~WRL3666.tmp, 24: ~WRL3722.tmp, 25: ~WRL3735.tmp, 26: ~WRL3751.tmp, 27: ~WRL3812.tmp, 28: ~WRL3814.tmp, 29: ~WRL3819.tmp, 30: ~WRL3825.tmp, 31: ~WRL3835.tmp, 32: ~WRL3850.tmp, 33: ~WRL3872.tmp"

It goes on for quite a while too. So what do you guys make of this?

[Ramses II CP]

rotfl, that's great, really too much semi-personal information in there.

Did you hand delete NWNs instead of using the uninstaller? Still play some Freelancer? Is your name Henry? Do you own a Canon camera? Having a little trouble with your Spanish verb conjugation?

Okay, sorry about that, I'm no expert and I know that format is virtually unrecognizeable as real data if you aren't used to it, but you can safely edit out all those 'success' entries I believe. Are there more access failures than those first few related to NWNs? Seems like a rather innocent error to cause your system to blink and crash on you.

edit: Err, I should make it clear that if you want my post edited or deleted to remove any of that information I can do it or feel free to ask the forum admin to do so. Just trying to point out that you should go through those logs before throwing them up in public. Nothing nasty or damaging in your log that I saw, otherwise I'd've pm'd you.

[TevashSzat]

Ehh, I saw everything there I didn't really mind as there wasn't anything that personal there, but anyways stuff like that continually comes up forever seemingly while the my computer window is frozen

It may be of interest that most of those things ie NWN and Freelancer is uninstalled and has been for a few months or even a year or two so I don't know...

[Lemur]

I've got no problem with people voluntarily losing some of their anonymity. As long as we aren't giving out phone numbers and home addresses, I think we're okay.

What do you kids think, is it okay if people give out their IP? Or should I erase such references, to protect teh children?

[TevashSzat]

I've got no problem with people voluntarily losing some of their anonymity. As long as we aren't giving out phone numbers and home addresses, I think we're okay.

What do you kids think, is it okay if people give out their IP? Or should I erase such references, to protect teh children?

Well seeing as a great majority of people have dynamic ips, does that really matter alot?

[LeftEyeNine]

Well seeing as a great majority of people have dynamic ips..

We can't make sure.

Also we can't be sure of the awareness of the owner of the IP about what harm can be possible when his/her IP is given out.