API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 16th, 2016
98
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.75 KB | None | 0 0
raw download clone embed print report
  1. "Time of Day","Process Name","PID","Operation","Path","Result","Detail"
  2. "2:54:23.4611003 PM","svchost.exe","432","CreateFile","G:","SUCCESS","Desired Access: Read Attributes, Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  3. "2:54:23.4611370 PM","svchost.exe","432","QueryInformationVolume","G:","SUCCESS","VolumeCreationTime: 0, VolumeSerialNumber: FFFF-FFFF, SupportsObjects: False, VolumeLabel: "
  4. "2:54:23.4611690 PM","svchost.exe","432","CloseFile","G:","SUCCESS",""
  5. "2:54:23.4612347 PM","svchost.exe","8","CreateFile","G:","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, Impersonating: NT AUTHORITY\SYSTEM, OpenResult: Opened"
  6. "2:54:23.4615979 PM","svchost.exe","8","QueryDeviceRelations","G:","SUCCESS",""
  7. "2:54:23.4617494 PM","svchost.exe","8","CreateFile","G:\","INVALID PARAMETER","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: None, AllocationSize: n/a, Impersonating: NT AUTHORITY\SYSTEM"
  8. "2:54:23.4617939 PM","svchost.exe","8","CreateFile","G:","SUCCESS","Desired Access: Execute/Traverse, Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, Impersonating: NT AUTHORITY\SYSTEM, OpenResult: Opened"
  9. "2:54:23.4618265 PM","svchost.exe","8","FileSystemControl","G:","NO MEDIA","Control: FSCTL_QUERY_FILE_SYSTEM_RECOGNITION"
  10. "2:54:23.4630363 PM","svchost.exe","8","CloseFile","G:","SUCCESS",""
  11. "2:54:23.4630827 PM","svchost.exe","8","CloseFile","G:","SUCCESS",""
  12. "2:54:23.7713204 PM","svchost.exe","432","CreateFile","G:","SUCCESS","Desired Access: Read Attributes, Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  13. "2:54:23.7713462 PM","Explorer.EXE","3560","CreateFile","G:","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  14. "2:54:23.7713764 PM","svchost.exe","432","QueryInformationVolume","G:","SUCCESS","VolumeCreationTime: 0, VolumeSerialNumber: FFFF-FFFF, SupportsObjects: False, VolumeLabel: "
  15. "2:54:23.7713841 PM","Explorer.EXE","3560","FileSystemControl","G:","INVALID PARAMETER","Control: FSCTL_IS_VOLUME_DIRTY"
  16. "2:54:23.7714025 PM","Explorer.EXE","3560","CloseFile","G:","SUCCESS",""
  17. "2:54:23.7714041 PM","svchost.exe","432","CloseFile","G:","SUCCESS",""
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!