API tools faq
paste
Advertisement
Guest User

Conduit Search Protect

a guest
Oct 14th, 2014
716
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 338.53 KB | None | 0 0
raw download clone embed print report
  1. "Time of Day","Process Name","PID","Operation","Path","Result","Detail"
  2. "12:56:24,8067318","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\Prefetch\SP-DOWNLOADER.EXE-293A46B0.pf","NAME NOT FOUND","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: None, AllocationSize: n/a"
  3. "12:56:24,8085125","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  4. "12:56:24,8135098","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\imm32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  5. "12:56:24,8145940","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\imm32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  6. "12:56:24,8155190","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\imm32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  7. "12:56:24,8196592","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\shell32.dll","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  8. "12:56:24,8198276","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\SHELL32.dll.124.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  9. "12:56:24,8204526","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\SHELL32.dll.124.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  10. "12:56:24,8650063","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  11. "12:56:24,8742374","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  12. "12:56:24,8749492","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  13. "12:56:24,8771363","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\WindowsShell.Manifest","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  14. "12:56:24,8777347","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\WindowsShell.Manifest","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  15. "12:56:24,8781024","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\WindowsShell.Manifest","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  16. "12:56:24,8782429","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\WindowsShell.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  17. "12:56:24,8846046","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\sp-downloader.exe","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  18. "12:56:24,8851474","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\sp-downloader.exe.124.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  19. "12:56:24,8869437","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\comctl32.dll","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  20. "12:56:24,8871736","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\COMCTL32.dll.124.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  21. "12:56:24,8872714","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\COMCTL32.dll.124.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  22. "12:56:24,8899589","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\rpcss.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  23. "12:56:24,8910736","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\uxtheme.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  24. "12:56:24,8916549","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\uxtheme.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  25. "12:56:24,8954630","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\MSCTF.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  26. "12:56:24,8960234","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\MSCTF.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  27. "12:56:24,8983591","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\shfolder.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  28. "12:56:24,9023918","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\setupapi.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  29. "12:56:24,9141759","sp-downloader.exe","2892","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  30. "12:56:24,9176753","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  31. "12:56:24,9179977","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  32. "12:56:24,9184407","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  33. "12:56:24,9190936","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  34. "12:56:24,9193685","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsb5C.tmp","SUCCESS","Desired Access: Generic Read, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: None, AllocationSize: 0, OpenResult: Created"
  35. "12:56:24,9201692","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsb5C.tmp","SUCCESS","Desired Access: Read Attributes, Delete, Disposition: Open, Options: Non-Directory File, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  36. "12:56:24,9209327","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\sp-downloader.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  37. "12:56:24,9534566","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsv5D.tmp","SUCCESS","Desired Access: Generic Read, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: None, AllocationSize: 0, OpenResult: Created"
  38. "12:56:24,9553052","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsv5D.tmp","SUCCESS","Desired Access: Generic Read/Write, Delete, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Delete On Close, Attributes: T, ShareMode: None, AllocationSize: 0, OpenResult: Overwritten"
  39. "12:56:24,9555494","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  40. "12:56:24,9634638","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp","SUCCESS","Desired Access: Generic Read, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: None, AllocationSize: 0, OpenResult: Created"
  41. "12:56:24,9640152","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  42. "12:56:24,9643382","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp","SUCCESS","Desired Access: Read Attributes, Delete, Disposition: Open, Options: Non-Directory File, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  43. "12:56:24,9652296","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  44. "12:56:24,9653517","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  45. "12:56:24,9657392","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  46. "12:56:24,9659222","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  47. "12:56:24,9661527","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Created"
  48. "12:56:24,9668542","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  49. "12:56:24,9683049","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  50. "12:56:24,9691617","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  51. "12:56:24,9706831","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  52. "12:56:24,9784408","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  53. "12:56:24,9787459","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  54. "12:56:24,9802369","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  55. "12:56:24,9813448","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  56. "12:56:24,9825098","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  57. "12:56:24,9830160","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  58. "12:56:24,9848821","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  59. "12:56:24,9861390","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  60. "12:56:24,9866128","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  61. "12:56:24,9878741","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  62. "12:56:24,9892221","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  63. "12:56:24,9898043","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  64. "12:56:24,9909642","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  65. "12:56:24,9921135","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  66. "12:56:24,9926317","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  67. "12:56:24,9932771","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  68. "12:56:24,9933952","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  69. "12:56:24,9937450","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  70. "12:56:24,9939271","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  71. "12:56:24,9943378","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  72. "12:56:24,9945736","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  73. "12:56:24,9956232","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  74. "12:56:24,9967563","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  75. "12:56:24,9974823","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  76. "12:56:24,9979975","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  77. "12:56:25,0019857","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\MiniStubUtils.dll","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  78. "12:56:25,0220503","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\MiniStubUtils.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  79. "12:56:25,0228065","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\MiniStubUtils.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  80. "12:56:25,0238999","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\MiniStubUtils.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  81. "12:56:25,0712442","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\MiniStubUtils.dll.2.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  82. "12:56:25,0713853","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\MiniStubUtils.dll.2.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  83. "12:56:25,0735758","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\MiniStubUtils.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  84. "12:56:25,0742577","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\winlogon.exe","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  85. "12:56:25,0763815","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\xpsp2res.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  86. "12:56:25,0778174","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\clbcatq.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  87. "12:56:25,0786890","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\comres.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  88. "12:56:25,0938340","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\Registration\R000000000007.clb","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  89. "12:56:25,0972238","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\wbem\wbemprox.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  90. "12:56:25,0984150","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\wbem\wbemprox.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  91. "12:56:25,1007955","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\wbem\wbemcomn.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  92. "12:56:25,1020032","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\ws2_32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  93. "12:56:25,1044884","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\ws2help.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  94. "12:56:25,1240029","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\wbem\wbemsvc.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  95. "12:56:25,1259987","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\wbem\wbemsvc.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  96. "12:56:25,1714338","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\wbem\fastprox.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  97. "12:56:25,1724582","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\wbem\fastprox.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  98. "12:56:25,1746375","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\msvcp60.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  99. "12:56:25,1758746","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\ntdsapi.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  100. "12:56:25,1769110","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\dnsapi.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  101. "12:56:25,1799388","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\netapi32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  102. "12:56:26,3718185","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\rsaenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  103. "12:56:26,3738436","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\rsaenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  104. "12:56:26,3843857","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\rsaenh.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  105. "12:56:26,4551696","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\crypt32.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  106. "12:56:26,4595439","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\rsaenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  107. "12:56:26,4633709","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\rsaenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  108. "12:56:26,5584726","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  109. "12:56:26,5591900","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  110. "12:56:26,5605064","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  111. "12:56:26,5635588","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  112. "12:56:26,5641292","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  113. "12:56:26,5659331","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  114. "12:56:26,5673587","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  115. "12:56:26,5678479","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  116. "12:56:26,6359861","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\inetc.dll","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  117. "12:56:26,6416413","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\inetc.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  118. "12:56:26,6476907","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\inetc.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  119. "12:56:26,6510788","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\inetc.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  120. "12:56:26,7230707","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\urlmon.dll.123.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  121. "12:56:26,7231483","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\urlmon.dll.123.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  122. "12:56:26,7402522","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  123. "12:56:26,7537997","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\WININET.dll.123.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  124. "12:56:26,7538751","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\WININET.dll.123.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  125. "12:56:26,7641647","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  126. "12:56:26,7702350","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\MSCTFIME.IME","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  127. "12:56:26,7728345","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\MSCTFIME.IME","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  128. "12:56:26,7769429","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\MSCTFIME.IME","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  129. "12:56:26,7792775","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\MSCTFIME.IME","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  130. "12:56:26,7800055","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\MSCTFIME.IME","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  131. "12:56:26,7819164","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\MSCTFIME.IME","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  132. "12:56:26,7928625","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\MSIMTF.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  133. "12:56:26,7984643","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  134. "12:56:26,8004104","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\Content.IE5","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  135. "12:56:26,8279921","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Verlauf","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  136. "12:56:26,8290604","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Verlauf\History.IE5","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  137. "12:56:26,8327354","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\Content.IE5","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  138. "12:56:26,8328952","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\Content.IE5\index.dat","SUCCESS","Desired Access: Generic Read/Write, Disposition: OpenIf, Options: Synchronous IO Non-Alert, Non-Directory File, Random Access, Attributes: HSNCI, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Opened"
  139. "12:56:26,8332131","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Cookies","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  140. "12:56:26,8344625","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Cookies\index.dat","SUCCESS","Desired Access: Generic Read/Write, Disposition: OpenIf, Options: Synchronous IO Non-Alert, Non-Directory File, Random Access, Attributes: HSNCI, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Opened"
  141. "12:56:26,8347910","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Verlauf\History.IE5","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  142. "12:56:26,8359029","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Verlauf\History.IE5\index.dat","SUCCESS","Desired Access: Generic Read/Write, Disposition: OpenIf, Options: Synchronous IO Non-Alert, Non-Directory File, Random Access, Attributes: HSNCI, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Opened"
  143. "12:56:26,8362376","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\Content.IE5","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  144. "12:56:26,8365300","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Verlauf\History.IE5","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  145. "12:56:26,8480608","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\inet.txt1_M93A9B8DC-0F68-4BAB-A69F-A46303E00299","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  146. "12:56:26,8481547","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  147. "12:56:26,8507936","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\rasapi32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  148. "12:56:26,8516362","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\rasman.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  149. "12:56:26,8524505","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\tapi32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  150. "12:56:26,8550053","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\rtutils.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  151. "12:56:26,8557864","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\winmm.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  152. "12:56:26,8595564","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\tapi32.dll","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  153. "12:56:26,8599459","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\TAPI32.dll.124.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  154. "12:56:26,8602088","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\TAPI32.dll.124.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  155. "12:56:26,8675426","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  156. "12:56:26,8693490","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\msapsspc.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  157. "12:56:26,8704385","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\msvcrt40.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  158. "12:56:26,8740697","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\schannel.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  159. "12:56:26,8748316","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\crypt32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  160. "12:56:26,8755990","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\msasn1.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  161. "12:56:26,8790461","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\digest.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  162. "12:56:26,8827454","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\msnsspc.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  163. "12:56:26,8839710","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\msvcrt40.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  164. "12:56:26,9673570","sp-downloader.exe","2892","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  165. "12:56:26,9682686","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\msv1_0.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  166. "12:56:26,9689064","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\msv1_0.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  167. "12:56:26,9696861","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\cryptdll.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  168. "12:56:26,9705270","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\iphlpapi.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  169. "12:56:26,9743221","sp-downloader.exe","2892","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  170. "12:56:26,9744009","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  171. "12:56:26,9754480","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  172. "12:56:26,9755896","sp-downloader.exe","2892","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  173. "12:56:26,9756631","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  174. "12:56:26,9767758","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  175. "12:56:26,9773806","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Microsoft\Network\Connections\Pbk","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  176. "12:56:26,9784741","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\ras","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  177. "12:56:26,9835454","sp-downloader.exe","2892","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  178. "12:56:26,9837999","sp-downloader.exe","2892","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  179. "12:56:26,9838753","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  180. "12:56:26,9901951","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  181. "12:56:26,9903359","sp-downloader.exe","2892","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  182. "12:56:26,9909941","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  183. "12:56:26,9910709","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  184. "12:56:26,9936609","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\Network\Connections\Pbk\","PATH NOT FOUND","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
  185. "12:56:26,9942079","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\sensapi.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  186. "12:56:26,9974173","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\mswsock.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  187. "12:56:26,9995703","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\mswsock.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  188. "12:56:27,0045807","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\rasadhlp.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  189. "12:56:27,0785435","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\hnetcfg.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  190. "12:56:27,0804323","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\wshtcpip.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  191. "12:56:27,0810849","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\wshtcpip.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  192. "12:56:27,3057064","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  193. "12:56:27,3060928","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  194. "12:56:27,3064060","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\inet.txt1_M93A9B8DC-0F68-4BAB-A69F-A46303E00299","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  195. "12:56:27,3081274","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\inet.txt1_M93A9B8DC-0F68-4BAB-A69F-A46303E00299","SUCCESS","Desired Access: Read Attributes, Delete, Disposition: Open, Options: Non-Directory File, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  196. "12:56:27,3099427","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  197. "12:56:27,3108269","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  198. "12:56:27,3113303","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  199. "12:56:27,3336158","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  200. "12:56:27,3361148","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  201. "12:56:27,3370601","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  202. "12:56:27,3379706","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  203. "12:56:27,3389808","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  204. "12:56:27,3394607","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsa5F.tmp","SUCCESS","Desired Access: Generic Read, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: None, AllocationSize: 0, OpenResult: Created"
  205. "12:56:27,3407877","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  206. "12:56:27,3414501","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  207. "12:56:27,3422304","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  208. "12:56:27,3430020","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsa5F.tmp","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  209. "12:56:27,3437534","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsa5F.tmp","SUCCESS","Desired Access: Read Attributes, Delete, Disposition: Open, Options: Non-Directory File, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  210. "12:56:27,3465759","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  211. "12:56:27,3470745","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  212. "12:56:27,3480233","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  213. "12:56:27,3491698","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  214. "12:56:27,3497243","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  215. "12:56:27,3507105","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  216. "12:56:27,3517679","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  217. "12:56:27,3527786","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  218. "12:56:27,3533670","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  219. "12:56:27,3543478","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  220. "12:56:27,3558944","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  221. "12:56:27,3564204","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  222. "12:56:27,3574359","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  223. "12:56:27,3584584","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  224. "12:56:27,3590344","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  225. "12:56:27,3600888","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  226. "12:56:27,3612892","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  227. "12:56:27,3617664","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  228. "12:56:27,3627075","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  229. "12:56:27,3636842","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  230. "12:56:27,3647232","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nse60.tmp","SUCCESS","Desired Access: Generic Read, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: None, AllocationSize: 0, OpenResult: Created"
  231. "12:56:27,3661719","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\inetc.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  232. "12:56:27,3666985","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\inetc.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  233. "12:56:27,3682932","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\inetc.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  234. "12:56:27,3696324","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\inetc.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  235. "12:56:27,3752661","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\MSIMTF.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  236. "12:56:27,3772016","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nse60.tmp","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Overwritten"
  237. "12:56:27,3773214","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  238. "12:56:27,3786579","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\crypt32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  239. "12:56:27,3812848","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\msasn1.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  240. "12:56:27,3902817","sp-downloader.exe","2892","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  241. "12:56:27,3913634","sp-downloader.exe","2892","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  242. "12:56:27,3919121","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  243. "12:56:27,3926711","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  244. "12:56:27,3935791","sp-downloader.exe","2892","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  245. "12:56:27,3945216","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  246. "12:56:27,3951276","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  247. "12:56:27,3979866","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\Certificates","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  248. "12:56:27,3987442","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CRLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  249. "12:56:27,3994427","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CTLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  250. "12:56:27,4011610","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\wintrust.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  251. "12:56:27,4073881","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\schannel.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  252. "12:56:27,4709752","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  253. "12:56:27,4714043","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\Certificates","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  254. "12:56:27,4720513","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CRLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  255. "12:56:27,4737334","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CTLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  256. "12:56:27,4965852","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\dssenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  257. "12:56:27,4986008","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\dssenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  258. "12:56:27,5600547","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\dssenh.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  259. "12:56:27,5716986","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\dssenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  260. "12:56:27,5730061","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\dssenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  261. "12:56:27,7830727","sp-downloader.exe","2892","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  262. "12:56:27,7835244","sp-downloader.exe","2892","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  263. "12:56:27,7837907","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  264. "12:56:27,7841167","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  265. "12:56:27,7842804","sp-downloader.exe","2892","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  266. "12:56:27,7848154","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  267. "12:56:27,7852361","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  268. "12:56:27,7863882","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\Certificates","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  269. "12:56:27,7870782","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CRLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  270. "12:56:27,7876470","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CTLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  271. "12:56:27,8129349","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  272. "12:56:27,8134657","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\Certificates","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  273. "12:56:27,8141937","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CRLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  274. "12:56:27,8148281","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CTLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  275. "12:56:27,8224014","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\cryptnet.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  276. "12:56:27,8506978","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\psapi.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  277. "12:56:27,8517879","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\winhttp.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  278. "12:56:27,8650130","sp-downloader.exe","2892","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  279. "12:56:27,8665713","sp-downloader.exe","2892","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  280. "12:56:27,8667216","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  281. "12:56:27,8673792","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  282. "12:56:27,8678541","sp-downloader.exe","2892","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  283. "12:56:27,8681586","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  284. "12:56:27,8685084","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  285. "12:56:27,8690861","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\CryptnetUrlCache\MetaData\FB788E090BC1F3AA2FBC9E8FB2859601","NAME NOT FOUND","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a"
  286. "12:56:28,1825279","sp-downloader.exe","2892","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  287. "12:56:28,2090729","sp-downloader.exe","2892","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  288. "12:56:28,2106326","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  289. "12:56:28,2116330","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  290. "12:56:28,2128480","sp-downloader.exe","2892","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  291. "12:56:28,2131427","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  292. "12:56:28,2155176","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  293. "12:56:28,2930777","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\CryptnetUrlCache\MetaData\FB788E090BC1F3AA2FBC9E8FB2859601","SUCCESS","Desired Access: Generic Read/Write, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: S, ShareMode: None, AllocationSize: 0, OpenResult: Created"
  294. "12:56:28,2931222","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\CryptnetUrlCache\MetaData","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  295. "12:56:28,2996146","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\CryptnetUrlCache\Content\FB788E090BC1F3AA2FBC9E8FB2859601","SUCCESS","Desired Access: Generic Read/Write, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: S, ShareMode: None, AllocationSize: 0, OpenResult: Created"
  296. "12:56:28,2996629","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\CryptnetUrlCache\Content","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  297. "12:56:28,3225516","sp-downloader.exe","2892","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  298. "12:56:28,3240976","sp-downloader.exe","2892","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  299. "12:56:28,3253782","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  300. "12:56:28,3274111","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  301. "12:56:28,3289798","sp-downloader.exe","2892","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  302. "12:56:28,3349490","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  303. "12:56:28,3393861","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  304. "12:56:28,3652685","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\CryptnetUrlCache\MetaData\1DAF2884EC4DFA96BA4A58D4DBC9C406","NAME NOT FOUND","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a"
  305. "12:56:28,6723452","sp-downloader.exe","2892","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  306. "12:56:28,6811474","sp-downloader.exe","2892","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  307. "12:56:28,6868362","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  308. "12:56:28,6911537","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  309. "12:56:28,7015878","sp-downloader.exe","2892","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  310. "12:56:28,7103065","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  311. "12:56:28,7127244","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  312. "12:56:28,7219616","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\CryptnetUrlCache\MetaData\1DAF2884EC4DFA96BA4A58D4DBC9C406","SUCCESS","Desired Access: Generic Read/Write, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: S, ShareMode: None, AllocationSize: 0, OpenResult: Created"
  313. "12:56:28,7240588","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\CryptnetUrlCache\MetaData","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  314. "12:56:28,7326272","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\CryptnetUrlCache\Content\1DAF2884EC4DFA96BA4A58D4DBC9C406","SUCCESS","Desired Access: Generic Read/Write, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: S, ShareMode: None, AllocationSize: 0, OpenResult: Created"
  315. "12:56:28,7326705","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\CryptnetUrlCache\Content","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  316. "12:56:28,8254948","sp-downloader.exe","2892","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  317. "12:56:28,8289889","sp-downloader.exe","2892","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  318. "12:56:28,8305553","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  319. "12:56:28,8314202","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  320. "12:56:28,8324561","sp-downloader.exe","2892","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  321. "12:56:28,8328595","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  322. "12:56:28,8350810","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  323. "12:56:28,8365485","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\CryptnetUrlCache\MetaData\7D1F03728133589A90656A87E482B21F","NAME NOT FOUND","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a"
  324. "12:56:29,3154918","sp-downloader.exe","2892","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  325. "12:56:29,3189274","sp-downloader.exe","2892","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  326. "12:56:29,3217101","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  327. "12:56:29,3294103","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  328. "12:56:29,3341475","sp-downloader.exe","2892","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  329. "12:56:29,3394501","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  330. "12:56:29,3420831","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  331. "12:56:29,4489800","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\CryptnetUrlCache\MetaData\7D1F03728133589A90656A87E482B21F","SUCCESS","Desired Access: Generic Read/Write, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: S, ShareMode: None, AllocationSize: 0, OpenResult: Created"
  332. "12:56:29,4517744","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\CryptnetUrlCache\MetaData","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  333. "12:56:29,4535979","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\CryptnetUrlCache\Content\7D1F03728133589A90656A87E482B21F","SUCCESS","Desired Access: Generic Read/Write, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: S, ShareMode: None, AllocationSize: 0, OpenResult: Created"
  334. "12:56:29,4540485","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\CryptnetUrlCache\Content","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  335. "12:56:29,6249308","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\Content.IE5\ONMNSLY5\downloadstub[1]","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: NCI, ShareMode: Read, Write, Delete, AllocationSize: 0, OpenResult: Created"
  336. "12:56:29,7668472","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  337. "12:56:29,7771300","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  338. "12:56:29,7785869","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  339. "12:56:29,7790931","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  340. "12:56:29,7805000","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nse60.tmp","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  341. "12:56:29,8152187","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  342. "12:56:29,8157288","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  343. "12:56:29,8164465","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  344. "12:56:29,8176140","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  345. "12:56:29,8194276","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  346. "12:56:29,8199919","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  347. "12:56:29,8208448","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nse60.tmp","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  348. "12:56:29,8214982","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nse60.tmp","SUCCESS","Desired Access: Read Attributes, Delete, Disposition: Open, Options: Non-Directory File, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  349. "12:56:29,8226624","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  350. "12:56:29,8231714","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  351. "12:56:29,8233250","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  352. "12:56:29,8238013","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  353. "12:56:29,8241891","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\inetc.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  354. "12:56:29,8247830","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\inetc.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  355. "12:56:29,8277907","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\inetc.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  356. "12:56:29,8291556","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\inetc.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  357. "12:56:29,8329483","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\MSIMTF.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  358. "12:56:29,8342895","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsa5F.exe","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  359. "12:56:29,8343840","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  360. "12:56:29,8692825","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\Content.IE5\2NCFWP2F\spstub[1].exe","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: NCI, ShareMode: Read, Write, Delete, AllocationSize: 0, OpenResult: Created"
  361. "12:56:29,9685407","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  362. "12:56:29,9690706","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  363. "12:56:29,9695456","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  364. "12:56:29,9702753","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  365. "12:56:29,9709712","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  366. "12:56:29,9714388","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  367. "12:56:29,9720886","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  368. "12:56:29,9727356","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsf5E.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  369. "12:56:29,9736880","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsa5F.exe","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  370. "12:56:29,9776985","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\apphelp.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  371. "12:56:29,9808244","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\system32\apphelp.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  372. "12:56:29,9823528","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\AppPatch\sysmain.sdb","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  373. "12:56:29,9832677","sp-downloader.exe","2892","CreateFile","C:\WINDOWS\AppPatch\systest.sdb","NAME NOT FOUND","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a"
  374. "12:56:29,9834672","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  375. "12:56:29,9839530","sp-downloader.exe","2892","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  376. "12:56:29,9842374","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  377. "12:56:29,9847612","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  378. "12:56:29,9851825","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  379. "12:56:29,9857244","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  380. "12:56:30,0098895","sp-downloader.exe","2892","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  381. "12:56:30,0102912","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  382. "12:56:30,0106396","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  383. "12:56:30,0109980","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  384. "12:56:30,0114199","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  385. "12:56:30,0131757","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsa5F.exe.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  386. "12:56:30,0143320","sp-downloader.exe","2892","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsa5F.exe.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  387. "12:57:21,0415279","CltMngSvc.exe","2844","CreateFile","C:\WINDOWS\Prefetch\CLTMNGSVC.EXE-10E315A1.pf","NAME NOT FOUND","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: None, AllocationSize: n/a"
  388. "12:57:21,0462452","CltMngSvc.exe","2844","CreateFile","C:\Programme\SearchProtect","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  389. "12:57:21,0527405","CltMngSvc.exe","2844","CreateFile","C:\WINDOWS\system32\wtsapi32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  390. "12:57:21,0875424","CltMngSvc.exe","2844","CreateFile","C:\WINDOWS\system32\winsta.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  391. "12:57:21,0908858","CltMngSvc.exe","2844","CreateFile","C:\WINDOWS\system32\netapi32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  392. "12:57:21,1340992","CltMngSvc.exe","2844","CreateFile","C:\WINDOWS\system32\psapi.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  393. "12:57:21,2313970","CltMngSvc.exe","2844","CreateFile","C:\WINDOWS\system32\crypt32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  394. "12:57:21,2349251","CltMngSvc.exe","2844","CreateFile","C:\WINDOWS\system32\msasn1.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  395. "12:57:21,3120480","CltMngSvc.exe","2844","CreateFile","C:\WINDOWS\system32\dbghelp.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  396. "12:57:21,4298077","CltMngSvc.exe","2844","CreateFile","C:\WINDOWS\system32\imm32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  397. "12:57:21,4329100","CltMngSvc.exe","2844","CreateFile","C:\WINDOWS\system32\imm32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  398. "12:57:21,4366946","CltMngSvc.exe","2844","CreateFile","C:\WINDOWS\system32\imm32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  399. "12:57:21,4505184","CltMngSvc.exe","2844","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin\SPVC32Loader.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  400. "12:57:21,4519306","CltMngSvc.exe","2844","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin\SPVC32Loader.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  401. "12:57:21,4547069","CltMngSvc.exe","2844","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin\SPVC32Loader.dll.2.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  402. "12:57:21,5090359","CltMngSvc.exe","2844","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin\SPVC32Loader.dll.2.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  403. "12:57:21,5465999","CltMngSvc.exe","2844","CreateFile","C:\WINDOWS\system32\shell32.dll","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  404. "12:57:21,5473265","CltMngSvc.exe","2844","CreateFile","C:\WINDOWS\system32\SHELL32.dll.124.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  405. "12:57:21,5570691","CltMngSvc.exe","2844","CreateFile","C:\WINDOWS\system32\SHELL32.dll.124.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  406. "12:57:21,5971253","CltMngSvc.exe","2844","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  407. "12:57:21,5974041","CltMngSvc.exe","2844","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  408. "12:57:21,6239446","CltMngSvc.exe","2844","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  409. "12:57:21,6325647","CltMngSvc.exe","2844","CreateFile","C:\WINDOWS\WindowsShell.Manifest","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  410. "12:57:21,6337811","CltMngSvc.exe","2844","CreateFile","C:\WINDOWS\WindowsShell.Manifest","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  411. "12:57:21,6365644","CltMngSvc.exe","2844","CreateFile","C:\WINDOWS\WindowsShell.Manifest","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  412. "12:57:21,6372961","CltMngSvc.exe","2844","CreateFile","C:\WINDOWS\WindowsShell.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  413. "12:57:21,6646347","CltMngSvc.exe","2844","CreateFile","C:\WINDOWS\system32\comctl32.dll","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  414. "12:57:21,6651742","CltMngSvc.exe","2844","CreateFile","C:\WINDOWS\system32\comctl32.dll.124.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  415. "12:57:21,6664676","CltMngSvc.exe","2844","CreateFile","C:\WINDOWS\system32\comctl32.dll.124.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  416. "12:57:21,6707143","CltMngSvc.exe","2844","CreateFile","C:\WINDOWS\system32\urlmon.dll.123.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  417. "12:57:21,6708699","CltMngSvc.exe","2844","CreateFile","C:\WINDOWS\system32\urlmon.dll.123.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  418. "12:57:21,7262820","CltMngSvc.exe","2844","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  419. "12:57:21,7328705","CltMngSvc.exe","2844","CreateFile","C:\WINDOWS\system32\WININET.dll.123.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  420. "12:57:21,7329498","CltMngSvc.exe","2844","CreateFile","C:\WINDOWS\system32\WININET.dll.123.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  421. "12:57:21,7405324","CltMngSvc.exe","2844","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  422. "12:57:21,8207518","CltMngSvc.exe","2844","CreateFile","C:\Programme\SearchProtect\Main\rep\SystemRepository.dat","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  423. "12:57:21,8373304","CltMngSvc.exe","2844","CreateFile","C:\Programme\SearchProtect\Main\rep\SystemRepository.dat","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  424. "12:57:21,8448565","CltMngSvc.exe","2844","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  425. "12:57:21,8521418","CltMngSvc.exe","2844","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  426. "12:57:21,8564734","CltMngSvc.exe","2844","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  427. "12:57:21,8569609","CltMngSvc.exe","2844","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  428. "12:57:21,9398868","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\Prefetch\CLTMNGSVC.EXE-10E315A1.pf","NAME NOT FOUND","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: None, AllocationSize: n/a"
  429. "12:57:21,9401737","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  430. "12:57:22,0111620","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\wtsapi32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  431. "12:57:22,0131220","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\winsta.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  432. "12:57:22,0145736","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\netapi32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  433. "12:57:22,0359660","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\psapi.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  434. "12:57:22,0557129","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\crypt32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  435. "12:57:22,0783152","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\msasn1.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  436. "12:57:22,0797724","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\dbghelp.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  437. "12:57:22,0817824","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\imm32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  438. "12:57:22,0840244","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\imm32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  439. "12:57:22,1094153","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\imm32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  440. "12:57:22,1179884","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin\SPVC32Loader.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  441. "12:57:22,1190768","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin\SPVC32Loader.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  442. "12:57:22,1216294","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin\SPVC32Loader.dll.2.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  443. "12:57:22,1221038","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin\SPVC32Loader.dll.2.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  444. "12:57:22,1251086","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\shell32.dll","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  445. "12:57:22,1298025","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\SHELL32.dll.124.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  446. "12:57:22,1299246","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\SHELL32.dll.124.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  447. "12:57:22,2065665","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  448. "12:57:22,2225339","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  449. "12:57:22,2230674","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  450. "12:57:22,2242564","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\WindowsShell.Manifest","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  451. "12:57:22,2453152","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\WindowsShell.Manifest","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  452. "12:57:22,2459148","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\WindowsShell.Manifest","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  453. "12:57:22,2460776","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\WindowsShell.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  454. "12:57:22,2536699","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\comctl32.dll","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  455. "12:57:22,2678715","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\comctl32.dll.124.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  456. "12:57:22,2679564","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\comctl32.dll.124.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  457. "12:57:22,2710900","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\urlmon.dll.123.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  458. "12:57:22,2711699","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\urlmon.dll.123.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  459. "12:57:22,2799032","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  460. "12:57:22,3285434","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\WININET.dll.123.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  461. "12:57:22,3286264","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\WININET.dll.123.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  462. "12:57:22,3482764","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  463. "12:57:22,3512186","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\Main\rep\SystemRepository.dat","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  464. "12:57:22,3533016","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\Main\rep\SystemRepository.dat","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  465. "12:57:22,3545107","CltMngSvc.exe","3096","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  466. "12:57:22,3550638","CltMngSvc.exe","3096","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  467. "12:57:22,3554957","CltMngSvc.exe","3096","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  468. "12:57:22,3558569","CltMngSvc.exe","3096","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  469. "12:57:22,3685636","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\winhttp.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  470. "12:57:22,3770191","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\uxtheme.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  471. "12:57:22,3783305","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\uxtheme.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  472. "12:57:22,4130050","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\Main\rep\SystemRepository.dat","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  473. "12:57:22,4179003","CltMngSvc.exe","3096","CreateFile","C:\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  474. "12:57:22,4185353","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  475. "12:57:22,4189658","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  476. "12:57:22,4218704","CltMngSvc.exe","3096","CreateFile","C:\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  477. "12:57:22,4236270","CltMngSvc.exe","3096","CreateFile","C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Temporary Internet Files","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  478. "12:57:22,4237421","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  479. "12:57:22,4246956","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  480. "12:57:22,4253297","CltMngSvc.exe","3096","CreateFile","C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Temporary Internet Files\Content.IE5","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  481. "12:57:22,4349759","CltMngSvc.exe","3096","CreateFile","C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Verlauf","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  482. "12:57:22,4354288","CltMngSvc.exe","3096","CreateFile","C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Verlauf\History.IE5","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  483. "12:57:22,4361761","CltMngSvc.exe","3096","CreateFile","C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Temporary Internet Files\Content.IE5","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  484. "12:57:22,4364328","CltMngSvc.exe","3096","CreateFile","C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\index.dat","SUCCESS","Desired Access: Generic Read/Write, Disposition: OpenIf, Options: Synchronous IO Non-Alert, Non-Directory File, Random Access, Attributes: HSNCI, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Opened"
  485. "12:57:22,4369396","CltMngSvc.exe","3096","CreateFile","C:\Dokumente und Einstellungen\LocalService\Cookies","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  486. "12:57:22,4370276","CltMngSvc.exe","3096","CreateFile","C:\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  487. "12:57:22,4372114","CltMngSvc.exe","3096","CreateFile","C:\Dokumente und Einstellungen\LocalService\Cookies\index.dat","SUCCESS","Desired Access: Generic Read/Write, Disposition: OpenIf, Options: Synchronous IO Non-Alert, Non-Directory File, Random Access, Attributes: HSNCI, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Opened"
  488. "12:57:22,4373209","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  489. "12:57:22,4376319","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  490. "12:57:22,4379199","CltMngSvc.exe","3096","CreateFile","C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Verlauf\History.IE5","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  491. "12:57:22,4382015","CltMngSvc.exe","3096","CreateFile","C:\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  492. "12:57:22,4383638","CltMngSvc.exe","3096","CreateFile","C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Verlauf\History.IE5\index.dat","SUCCESS","Desired Access: Generic Read/Write, Disposition: OpenIf, Options: Synchronous IO Non-Alert, Non-Directory File, Random Access, Attributes: HSNCI, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Opened"
  493. "12:57:22,4385669","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  494. "12:57:22,4387951","CltMngSvc.exe","3096","CreateFile","C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Temporary Internet Files\Content.IE5","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  495. "12:57:22,4468797","CltMngSvc.exe","3096","CreateFile","C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Verlauf\History.IE5","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  496. "12:57:22,4469316","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  497. "12:57:22,4505684","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\msapsspc.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  498. "12:57:22,4515331","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\msvcrt40.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  499. "12:57:22,4566323","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\schannel.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  500. "12:57:22,4573388","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\ws2_32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  501. "12:57:22,4652446","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\ws2help.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  502. "12:57:22,5351892","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\digest.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  503. "12:57:22,5630956","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\msnsspc.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  504. "12:57:22,5678322","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\msvcrt40.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  505. "12:57:22,5827863","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\msv1_0.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  506. "12:57:22,5843217","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\msv1_0.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  507. "12:57:22,5865379","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\cryptdll.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  508. "12:57:22,5888142","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\iphlpapi.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  509. "12:57:22,6526977","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\rasapi32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  510. "12:57:22,6591382","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\rasman.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  511. "12:57:22,6610429","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\tapi32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  512. "12:57:22,6689909","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\rtutils.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  513. "12:57:22,7204583","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\winmm.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  514. "12:57:22,7303020","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\tapi32.dll","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  515. "12:57:22,7322606","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\TAPI32.dll.124.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  516. "12:57:22,7323405","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\TAPI32.dll.124.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  517. "12:57:22,7411590","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  518. "12:57:22,7672835","CltMngSvc.exe","3096","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  519. "12:57:22,7674556","CltMngSvc.exe","3096","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  520. "12:57:22,7691595","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\config","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  521. "12:57:22,7693606","CltMngSvc.exe","3096","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  522. "12:57:22,8611396","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\config\systemprofile","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  523. "12:57:22,8612161","CltMngSvc.exe","3096","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  524. "12:57:22,8637776","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\config","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  525. "12:57:22,8639377","CltMngSvc.exe","3096","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  526. "12:57:22,8655206","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\config\systemprofile","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  527. "12:57:22,8657477","CltMngSvc.exe","3096","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  528. "12:57:22,8789377","CltMngSvc.exe","3096","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  529. "12:57:22,8994785","CltMngSvc.exe","3096","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Microsoft\Network\Connections\Pbk","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  530. "12:57:22,8995934","CltMngSvc.exe","3096","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  531. "12:57:22,9262828","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\ras","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  532. "12:57:22,9830976","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin\cltmng.exe","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  533. "12:57:22,9844181","CltMngSvc.exe","3096","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  534. "12:57:22,9861904","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\config","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  535. "12:57:22,9879672","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\config\systemprofile","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  536. "12:57:22,9947795","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\apphelp.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  537. "12:57:22,9979888","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\config","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  538. "12:57:23,0306734","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\config\systemprofile","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  539. "12:57:23,0312369","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\apphelp.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  540. "12:57:23,0499144","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\config\systemprofile\Anwendungsdaten\Microsoft\Network\Connections\Pbk\","PATH NOT FOUND","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
  541. "12:57:23,0508469","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\AppPatch\sysmain.sdb","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  542. "12:57:23,0511710","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\AppPatch\systest.sdb","NAME NOT FOUND","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a"
  543. "12:57:23,0516060","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\sensapi.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  544. "12:57:23,0519493","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  545. "12:57:23,0535973","CltMngSvc.exe","3096","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  546. "12:57:23,0610631","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\SearchProtect","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  547. "12:57:23,0629365","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  548. "12:57:23,0661821","CltMngSvc.exe","3096","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  549. "12:57:23,0679986","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\SearchProtect","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  550. "12:57:23,0814265","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\mswsock.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  551. "12:57:23,0816020","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  552. "12:57:23,0825610","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\mswsock.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  553. "12:57:23,0956401","CltMngSvc.exe","3096","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  554. "12:57:23,0965801","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\SearchProtect","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  555. "12:57:23,0971886","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  556. "12:57:23,1295676","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\rasadhlp.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  557. "12:57:23,1336578","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin\cltmng.exe.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  558. "12:57:23,1380399","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin\cltmng.exe.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  559. "12:57:23,1405514","cltmng.exe","3172","CreateFile","C:\WINDOWS\Prefetch\CLTMNG.EXE-25B2980C.pf","NAME NOT FOUND","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: None, AllocationSize: n/a"
  560. "12:57:23,1409215","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  561. "12:57:23,1411570","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\dnsapi.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  562. "12:57:23,1569931","CltMngSvc.exe","3096","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  563. "12:57:23,1584260","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\psapi.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  564. "12:57:23,1610556","CltMngSvc.exe","3096","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  565. "12:57:23,1627047","CltMngSvc.exe","3096","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  566. "12:57:23,1648170","CltMngSvc.exe","3096","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  567. "12:57:23,1671763","CltMngSvc.exe","3096","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  568. "12:57:23,1687681","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\dbghelp.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  569. "12:57:23,1705010","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\crypt32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  570. "12:57:23,1713483","CltMngSvc.exe","3096","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  571. "12:57:23,1737173","CltMngSvc.exe","3096","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  572. "12:57:23,2581568","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\msasn1.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  573. "12:57:23,3114485","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\winrnr.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  574. "12:57:23,3501319","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\winrnr.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  575. "12:57:23,3548216","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\imm32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  576. "12:57:23,3567322","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\imm32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  577. "12:57:23,3584514","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\UI\bin\cltmngui.exe","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  578. "12:57:23,3588098","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\AppPatch\sysmain.sdb","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  579. "12:57:23,3594370","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\AppPatch\systest.sdb","NAME NOT FOUND","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a"
  580. "12:57:23,3595965","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\UI\bin","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  581. "12:57:23,3606123","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\imm32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  582. "12:57:23,3613959","CltMngSvc.exe","3096","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  583. "12:57:23,3644245","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  584. "12:57:23,3694975","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\UI","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  585. "12:57:23,3707016","cltmng.exe","3172","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin\SPVC32Loader.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  586. "12:57:23,3731382","cltmng.exe","3172","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin\SPVC32Loader.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  587. "12:57:23,3885916","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\UI\bin","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  588. "12:57:23,3994887","CltMngSvc.exe","3096","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  589. "12:57:23,4016348","cltmng.exe","3172","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin\SPVC32Loader.dll.2.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  590. "12:57:23,4018033","cltmng.exe","3172","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin\SPVC32Loader.dll.2.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  591. "12:57:23,4032781","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  592. "12:57:23,4061010","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\UI","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  593. "12:57:23,4083689","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\UI\bin","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  594. "12:57:23,4092643","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\urlmon.dll.123.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  595. "12:57:23,4093403","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\urlmon.dll.123.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  596. "12:57:23,4420947","cltmng.exe","3172","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  597. "12:57:23,4423297","cltmng.exe","3172","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  598. "12:57:23,4610396","cltmng.exe","3172","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  599. "12:57:23,5196272","CltMngSvc.exe","3096","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  600. "12:57:23,5594306","cltmng.exe","3172","CreateFile","C:\WINDOWS\WindowsShell.Manifest","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  601. "12:57:23,5795817","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  602. "12:57:23,5799494","cltmng.exe","3172","CreateFile","C:\WINDOWS\WindowsShell.Manifest","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  603. "12:57:23,5940869","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\UI","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  604. "12:57:23,5944057","cltmng.exe","3172","CreateFile","C:\WINDOWS\WindowsShell.Manifest","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  605. "12:57:23,6018061","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\UI\bin","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  606. "12:57:23,6020318","cltmng.exe","3172","CreateFile","C:\WINDOWS\WindowsShell.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  607. "12:57:23,6254876","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\UI\bin\cltmngui.exe.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  608. "12:57:23,6613519","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\UI\bin\cltmngui.exe.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  609. "12:57:23,6722519","cltmngui.exe","3244","CreateFile","C:\WINDOWS\Prefetch\CLTMNGUI.EXE-3A6234BB.pf","NAME NOT FOUND","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: None, AllocationSize: n/a"
  610. "12:57:23,6725427","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  611. "12:57:23,6963773","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\WININET.dll.123.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  612. "12:57:23,6971953","CltMngSvc.exe","3096","CreateFile","C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\IJWXA5UP\wpad[1].mpeg","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Sequential Access, Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  613. "12:57:23,7094164","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\WININET.dll.123.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  614. "12:57:23,7163522","cltmng.exe","3172","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  615. "12:57:23,7180890","CltMngSvc.exe","3096","CreateFile","C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\IJWXA5UP\wpad[1].mpeg","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  616. "12:57:23,7182703","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\jsproxy.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  617. "12:57:23,7214718","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\shell32.dll","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  618. "12:57:23,7227237","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\jsproxy.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  619. "12:57:23,7229706","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\psapi.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  620. "12:57:23,7531739","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\SHELL32.dll.124.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  621. "12:57:23,7534580","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\SHELL32.dll.124.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  622. "12:57:23,7669315","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\dbghelp.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  623. "12:57:23,7672207","CltMngSvc.exe","3096","CreateFile","C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Temporary Internet Files\Content.IE5\IJWXA5UP\wpad[1].mpeg","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  624. "12:57:23,7750910","cltmng.exe","3172","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  625. "12:57:23,7800321","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\rpcss.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  626. "12:57:23,7807886","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\comctl32.dll","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  627. "12:57:23,8191801","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\comctl32.dll.124.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  628. "12:57:23,8192572","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\comctl32.dll.124.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  629. "12:57:23,8223813","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\imm32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  630. "12:57:23,8241385","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\imm32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  631. "12:57:23,8259754","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\clbcatq.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  632. "12:57:23,8264835","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\imm32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  633. "12:57:23,8545485","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\comres.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  634. "12:57:23,8551701","cltmngui.exe","3244","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin\SPVC32Loader.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  635. "12:57:23,8629683","cltmngui.exe","3244","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin\SPVC32Loader.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  636. "12:57:23,9220742","cltmngui.exe","3244","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin\SPVC32Loader.dll.2.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  637. "12:57:23,9222672","cltmngui.exe","3244","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin\SPVC32Loader.dll.2.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  638. "12:57:23,9294474","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\Registration\R000000000007.clb","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  639. "12:57:23,9612244","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\shell32.dll","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  640. "12:57:23,9616705","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\SHELL32.dll.124.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  641. "12:57:23,9632976","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\jscript.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  642. "12:57:23,9647530","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\SHELL32.dll.124.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  643. "12:57:23,9730862","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\jscript.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  644. "12:57:23,9737732","cltmngui.exe","3244","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  645. "12:57:23,9738595","cltmngui.exe","3244","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  646. "12:57:23,9753066","cltmngui.exe","3244","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  647. "12:57:23,9812758","cltmngui.exe","3244","CreateFile","C:\WINDOWS\WindowsShell.Manifest","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  648. "12:57:24,0058714","cltmngui.exe","3244","CreateFile","C:\WINDOWS\WindowsShell.Manifest","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  649. "12:57:24,0068291","cltmngui.exe","3244","CreateFile","C:\WINDOWS\WindowsShell.Manifest","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  650. "12:57:24,0080535","cltmngui.exe","3244","CreateFile","C:\WINDOWS\WindowsShell.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  651. "12:57:24,0229336","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\comctl32.dll","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  652. "12:57:24,0311827","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\comctl32.dll.124.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  653. "12:57:24,0312665","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\comctl32.dll.124.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  654. "12:57:24,0845188","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\urlmon.dll.123.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  655. "12:57:24,0846001","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\urlmon.dll.123.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  656. "12:57:24,0918731","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\winlogon.exe","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  657. "12:57:24,0935429","cltmngui.exe","3244","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  658. "12:57:24,1012226","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\xpsp2res.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  659. "12:57:24,1303492","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\WININET.dll.123.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  660. "12:57:24,1304395","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\WININET.dll.123.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  661. "12:57:24,1680001","cltmngui.exe","3244","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  662. "12:57:24,1690785","CltMngSvc.exe","3096","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Microsoft\Network\Connections\Pbk","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  663. "12:57:24,1702638","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\ras","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  664. "12:57:24,1895420","CltMngSvc.exe","3096","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  665. "12:57:24,1906854","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\config","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  666. "12:57:24,1916126","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\config\systemprofile","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  667. "12:57:24,1948203","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\config","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  668. "12:57:24,2053350","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\config\systemprofile","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  669. "12:57:24,2077367","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\config\systemprofile\Anwendungsdaten\Microsoft\Network\Connections\Pbk\","PATH NOT FOUND","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
  670. "12:57:24,2174720","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\hnetcfg.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  671. "12:57:24,2302745","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\wshtcpip.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  672. "12:57:24,2316775","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\uxtheme.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  673. "12:57:24,2326100","CltMngSvc.exe","3096","CreateFile","C:\WINDOWS\system32\wshtcpip.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  674. "12:57:24,2328846","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\uxtheme.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  675. "12:57:24,2779887","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\MSCTF.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  676. "12:57:24,2806262","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\MSCTF.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  677. "12:57:24,2889350","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\MSCTFIME.IME","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  678. "12:57:24,2910082","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\MSCTFIME.IME","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  679. "12:57:24,2923712","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\winhttp.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  680. "12:57:24,2927512","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\MSCTFIME.IME","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  681. "12:57:24,2941259","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\MSCTFIME.IME","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  682. "12:57:24,3022348","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\MSCTFIME.IME","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  683. "12:57:24,3032855","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\MSCTFIME.IME","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  684. "12:57:24,3317103","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\winhttp.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  685. "12:57:24,3331957","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\rpcss.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  686. "12:57:24,3404067","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\winlogon.exe","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  687. "12:57:24,3446402","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\xpsp2res.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  688. "12:57:24,3448919","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\UI","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Created"
  689. "12:57:24,3724300","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\UI\rep","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Created"
  690. "12:57:24,3820958","cltmngui.exe","3244","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Free Space Query, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  691. "12:57:24,3824019","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\UI\rep\UIRepository.dat","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Created"
  692. "12:57:24,3824600","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\UI\rep","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  693. "12:57:24,3865008","cltmng.exe","3172","CreateFile","C:\Programme\SearchProtect\Main\rep\SystemRepository.dat","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  694. "12:57:24,3888209","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\uxtheme.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  695. "12:57:24,3899317","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\uxtheme.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  696. "12:57:24,4019421","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\MSCTF.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  697. "12:57:24,4025101","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\MSCTF.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  698. "12:57:24,4035708","cltmng.exe","3172","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  699. "12:57:24,4045539","cltmng.exe","3172","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  700. "12:57:24,4115501","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\MSCTFIME.IME","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  701. "12:57:24,4117892","cltmng.exe","3172","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  702. "12:57:24,4122610","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\MSCTFIME.IME","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  703. "12:57:24,4125706","cltmng.exe","3172","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  704. "12:57:24,4130176","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\MSCTFIME.IME","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  705. "12:57:24,4137107","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\MSCTFIME.IME","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  706. "12:57:24,4146289","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\MSCTFIME.IME","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  707. "12:57:24,4149865","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\MSCTFIME.IME","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  708. "12:57:24,4286768","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep\UserRepository.dat","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  709. "12:57:24,4308235","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\clbcatq.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  710. "12:57:24,4316317","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\comres.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  711. "12:57:24,4402381","cltmng.exe","3172","CreateFile","C:\WINDOWS\Registration\R000000000007.clb","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  712. "12:57:24,4422207","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\wbem\wbemprox.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  713. "12:57:24,4429865","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\wbem\wbemprox.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  714. "12:57:24,4441034","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\wbem\wbemcomn.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  715. "12:57:24,4811298","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\ws2_32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  716. "12:57:24,4818755","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\ws2help.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  717. "12:57:24,5469092","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep\UserRepository.dat","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  718. "12:57:24,5481470","cltmng.exe","3172","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Free Space Query, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  719. "12:57:24,5482434","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep\UserRepository.dat","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Overwritten"
  720. "12:57:24,5482884","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  721. "12:57:24,5801586","cltmng.exe","3172","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin\SPVC32Loader.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  722. "12:57:24,5831593","cltmng.exe","3172","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin\SPVC32Loader.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  723. "12:57:24,6011543","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\wintrust.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  724. "12:57:24,6255027","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\wbem\wbemsvc.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  725. "12:57:24,6341348","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\wbem\wbemsvc.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  726. "12:57:24,6355430","cltmng.exe","3172","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin\SPVC32Loader.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  727. "12:57:24,6367538","cltmng.exe","3172","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin\SPVC32Loader.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  728. "12:57:24,6387638","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\rsaenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  729. "12:57:24,6451605","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\rsaenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  730. "12:57:24,6784630","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\wbem\fastprox.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  731. "12:57:24,6797339","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\wbem\fastprox.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  732. "12:57:24,6848359","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\msvcp60.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  733. "12:57:24,6927914","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\ntdsapi.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  734. "12:57:24,6945399","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\dnsapi.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  735. "12:57:24,7012570","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\netapi32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  736. "12:57:24,7116371","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\rsaenh.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  737. "12:57:24,7140508","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\rsaenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  738. "12:57:24,7145310","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\rsaenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  739. "12:57:24,7940749","cltmng.exe","3172","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin\SPVC32Loader.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  740. "12:57:24,7948625","cltmng.exe","3172","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin\SPVC32Loader.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  741. "12:57:24,7953329","cltmng.exe","3172","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin\SPVC32Loader.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  742. "12:57:24,7999494","cltmng.exe","3172","CreateFile","C:\Programme\SearchProtect\SearchProtect\bin\SPVC32Loader.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  743. "12:57:24,9187103","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox","PATH NOT FOUND","Desired Access: Read Data/List Directory, Read Attributes, Synchronize, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
  744. "12:57:24,9199566","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data","SUCCESS","Desired Access: Read Data/List Directory, Read Attributes, Synchronize, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  745. "12:57:24,9241040","CltMngSvc.exe","3096","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Free Space Query, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  746. "12:57:24,9245418","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\Main\rep\SystemRepository.dat","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Overwritten"
  747. "12:57:24,9246231","CltMngSvc.exe","3096","CreateFile","C:\Programme\SearchProtect\Main\rep","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  748. "12:57:24,9261286","cltmng.exe","3172","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Free Space Query, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  749. "12:57:24,9273611","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep\UserRepository.dat","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Overwritten"
  750. "12:57:24,9274067","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  751. "12:57:24,9284322","cltmngui.exe","3244","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Free Space Query, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  752. "12:57:24,9289482","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\UI\rep\UIRepository.dat","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Overwritten"
  753. "12:57:24,9290102","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\UI\rep","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  754. "12:57:24,9384271","cltmngui.exe","3244","CreateFile","C:\Programme\SearchProtect\Main\rep\SystemRepository.dat","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  755. "12:57:24,9404488","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  756. "12:57:24,9414104","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\Content.IE5","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  757. "12:57:24,9475380","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Verlauf","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  758. "12:57:24,9481571","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Verlauf\History.IE5","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  759. "12:57:24,9493273","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\Content.IE5","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  760. "12:57:24,9499000","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\Content.IE5\index.dat","SUCCESS","Desired Access: Generic Read/Write, Disposition: OpenIf, Options: Synchronous IO Non-Alert, Non-Directory File, Random Access, Attributes: HSNCI, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Opened"
  761. "12:57:24,9506437","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Cookies","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  762. "12:57:24,9508873","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Cookies\index.dat","SUCCESS","Desired Access: Generic Read/Write, Disposition: OpenIf, Options: Synchronous IO Non-Alert, Non-Directory File, Random Access, Attributes: HSNCI, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Opened"
  763. "12:57:24,9515156","cltmngui.exe","3244","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  764. "12:57:24,9517899","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Verlauf\History.IE5","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  765. "12:57:24,9520581","cltmngui.exe","3244","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  766. "12:57:24,9523347","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Verlauf\History.IE5\index.dat","SUCCESS","Desired Access: Generic Read/Write, Disposition: OpenIf, Options: Synchronous IO Non-Alert, Non-Directory File, Random Access, Attributes: HSNCI, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Opened"
  767. "12:57:24,9527999","cltmngui.exe","3244","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  768. "12:57:24,9530435","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\Content.IE5","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  769. "12:57:24,9609386","cltmngui.exe","3244","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  770. "12:57:24,9870671","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Verlauf\History.IE5","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  771. "12:57:24,9964060","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  772. "12:57:24,9993628","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\Content.IE5","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  773. "12:57:25,0034535","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Verlauf","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  774. "12:57:25,0045246","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Verlauf\History.IE5","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  775. "12:57:25,0060195","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\Content.IE5","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  776. "12:57:25,0093084","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\Content.IE5\index.dat","SUCCESS","Desired Access: Generic Read/Write, Disposition: OpenIf, Options: Synchronous IO Non-Alert, Non-Directory File, Random Access, Attributes: HSNCI, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Opened"
  777. "12:57:25,0104971","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Cookies","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  778. "12:57:25,0111335","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Cookies\index.dat","SUCCESS","Desired Access: Generic Read/Write, Disposition: OpenIf, Options: Synchronous IO Non-Alert, Non-Directory File, Random Access, Attributes: HSNCI, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Opened"
  779. "12:57:25,0116956","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Verlauf\History.IE5","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  780. "12:57:25,0119359","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Verlauf\History.IE5\index.dat","SUCCESS","Desired Access: Generic Read/Write, Disposition: OpenIf, Options: Synchronous IO Non-Alert, Non-Directory File, Random Access, Attributes: HSNCI, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Opened"
  781. "12:57:25,0122722","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\rasapi32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  782. "12:57:25,0125996","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\Content.IE5","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  783. "12:57:25,0135403","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\rasman.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  784. "12:57:25,0138716","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Verlauf\History.IE5","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  785. "12:57:25,0190627","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\tapi32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  786. "12:57:25,0222229","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\rtutils.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  787. "12:57:25,0239206","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\winmm.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  788. "12:57:25,0351137","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\tapi32.dll","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  789. "12:57:25,0352966","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\TAPI32.dll.124.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  790. "12:57:25,0353830","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\TAPI32.dll.124.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  791. "12:57:25,0443978","cltmng.exe","3172","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  792. "12:57:25,1028631","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\msapsspc.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  793. "12:57:25,1061783","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\msvcrt40.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  794. "12:57:25,1064336","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\ws2_32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  795. "12:57:25,1082459","cltmng.exe","3172","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  796. "12:57:25,1087186","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\schannel.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  797. "12:57:25,1093670","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\ws2help.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  798. "12:57:25,7517268","cltmng.exe","3172","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  799. "12:57:25,7669774","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\digest.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  800. "12:57:25,7670123","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  801. "12:57:25,7713578","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\msnsspc.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  802. "12:57:25,7715648","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  803. "12:57:25,7923890","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\msvcrt40.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  804. "12:57:25,7924736","cltmng.exe","3172","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  805. "12:57:25,7936187","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  806. "12:57:25,7948382","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  807. "12:57:25,7955567","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\msv1_0.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  808. "12:57:25,8029752","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\msv1_0.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  809. "12:57:25,8031630","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Microsoft\Network\Connections\Pbk","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  810. "12:57:25,8050967","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\cryptdll.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  811. "12:57:25,8055040","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\ras","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  812. "12:57:25,8073263","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\iphlpapi.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  813. "12:57:25,8105541","cltmng.exe","3172","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  814. "12:57:25,8347653","cltmng.exe","3172","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  815. "12:57:25,8352458","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  816. "12:57:25,8357881","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  817. "12:57:25,8395841","cltmng.exe","3172","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  818. "12:57:25,8430923","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  819. "12:57:25,8623934","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  820. "12:57:25,8728590","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\Network\Connections\Pbk\","PATH NOT FOUND","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
  821. "12:57:25,8734582","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\sensapi.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  822. "12:57:25,8917301","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\rasapi32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  823. "12:57:25,8931289","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\rasman.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  824. "12:57:25,9315561","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\netapi32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  825. "12:57:25,9350848","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\tapi32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  826. "12:57:25,9452159","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\rtutils.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  827. "12:57:25,9497553","cltmng.exe","3172","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  828. "12:57:25,9498819","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\winmm.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  829. "12:57:25,9507298","cltmng.exe","3172","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  830. "12:57:25,9521090","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\tapi32.dll","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  831. "12:57:25,9527789","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\TAPI32.dll.124.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  832. "12:57:25,9528638","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\TAPI32.dll.124.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  833. "12:57:25,9626944","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  834. "12:57:25,9729373","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  835. "12:57:25,9730019","cltmngui.exe","3244","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  836. "12:57:25,9747549","cltmng.exe","3172","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  837. "12:57:25,9769350","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  838. "12:57:25,9772382","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\msapsspc.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  839. "12:57:25,9777944","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  840. "12:57:25,9834498","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\msvcrt40.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  841. "12:57:25,9841502","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\Certificates","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  842. "12:57:25,9878627","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\schannel.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  843. "12:57:25,9892844","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\crypt32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  844. "12:57:25,9897506","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CRLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  845. "12:57:26,0667864","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\msasn1.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  846. "12:57:26,0684916","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CTLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  847. "12:57:26,0698846","cltmngui.exe","3244","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  848. "12:57:26,0714211","cltmngui.exe","3244","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  849. "12:57:26,0715278","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\digest.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  850. "12:57:26,0734755","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\msnsspc.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  851. "12:57:26,0739773","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\schannel.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  852. "12:57:26,0741731","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  853. "12:57:26,1058989","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  854. "12:57:26,1062392","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\msvcrt40.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  855. "12:57:26,1072617","cltmngui.exe","3244","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  856. "12:57:26,1088412","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  857. "12:57:26,1104864","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  858. "12:57:26,1375409","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\msv1_0.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  859. "12:57:26,1680130","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Microsoft\Network\Connections\Pbk","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  860. "12:57:26,1682703","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\msv1_0.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  861. "12:57:26,1700886","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\cryptdll.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  862. "12:57:26,1707225","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\ras","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  863. "12:57:26,1716391","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\iphlpapi.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  864. "12:57:26,1794077","cltmngui.exe","3244","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  865. "12:57:26,1802285","cltmngui.exe","3244","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  866. "12:57:26,1807632","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  867. "12:57:26,2079563","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  868. "12:57:26,2095442","cltmngui.exe","3244","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  869. "12:57:26,2099135","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  870. "12:57:26,2345658","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  871. "12:57:26,2598137","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\Network\Connections\Pbk\","PATH NOT FOUND","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
  872. "12:57:26,2604823","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\sensapi.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  873. "12:57:26,2627683","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\mswsock.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  874. "12:57:26,2661874","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\mswsock.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  875. "12:57:26,2683263","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\crypt32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  876. "12:57:26,2695002","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\msasn1.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  877. "12:57:26,2832321","cltmngui.exe","3244","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  878. "12:57:26,2837383","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\rasadhlp.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  879. "12:57:26,2866375","cltmngui.exe","3244","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  880. "12:57:26,2876078","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  881. "12:57:26,2882246","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  882. "12:57:26,2894116","cltmngui.exe","3244","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  883. "12:57:26,3031667","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  884. "12:57:26,3047932","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  885. "12:57:26,3059160","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\Certificates","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  886. "12:57:26,3105300","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CRLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  887. "12:57:26,3120589","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CTLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  888. "12:57:26,3373708","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\wintrust.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  889. "12:57:26,3491843","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\schannel.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  890. "12:57:26,3533047","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\mswsock.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  891. "12:57:26,3543931","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\mswsock.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  892. "12:57:26,3738657","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\rasadhlp.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  893. "12:57:26,4082150","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\dnsapi.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  894. "12:57:26,4091679","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\hnetcfg.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  895. "12:57:26,4161895","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\wshtcpip.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  896. "12:57:26,4169457","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\wshtcpip.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  897. "12:57:26,4582093","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  898. "12:57:26,4592977","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\Certificates","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  899. "12:57:26,4601945","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CRLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  900. "12:57:26,4608974","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\hnetcfg.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  901. "12:57:26,4618506","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CTLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  902. "12:57:26,4623967","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\wshtcpip.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  903. "12:57:26,4677762","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\wshtcpip.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  904. "12:57:26,4903198","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  905. "12:57:26,4905688","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\Certificates","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  906. "12:57:26,4908378","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CRLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  907. "12:57:26,4911563","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CTLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  908. "12:57:26,5154867","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\dssenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  909. "12:57:26,5162407","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\dssenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  910. "12:57:26,5624491","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\rsaenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  911. "12:57:26,5635540","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\rsaenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  912. "12:57:26,5693690","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\dssenh.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  913. "12:57:26,5845947","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\rsaenh.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  914. "12:57:26,5860619","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\rsaenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  915. "12:57:26,5900870","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\rsaenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  916. "12:57:26,5975114","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\dssenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  917. "12:57:26,5996977","cltmng.exe","3172","CreateFile","C:\WINDOWS\system32\dssenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  918. "12:57:26,7007242","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\dssenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  919. "12:57:26,7042680","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\dssenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  920. "12:57:26,7180714","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\dssenh.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  921. "12:57:26,7194079","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\dssenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  922. "12:57:26,7611777","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\dssenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  923. "12:57:26,9575077","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Local State","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  924. "12:57:26,9707957","cltmng.exe","3172","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  925. "12:57:26,9750795","cltmng.exe","3172","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  926. "12:57:26,9761863","cltmng.exe","3172","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  927. "12:57:26,9775957","cltmng.exe","3172","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  928. "12:57:26,9818787","cltmng.exe","3172","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  929. "12:57:26,9843161","cltmng.exe","3172","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  930. "12:57:26,9847184","cltmng.exe","3172","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  931. "12:57:26,9858300","cltmng.exe","3172","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  932. "12:57:26,9891570","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default","SUCCESS","Desired Access: Read Data/List Directory, Read Attributes, Synchronize, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  933. "12:57:27,0078345","cltmngui.exe","3244","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  934. "12:57:27,0081912","cltmng.exe","3172","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  935. "12:57:27,0093822","cltmngui.exe","3244","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  936. "12:57:27,0096710","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  937. "12:57:27,0098244","cltmng.exe","3172","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  938. "12:57:27,0099334","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  939. "12:57:27,0100270","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  940. "12:57:27,0102192","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  941. "12:57:27,0102929","cltmngui.exe","3244","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  942. "12:57:27,0104505","cltmng.exe","3172","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  943. "12:57:27,0104871","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  944. "12:57:27,0105913","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  945. "12:57:27,0106312","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  946. "12:57:27,0110983","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  947. "12:57:27,0113137","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\Certificates","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  948. "12:57:27,0184213","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\Certificates","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  949. "12:57:27,0185982","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CRLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  950. "12:57:27,0188932","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CRLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  951. "12:57:27,0193561","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CTLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  952. "12:57:27,0196042","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CTLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  953. "12:57:27,0980773","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  954. "12:57:27,0981949","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\Certificates","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  955. "12:57:27,0985611","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  956. "12:57:27,0994163","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\Certificates","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  957. "12:57:27,1009938","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CRLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  958. "12:57:27,1014598","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CRLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  959. "12:57:27,1016464","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CTLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  960. "12:57:27,1020680","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CTLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  961. "12:57:27,1047968","cltmngui.exe","3244","CreateFile","C:\WINDOWS\system32\xpsp2res.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  962. "12:57:27,1307032","cltmngui.exe","3244","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Free Space Query, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  963. "12:57:27,1308350","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\UI\rep\UIRepository.dat","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Overwritten"
  964. "12:57:27,1309032","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\UI\rep","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  965. "12:57:27,1316611","cltmngui.exe","3244","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Free Space Query, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  966. "12:57:27,1319567","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\UI\rep\UIRepository.dat","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Overwritten"
  967. "12:57:27,1320240","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\UI\rep","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  968. "12:57:27,1638012","cltmng.exe","3172","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Free Space Query, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  969. "12:57:27,1746719","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep\UserRepository.dat","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Overwritten"
  970. "12:57:27,2129642","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  971. "12:57:27,2136475","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep\UserRepository.dat","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  972. "12:57:27,2143373","cltmng.exe","3172","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Free Space Query, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  973. "12:57:27,2144775","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep\UserRepository.dat","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Overwritten"
  974. "12:57:27,2145222","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  975. "12:57:27,2349600","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\UI","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  976. "12:57:27,2352651","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\UI","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  977. "12:57:27,3151590","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  978. "12:57:27,3156124","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  979. "12:57:28,3370263","cltmng.exe","3172","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  980. "12:57:28,3385106","cltmng.exe","3172","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  981. "12:57:28,3458400","cltmng.exe","3172","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  982. "12:57:28,3467555","cltmng.exe","3172","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  983. "12:57:28,4554503","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\Certificates","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  984. "12:57:28,4556939","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CRLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  985. "12:57:28,4567994","cltmng.exe","3172","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Free Space Query, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  986. "12:57:28,4570597","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CTLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  987. "12:57:28,4572388","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep\UserRepository.dat","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Overwritten"
  988. "12:57:28,4572835","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  989. "12:57:28,4782840","cltmng.exe","3172","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Free Space Query, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  990. "12:57:28,4783901","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep\UserSettings.dat","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: None, AllocationSize: 0, OpenResult: Created"
  991. "12:57:28,4784393","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  992. "12:57:28,4795277","cltmng.exe","3172","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Free Space Query, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  993. "12:57:28,4796378","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep\UserRepository.dat","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Overwritten"
  994. "12:57:28,4796864","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  995. "12:57:28,5014199","cltmng.exe","3172","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Free Space Query, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  996. "12:57:28,5022272","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep\UserRepository.dat","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Overwritten"
  997. "12:57:28,5022739","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  998. "12:57:28,5069435","cltmng.exe","3172","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Free Space Query, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  999. "12:57:28,5072463","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep\UserRepository.dat","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Overwritten"
  1000. "12:57:28,5073659","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1001. "12:57:28,5103484","cltmng.exe","3172","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Free Space Query, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1002. "12:57:28,5111750","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep\UserRepository.dat","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Overwritten"
  1003. "12:57:28,5126562","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1004. "12:57:28,5173487","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep\UserRepository.dat","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1005. "12:57:28,5316595","cltmng.exe","3172","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Free Space Query, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1006. "12:57:28,5317595","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep\UserRepository.dat","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Overwritten"
  1007. "12:57:28,5318234","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1008. "12:57:28,5332733","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Local State","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1009. "12:57:28,5363338","cltmng.exe","3172","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Free Space Query, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1010. "12:57:28,5365713","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep\UserRepository.dat","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Overwritten"
  1011. "12:57:28,5366154","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1012. "12:57:28,5452335","cltmng.exe","3172","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Free Space Query, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1013. "12:57:28,5453293","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep\UserRepository.dat","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Overwritten"
  1014. "12:57:28,5453727","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1015. "12:57:28,5466155","cltmng.exe","3172","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Free Space Query, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1016. "12:57:28,5467066","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep\UserRepository.dat","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Overwritten"
  1017. "12:57:28,5467491","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1018. "12:57:28,5480632","cltmng.exe","3172","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Free Space Query, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1019. "12:57:28,5481540","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep\UserRepository.dat","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Overwritten"
  1020. "12:57:28,5481962","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1021. "12:57:28,5493245","cltmng.exe","3172","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Free Space Query, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1022. "12:57:28,5494760","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep\UserRepository.dat","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Overwritten"
  1023. "12:57:28,5495184","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1024. "12:57:28,5502998","cltmng.exe","3172","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1025. "12:57:28,5507177","cltmng.exe","3172","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1026. "12:57:28,5510966","cltmng.exe","3172","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1027. "12:57:28,5514595","cltmng.exe","3172","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1028. "12:57:28,5622390","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Local State","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1029. "12:57:28,5657537","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Preferences","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1030. "12:57:28,5680043","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Secure Preferences","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1031. "12:57:28,5700498","cltmng.exe","3172","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1032. "12:57:28,5705669","cltmng.exe","3172","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1033. "12:57:28,5709985","cltmng.exe","3172","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1034. "12:57:28,5726367","cltmng.exe","3172","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1035. "12:57:28,5731600","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Preferences","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1036. "12:57:28,5807794","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Secure Preferences","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1037. "12:57:28,6060667","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Preferences","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1038. "12:57:28,6094084","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Secure Preferences","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1039. "12:57:28,6105661","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Preferences","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1040. "12:57:28,6115841","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Secure Preferences","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1041. "12:57:28,6132994","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Preferences","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1042. "12:57:28,6141420","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Secure Preferences","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1043. "12:57:28,6154936","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Preferences","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1044. "12:57:28,6170955","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Secure Preferences","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1045. "12:57:28,6224017","cltmng.exe","3172","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Free Space Query, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1046. "12:57:28,6225012","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep\UserRepository.dat","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Overwritten"
  1047. "12:57:28,6226646","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1048. "12:57:28,6245084","cltmng.exe","3172","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Free Space Query, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1049. "12:57:28,6250694","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep\UserRepository.dat","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Overwritten"
  1050. "12:57:28,6369332","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1051. "12:57:28,6383750","cltmng.exe","3172","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Free Space Query, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1052. "12:57:28,6385012","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep\UserRepository.dat","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Overwritten"
  1053. "12:57:28,6386739","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1054. "12:57:28,6470532","cltmng.exe","3172","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Free Space Query, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1055. "12:57:28,6475052","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Local State","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1056. "12:57:28,6476259","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep\UserRepository.dat","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Overwritten"
  1057. "12:57:28,6476703","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1058. "12:57:28,6518175","cltmng.exe","3172","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Free Space Query, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1059. "12:57:28,6522767","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Local State","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1060. "12:57:28,6523628","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep\UserRepository.dat","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Overwritten"
  1061. "12:57:28,6526329","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\rep","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1062. "12:57:28,6550154","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\SearchProtect\STG","SUCCESS","Desired Access: Read Data/List Directory, Read Attributes, Synchronize, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1063. "12:57:28,8180489","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\Certificates","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1064. "12:57:28,8187778","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CRLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1065. "12:57:28,8205741","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CTLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1066. "12:57:28,8500812","cltmngui.exe","3244","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Free Space Query, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1067. "12:57:28,8503826","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\UI\rep\UIRepository.dat","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Overwritten"
  1068. "12:57:28,8505427","cltmngui.exe","3244","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\SearchProtect\UI\rep","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1069. "12:57:29,0184998","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Preferences","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1070. "12:57:29,0207319","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Secure Preferences","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1071. "12:57:29,0355336","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Web Data","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1072. "12:57:29,0383965","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Web Data-journal","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1073. "12:57:29,0416039","cltmng.exe","3172","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Web Data-journal","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!