TcpAdaptorService.exe - Daemon/Net start
=============================================
"21:05:42.9172890","TcpAdaptorService.exe","3752","Thread Create","","SUCCESS","Thread ID: 3852"
"21:05:42.9194021","TcpAdaptorService.exe","3752","QueryNameInformationFile","C:\Documents and Settings\%USER%\%DESKTOP%\TcpAdaptorService0.exe","SUCCESS","Name: \Documents and Settings\%USER%\%DESKTOP%\TcpAdaptorService.exe"
"21:05:42.9196627","TcpAdaptorService.exe","3752","Load Image","C:\Documents and Settings\%USER%\%DESKTOP%\TcpAdaptorService.exe","SUCCESS","Image Base: 0x400000, Image Size: 0x14000"
"21:05:42.9198636","TcpAdaptorService.exe","3752","Load Image","C:\WINDOWS\System32\ntdll.dll","SUCCESS","Image Base: 0x7c940000, Image Size: 0x9c000"
"21:05:42.9198845","TcpAdaptorService.exe","3752","QueryNameInformationFile","C:\Documents and Settings\%USER%\%DESKTOP%\TcpAdaptorService0.exe","SUCCESS","Name: \Documents and Settings\%USER%\%DESKTOP%\TcpAdaptorService.exe"
"21:05:42.9200837","TcpAdaptorService.exe","3752","CreateFile","C:\WINDOWS\Prefetch\TCPADAPTORSERVICE.EXE-2EED8274.pf","NAME NOT FOUND","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: None, AllocationSize: n/a"
"21:05:42.9203776","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TcpAdaptorService.exe","NAME NOT FOUND","Desired Access: Read"
"21:05:42.9206665","TcpAdaptorService.exe","3752","CreateFile","C:\WINDOWS\system32","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
"21:05:42.9235074","TcpAdaptorService.exe","3752","FileSystemControl","C:\WINDOWS\system32","SUCCESS","Control: FSCTL_IS_VOLUME_MOUNTED"
"21:05:42.9239778","TcpAdaptorService.exe","3752","CreateFile","C:\Documents and Settings\%USER%\%DESKTOP%\TcpAdaptorService.exe.Local","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
"21:05:42.9242658","TcpAdaptorService.exe","3752","Load Image","C:\WINDOWS\System32\KERNEL32.DLL","SUCCESS","Image Base: 0x7c800000, Image Size: 0x133000"
"21:05:42.9245737","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\System\CurrentControlSet\Control\Terminal Server","SUCCESS","Desired Access: Read"
"21:05:42.9246164","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Control\Terminal Server\TSAppCompat","SUCCESS","Type: REG_DWORD, Length: 4, Data: 0"
"21:05:42.9246514","TcpAdaptorService.exe","3752","RegCloseKey","HKLM\System\CurrentControlSet\Control\Terminal Server","SUCCESS",""
"21:05:42.9489167","TcpAdaptorService.exe","3752","Load Image","C:\WINDOWS\System32\ADVAPI32.DLL","SUCCESS","Image Base: 0x77d80000, Image Size: 0xa9000"
"21:05:42.9492293","TcpAdaptorService.exe","3752","Load Image","C:\WINDOWS\System32\RPCRT4.DLL","SUCCESS","Image Base: 0x77e30000, Image Size: 0x92000"
"21:05:42.9495095","TcpAdaptorService.exe","3752","Load Image","C:\WINDOWS\System32\SECUR32.DLL","SUCCESS","Image Base: 0x77fa0000, Image Size: 0x11000"
"21:05:42.9516838","TcpAdaptorService.exe","3752","CreateFile","C:\Documents and Settings\%USER%\%DESKTOP%\PSAPI.DLL","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
"21:05:42.9521216","TcpAdaptorService.exe","3752","CreateFile","C:\WINDOWS\system32\psapi.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"21:05:42.9540760","TcpAdaptorService.exe","3752","QueryBasicInformationFile","C:\WINDOWS\system32\psapi.dll","SUCCESS","CreationTime: 2008/08/20 12:00:00, LastAccessTime: 2013/01/31 0:00:00, LastWriteTime: 2008/08/20 12:00:00, ChangeTime: 1601/01/01 9:00:00, FileAttributes: A"
"21:05:42.9542470","TcpAdaptorService.exe","3752","CloseFile","C:\WINDOWS\system32\psapi.dll","SUCCESS",""
"21:05:42.9544870","TcpAdaptorService.exe","3752","CreateFile","C:\WINDOWS\system32\psapi.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"21:05:42.9558441","TcpAdaptorService.exe","3752","CreateFileMapping","C:\WINDOWS\system32\psapi.dll","SUCCESS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE"
"21:05:42.9559000","TcpAdaptorService.exe","3752","CreateFileMapping","C:\WINDOWS\SYSTEM32\PSAPI.DLL","SUCCESS","SyncType: SyncTypeOther"
"21:05:42.9560981","TcpAdaptorService.exe","3752","CloseFile","C:\WINDOWS\system32\psapi.dll","SUCCESS",""
"21:05:42.9563428","TcpAdaptorService.exe","3752","Load Image","C:\WINDOWS\System32\PSAPI.DLL","SUCCESS","Image Base: 0x76ba0000, Image Size: 0xb000"
"21:05:42.9611378","TcpAdaptorService.exe","3752","CreateFile","C:\Documents and Settings\%USER%\%DESKTOP%\WS2_32.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
"21:05:42.9615544","TcpAdaptorService.exe","3752","CreateFile","C:\WINDOWS\system32\ws2_32.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"21:05:42.9636365","TcpAdaptorService.exe","3752","QueryBasicInformationFile","C:\WINDOWS\system32\ws2_32.dll","SUCCESS","CreationTime: 2008/08/20 12:00:00, LastAccessTime: 2013/01/31 0:00:00, LastWriteTime: 2008/08/20 12:00:00, ChangeTime: 1601/01/01 9:00:00, FileAttributes: A"
"21:05:42.9637979","TcpAdaptorService.exe","3752","CloseFile","C:\WINDOWS\system32\ws2_32.dll","SUCCESS",""
"21:05:42.9657443","TcpAdaptorService.exe","3752","CreateFile","C:\WINDOWS\system32\ws2_32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"21:05:42.9659186","TcpAdaptorService.exe","3752","CreateFileMapping","C:\WINDOWS\system32\ws2_32.dll","SUCCESS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE"
"21:05:42.9659711","TcpAdaptorService.exe","3752","CreateFileMapping","C:\WINDOWS\SYSTEM32\WS2_32.DLL","SUCCESS","SyncType: SyncTypeOther"
"21:05:42.9661491","TcpAdaptorService.exe","3752","CloseFile","C:\WINDOWS\system32\ws2_32.dll","SUCCESS",""
"21:05:42.9685692","TcpAdaptorService.exe","3752","Load Image","C:\WINDOWS\System32\WS2_32.DLL","SUCCESS","Image Base: 0x719e0000, Image Size: 0x17000"
"21:05:42.9688659","TcpAdaptorService.exe","3752","Load Image","C:\WINDOWS\System32\MSVCRT.DLL","SUCCESS","Image Base: 0x77bc0000, Image Size: 0x58000"
"21:05:42.9692992","TcpAdaptorService.exe","3752","CreateFile","C:\Documents and Settings\%USER%\%DESKTOP%\WS2HELP.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
"21:05:42.9711777","TcpAdaptorService.exe","3752","CreateFile","C:\WINDOWS\system32\ws2help.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"21:05:42.9713472","TcpAdaptorService.exe","3752","QueryBasicInformationFile","C:\WINDOWS\system32\ws2help.dll","SUCCESS","CreationTime: 2008/08/20 12:00:00, LastAccessTime: 2013/01/31 0:00:00, LastWriteTime: 2008/08/20 12:00:00, ChangeTime: 1601/01/01 9:00:00, FileAttributes: A"
"21:05:42.9715076","TcpAdaptorService.exe","3752","CloseFile","C:\WINDOWS\system32\ws2help.dll","SUCCESS",""
"21:05:43.0051979","TcpAdaptorService.exe","3752","CreateFile","C:\WINDOWS\system32\ws2help.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"21:05:43.0053789","TcpAdaptorService.exe","3752","CreateFileMapping","C:\WINDOWS\system32\ws2help.dll","SUCCESS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE"
"21:05:43.0054359","TcpAdaptorService.exe","3752","CreateFileMapping","C:\WINDOWS\SYSTEM32\WS2HELP.DLL","SUCCESS","SyncType: SyncTypeOther"
"21:05:43.0056158","TcpAdaptorService.exe","3752","CloseFile","C:\WINDOWS\system32\ws2help.dll","SUCCESS",""
"21:05:43.0079625","TcpAdaptorService.exe","3752","Load Image","C:\WINDOWS\System32\WS2HELP.DLL","SUCCESS","Image Base: 0x719d0000, Image Size: 0x8000"
"21:05:43.0084176","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Secur32.dll","NAME NOT FOUND","Desired Access: Read"
"21:05:43.0107729","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RPCRT4.dll","NAME NOT FOUND","Desired Access: Read"
"21:05:43.0108039","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ADVAPI32.dll","NAME NOT FOUND","Desired Access: Read"
"21:05:43.0108338","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\System\CurrentControlSet\Control\Terminal Server","SUCCESS","Desired Access: Read"
"21:05:43.0108718","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Control\Terminal Server\TSAppCompat","SUCCESS","Type: REG_DWORD, Length: 4, Data: 0"
"21:05:43.0108905","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Control\Terminal Server\TSUserEnabled","SUCCESS","Type: REG_DWORD, Length: 4, Data: 0"
"21:05:43.0109171","TcpAdaptorService.exe","3752","RegCloseKey","HKLM\System\CurrentControlSet\Control\Terminal Server","SUCCESS",""
"21:05:43.0109308","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon","SUCCESS","Desired Access: Read"
"21:05:43.0109606","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\LeakTrack","NAME NOT FOUND","Length: 144"
"21:05:43.0109883","TcpAdaptorService.exe","3752","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon","SUCCESS",""
"21:05:43.0109981","TcpAdaptorService.exe","3752","RegOpenKey","HKLM","SUCCESS","Desired Access: Maximum Allowed"
"21:05:43.0110190","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\Software\Microsoft\Windows NT\CurrentVersion\Diagnostics","NAME NOT FOUND","Desired Access: Read"
"21:05:43.0110540","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PSAPI.DLL","NAME NOT FOUND","Desired Access: Read"
"21:05:43.0110743","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msvcrt.dll","NAME NOT FOUND","Desired Access: Read"
"21:05:43.0114696","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WS2HELP.dll","NAME NOT FOUND","Desired Access: Read"
"21:05:43.0114923","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WS2_32.dll","NAME NOT FOUND","Desired Access: Read"
"21:05:43.0115205","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ntdll.dll","NAME NOT FOUND","Desired Access: Read"
"21:05:43.0115398","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kernel32.dll","NAME NOT FOUND","Desired Access: Read"
"21:05:43.0117800","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\System\CurrentControlSet\Control\ServiceCurrent","SUCCESS","Desired Access: Query Value"
"21:05:43.0118130","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Control\ServiceCurrent\(Default)","SUCCESS","Type: REG_DWORD, Length: 4, Data: 15"
"21:05:43.0118370","TcpAdaptorService.exe","3752","RegCloseKey","HKLM\System\CurrentControlSet\Control\ServiceCurrent","SUCCESS",""
"21:05:43.0119717","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\Software\Microsoft\Rpc\PagedBuffers","NAME NOT FOUND","Desired Access: Read"
"21:05:43.0119907","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\Software\Microsoft\Rpc","SUCCESS","Desired Access: Read"
"21:05:43.0120133","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\SOFTWARE\Microsoft\Rpc\MaxRpcSize","NAME NOT FOUND","Length: 144"
"21:05:43.0120759","TcpAdaptorService.exe","3752","RegCloseKey","HKLM\SOFTWARE\Microsoft\Rpc","SUCCESS",""
"21:05:43.0120910","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TcpAdaptorService.exe\RpcThreadPoolThrottle","NAME NOT FOUND","Desired Access: Read"
"21:05:43.0121502","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\Software\Policies\Microsoft\Windows NT\Rpc","NAME NOT FOUND","Desired Access: Read"
"21:05:43.0121918","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager","SUCCESS","Desired Access: Query Value"
"21:05:43.0122220","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Control\Session Manager\SafeDllSearchMode","NAME NOT FOUND","Length: 16"
"21:05:43.0122485","TcpAdaptorService.exe","3752","RegCloseKey","HKLM\System\CurrentControlSet\Control\Session Manager","SUCCESS",""
"21:05:43.0137646","TcpAdaptorService.exe","3752","QueryNameInformationFile","C:\Documents and Settings\%USER%\%DESKTOP%\TcpAdaptorService0.exe","BUFFER OVERFLOW","Name: \D"
"21:05:43.0137901","TcpAdaptorService.exe","3752","QueryNameInformationFile","C:\Documents and Settings\%USER%\%DESKTOP%\TcpAdaptorService0.exe","SUCCESS","Name: \Documents and Settings\%USER%\%DESKTOP%\TcpAdaptorService.exe"
"21:05:43.0139021","TcpAdaptorService.exe","3752","RegSetValue","HKLM\SOFTWARE\Microsoft\Cryptography\RNG\Seed","SUCCESS","Type: REG_BINARY, Length: 80, Data: 61 4E C6 74 C2 3E 6C 9F D1 7B 7B C4 F1 E0 92 2F"
"21:05:43.0147678","TcpAdaptorService.exe","3752","Thread Create","","SUCCESS","Thread ID: 3856"
"21:05:43.0175341","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\System\CurrentControlSet\Control\ComputerName","SUCCESS","Desired Access: Read"
"21:05:43.0175701","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\System\CurrentControlSet\Control\ComputerName\ActiveComputerName","SUCCESS","Desired Access: Read"
"21:05:43.0175922","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Control\ComputerName\ActiveComputerName\ComputerName","SUCCESS","Type: REG_SZ, Length: 32, Data: %USER%-1379CF37C25"
"21:05:43.0224574","TcpAdaptorService.exe","3752","RegCloseKey","HKLM\System\CurrentControlSet\Control\ComputerName\ActiveComputerName","SUCCESS",""
"21:05:43.0226451","TcpAdaptorService.exe","3752","RegCloseKey","HKLM\System\CurrentControlSet\Control\ComputerName","SUCCESS",""
"21:05:43.0248940","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters","SUCCESS","Desired Access: Maximum Allowed"
"21:05:43.0249325","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\WinSock_Registry_Version","SUCCESS","Type: REG_SZ, Length: 8, Data: 2.0"
"21:05:43.0249499","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\WinSock_Registry_Version","SUCCESS","Type: REG_SZ, Length: 8, Data: 2.0"
"21:05:43.0249758","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9","SUCCESS","Desired Access: Maximum Allowed"
"21:05:43.0250004","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Serial_Access_Num","SUCCESS","Type: REG_DWORD, Length: 4, Data: 9"
"21:05:43.0250328","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Serial_Access_Num","SUCCESS","Type: REG_DWORD, Length: 4, Data: 9"
"21:05:43.0250658","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\00000009","NAME NOT FOUND","Desired Access: Maximum Allowed"
"21:05:43.0250837","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Next_Catalog_Entry_ID","SUCCESS","Type: REG_DWORD, Length: 4, Data: 1025"
"21:05:43.0250993","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Num_Catalog_Entries","SUCCESS","Type: REG_DWORD, Length: 4, Data: 14"
"21:05:43.0251147","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries","SUCCESS","Desired Access: Maximum Allowed"
"21:05:43.0251418","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001","SUCCESS","Desired Access: Read"
"21:05:43.0251678","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001\PackedCatalogItem","BUFFER OVERFLOW","Length: 144"
"21:05:43.0251865","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001\PackedCatalogItem","BUFFER OVERFLOW","Length: 144"
"21:05:43.0252032","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001\PackedCatalogItem","SUCCESS","Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73"
"21:05:43.0252317","TcpAdaptorService.exe","3752","RegCloseKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001","SUCCESS",""
"21:05:43.0252471","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002","SUCCESS","Desired Access: Read"
"21:05:43.0252708","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002\PackedCatalogItem","BUFFER OVERFLOW","Length: 144"
"21:05:43.0252887","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002\PackedCatalogItem","BUFFER OVERFLOW","Length: 144"
"21:05:43.0253100","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002\PackedCatalogItem","SUCCESS","Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73"
"21:05:43.0253376","TcpAdaptorService.exe","3752","RegCloseKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002","SUCCESS",""
"21:05:43.0253527","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003","SUCCESS","Desired Access: Read"
"21:05:43.0253764","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003\PackedCatalogItem","BUFFER OVERFLOW","Length: 144"
"21:05:43.0253943","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003\PackedCatalogItem","BUFFER OVERFLOW","Length: 144"
"21:05:43.0254111","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003\PackedCatalogItem","SUCCESS","Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73"
"21:05:43.0254379","TcpAdaptorService.exe","3752","RegCloseKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003","SUCCESS",""
"21:05:43.0254527","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004","SUCCESS","Desired Access: Read"
"21:05:43.0254762","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004\PackedCatalogItem","BUFFER OVERFLOW","Length: 144"
"21:05:43.0254938","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004\PackedCatalogItem","BUFFER OVERFLOW","Length: 144"
"21:05:43.0255105","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004\PackedCatalogItem","SUCCESS","Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73"
"21:05:43.0255371","TcpAdaptorService.exe","3752","RegCloseKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004","SUCCESS",""
"21:05:43.0255519","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005","SUCCESS","Desired Access: Read"
"21:05:43.0255762","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005\PackedCatalogItem","BUFFER OVERFLOW","Length: 144"
"21:05:43.0255941","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005\PackedCatalogItem","BUFFER OVERFLOW","Length: 144"
"21:05:43.0256108","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005\PackedCatalogItem","SUCCESS","Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73"
"21:05:43.0256371","TcpAdaptorService.exe","3752","RegCloseKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005","SUCCESS",""
"21:05:43.0256519","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006","SUCCESS","Desired Access: Read"
"21:05:43.0256759","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006\PackedCatalogItem","BUFFER OVERFLOW","Length: 144"
"21:05:43.0256935","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006\PackedCatalogItem","BUFFER OVERFLOW","Length: 144"
"21:05:43.0257103","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006\PackedCatalogItem","SUCCESS","Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73"
"21:05:43.0257371","TcpAdaptorService.exe","3752","RegCloseKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006","SUCCESS",""
"21:05:43.0257519","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007","SUCCESS","Desired Access: Read"
"21:05:43.0257757","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007\PackedCatalogItem","BUFFER OVERFLOW","Length: 144"
"21:05:43.0257933","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007\PackedCatalogItem","BUFFER OVERFLOW","Length: 144"
"21:05:43.0258142","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007\PackedCatalogItem","SUCCESS","Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73"
"21:05:43.0258410","TcpAdaptorService.exe","3752","RegCloseKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007","SUCCESS",""
"21:05:43.0258558","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008","SUCCESS","Desired Access: Read"
"21:05:43.0258799","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008\PackedCatalogItem","BUFFER OVERFLOW","Length: 144"
"21:05:43.0258975","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008\PackedCatalogItem","BUFFER OVERFLOW","Length: 144"
"21:05:43.0259145","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008\PackedCatalogItem","SUCCESS","Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73"
"21:05:43.0287392","TcpAdaptorService.exe","3752","RegCloseKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008","SUCCESS",""
"21:05:43.0287582","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009","SUCCESS","Desired Access: Read"
"21:05:43.0287875","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009\PackedCatalogItem","BUFFER OVERFLOW","Length: 144"
"21:05:43.0288070","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009\PackedCatalogItem","BUFFER OVERFLOW","Length: 144"
"21:05:43.0288244","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009\PackedCatalogItem","SUCCESS","Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73"
"21:05:43.0288540","TcpAdaptorService.exe","3752","RegCloseKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009","SUCCESS",""
"21:05:43.0288693","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010","SUCCESS","Desired Access: Read"
"21:05:43.0288942","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010\PackedCatalogItem","BUFFER OVERFLOW","Length: 144"
"21:05:43.0289126","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010\PackedCatalogItem","BUFFER OVERFLOW","Length: 144"
"21:05:43.0289294","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010\PackedCatalogItem","SUCCESS","Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73"
"21:05:43.0289565","TcpAdaptorService.exe","3752","RegCloseKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010","SUCCESS",""
"21:05:43.0289716","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011","SUCCESS","Desired Access: Read"
"21:05:43.0289967","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011\PackedCatalogItem","BUFFER OVERFLOW","Length: 144"
"21:05:43.0290149","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011\PackedCatalogItem","BUFFER OVERFLOW","Length: 144"
"21:05:43.0290364","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011\PackedCatalogItem","SUCCESS","Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73"
"21:05:43.0290641","TcpAdaptorService.exe","3752","RegCloseKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011","SUCCESS",""
"21:05:43.0290791","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012","SUCCESS","Desired Access: Read"
"21:05:43.0291035","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012\PackedCatalogItem","BUFFER OVERFLOW","Length: 144"
"21:05:43.0291211","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012\PackedCatalogItem","BUFFER OVERFLOW","Length: 144"
"21:05:43.0291381","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012\PackedCatalogItem","SUCCESS","Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73"
"21:05:43.0291655","TcpAdaptorService.exe","3752","RegCloseKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012","SUCCESS",""
"21:05:43.0291803","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013","SUCCESS","Desired Access: Read"
"21:05:43.0292046","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013\PackedCatalogItem","BUFFER OVERFLOW","Length: 144"
"21:05:43.0292225","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013\PackedCatalogItem","BUFFER OVERFLOW","Length: 144"
"21:05:43.0292392","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013\PackedCatalogItem","SUCCESS","Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73"
"21:05:43.0292660","TcpAdaptorService.exe","3752","RegCloseKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013","SUCCESS",""
"21:05:43.0292808","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000014","SUCCESS","Desired Access: Read"
"21:05:43.0293049","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000014\PackedCatalogItem","BUFFER OVERFLOW","Length: 144"
"21:05:43.0293225","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000014\PackedCatalogItem","BUFFER OVERFLOW","Length: 144"
"21:05:43.0293392","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000014\PackedCatalogItem","SUCCESS","Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73"
"21:05:43.0310269","TcpAdaptorService.exe","3752","RegCloseKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000014","SUCCESS",""
"21:05:43.0310512","TcpAdaptorService.exe","3752","RegCloseKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries","SUCCESS",""
"21:05:43.0310744","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5","SUCCESS","Desired Access: Maximum Allowed"
"21:05:43.0311015","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Serial_Access_Num","SUCCESS","Type: REG_DWORD, Length: 4, Data: 4"
"21:05:43.0311294","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Serial_Access_Num","SUCCESS","Type: REG_DWORD, Length: 4, Data: 4"
"21:05:43.0311487","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\00000004","NAME NOT FOUND","Desired Access: Maximum Allowed"
"21:05:43.0311666","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Num_Catalog_Entries","SUCCESS","Type: REG_DWORD, Length: 4, Data: 3"
"21:05:43.0311819","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries","SUCCESS","Desired Access: Maximum Allowed"
"21:05:43.0312082","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001","SUCCESS","Desired Access: Read"
"21:05:43.0312322","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\LibraryPath","SUCCESS","Type: REG_SZ, Length: 68, Data: %SystemRoot%\System32\mswsock.dll"
"21:05:43.0312507","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\LibraryPath","SUCCESS","Type: REG_SZ, Length: 68, Data: %SystemRoot%\System32\mswsock.dll"
"21:05:43.0312713","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\DisplayString","SUCCESS","Type: REG_SZ, Length: 12, Data: Tcpip"
"21:05:43.0312884","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\DisplayString","SUCCESS","Type: REG_SZ, Length: 12, Data: Tcpip"
"21:05:43.0313060","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\DisplayString","SUCCESS","Type: REG_SZ, Length: 12, Data: Tcpip"
"21:05:43.0313233","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\DisplayString","SUCCESS","Type: REG_SZ, Length: 12, Data: Tcpip"
"21:05:43.0313406","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\ProviderId","SUCCESS","Type: REG_BINARY, Length: 16, Data: 40 9D 05 22 9E 7E CF 11 AE 5A 00 AA 00 A7 11 2B"
"21:05:43.0313579","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\AddressFamily","NAME NOT FOUND","Length: 144"
"21:05:43.0313755","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\SupportedNameSpace","SUCCESS","Type: REG_DWORD, Length: 4, Data: 12"
"21:05:43.0313931","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\Enabled","SUCCESS","Type: REG_DWORD, Length: 4, Data: 1"
"21:05:43.0314099","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\Version","SUCCESS","Type: REG_DWORD, Length: 4, Data: 0"
"21:05:43.0314269","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\StoresServiceClassInfo","SUCCESS","Type: REG_DWORD, Length: 4, Data: 0"
"21:05:43.0314526","TcpAdaptorService.exe","3752","RegCloseKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001","SUCCESS",""
"21:05:43.0314739","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002","SUCCESS","Desired Access: Read"
"21:05:43.0314984","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\LibraryPath","SUCCESS","Type: REG_SZ, Length: 66, Data: %SystemRoot%\System32\winrnr.dll"
"21:05:43.0315155","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\LibraryPath","SUCCESS","Type: REG_SZ, Length: 66, Data: %SystemRoot%\System32\winrnr.dll"
"21:05:43.0315342","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\DisplayString","SUCCESS","Type: REG_SZ, Length: 10, Data: NTDS"
"21:05:43.0315512","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\DisplayString","SUCCESS","Type: REG_SZ, Length: 10, Data: NTDS"
"21:05:43.0315686","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\DisplayString","SUCCESS","Type: REG_SZ, Length: 10, Data: NTDS"
"21:05:43.0315856","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\DisplayString","SUCCESS","Type: REG_SZ, Length: 10, Data: NTDS"
"21:05:43.0316029","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\ProviderId","SUCCESS","Type: REG_BINARY, Length: 16, Data: EE 37 26 3B 80 E5 CF 11 A5 55 00 C0 4F D8 D4 AC"
"21:05:43.0316197","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\AddressFamily","NAME NOT FOUND","Length: 144"
"21:05:43.0316437","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\SupportedNameSpace","SUCCESS","Type: REG_DWORD, Length: 4, Data: 32"
"21:05:43.0316610","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\Enabled","SUCCESS","Type: REG_DWORD, Length: 4, Data: 1"
"21:05:43.0316778","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\Version","SUCCESS","Type: REG_DWORD, Length: 4, Data: 0"
"21:05:43.0316951","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\StoresServiceClassInfo","SUCCESS","Type: REG_DWORD, Length: 4, Data: 0"
"21:05:43.0317200","TcpAdaptorService.exe","3752","RegCloseKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002","SUCCESS",""
"21:05:43.0317356","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003","SUCCESS","Desired Access: Read"
"21:05:43.0317597","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\LibraryPath","SUCCESS","Type: REG_SZ, Length: 68, Data: %SystemRoot%\System32\mswsock.dll"
"21:05:43.0317767","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\LibraryPath","SUCCESS","Type: REG_SZ, Length: 68, Data: %SystemRoot%\System32\mswsock.dll"
"21:05:43.0317954","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\DisplayString","SUCCESS","Type: REG_SZ, Length: 86, Data: Network Location Awareness (NLA) Namespace"
"21:05:43.0318133","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\DisplayString","SUCCESS","Type: REG_SZ, Length: 86, Data: Network Location Awareness (NLA) Namespace"
"21:05:43.0318309","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\DisplayString","SUCCESS","Type: REG_SZ, Length: 86, Data: Network Location Awareness (NLA) Namespace"
"21:05:43.0318482","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\DisplayString","SUCCESS","Type: REG_SZ, Length: 86, Data: Network Location Awareness (NLA) Namespace"
"21:05:43.0318669","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\ProviderId","SUCCESS","Type: REG_BINARY, Length: 16, Data: 3A 24 42 66 A8 3B A6 4A BA A5 2E 0B D7 1F DD 83"
"21:05:43.0318843","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\AddressFamily","NAME NOT FOUND","Length: 144"
"21:05:43.0319013","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\SupportedNameSpace","SUCCESS","Type: REG_DWORD, Length: 4, Data: 15"
"21:05:43.0319183","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\Enabled","SUCCESS","Type: REG_DWORD, Length: 4, Data: 1"
"21:05:43.0319351","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\Version","SUCCESS","Type: REG_DWORD, Length: 4, Data: 0"
"21:05:43.0319524","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\StoresServiceClassInfo","SUCCESS","Type: REG_DWORD, Length: 4, Data: 0"
"21:05:43.0319784","TcpAdaptorService.exe","3752","RegCloseKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003","SUCCESS",""
"21:05:43.0330584","TcpAdaptorService.exe","3752","RegCloseKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries","SUCCESS",""
"21:05:43.0330833","TcpAdaptorService.exe","3752","RegCloseKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters","SUCCESS",""
"21:05:43.0331006","TcpAdaptorService.exe","3752","RegOpenKey","HKLM\System\CurrentControlSet\Services\Winsock2\Parameters","SUCCESS","Desired Access: Query Value"
"21:05:43.0331352","TcpAdaptorService.exe","3752","RegQueryValue","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Ws2_32NumHandleBuckets","NAME NOT FOUND","Length: 144"
"21:05:43.0331584","TcpAdaptorService.exe","3752","RegCloseKey","HKLM\System\CurrentControlSet\Services\WinSock2\Parameters","SUCCESS",""
"21:07:41.6060212","TcpAdaptorService.exe","3752","QueryNameInformationFile","C:\WINDOWS\system32\net.exe","BUFFER OVERFLOW","Name: \W"
"21:07:41.6060441","TcpAdaptorService.exe","3752","QueryNameInformationFile","C:\WINDOWS\system32\net.exe","SUCCESS","Name: \WINDOWS\System32\NET.EXE"
"21:07:43.0896125","TcpAdaptorService.exe","3752","QueryNameInformationFile","C:\WINDOWS\system32\net1.exe","BUFFER OVERFLOW","Name: \W"
"21:07:43.0896366","TcpAdaptorService.exe","3752","QueryNameInformationFile","C:\WINDOWS\system32\net1.exe","SUCCESS","Name: \WINDOWS\System32\net1.exe"
"21:07:43.9572656","TcpAdaptorService.exe","3752","Thread Exit","","SUCCESS","Thread ID: 3852, User Time: 0.0000000, Kernel Time: 0.0312500"
"21:07:43.9573617","TcpAdaptorService.exe","3752","Thread Exit","","SUCCESS","Thread ID: 3856, User Time: 15.7968750, Kernel Time: 60.6718750"
"21:07:43.9576547","TcpAdaptorService.exe","3752","Process Exit","","SUCCESS","Exit Status: 1, User Time: 15.8125000 seconds, Kernel Time: 49.8906250 seconds, Private Bytes: 10,395,648, Peak Private Bytes: 10,403,840, Working Set: 1,363,968, Peak Working Set: 1,372,160"
"21:07:43.9577589","TcpAdaptorService.exe","3752","CloseFile","C:\WINDOWS\system32","SUCCESS",""