API tools faq
paste
Advertisement
Guest User

MQn 448

a guest
Dec 5th, 2013
259
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 30.94 KB | None | 0 0
raw download clone embed print report
  1. 9:05:49.0636002 PM mqnplay.exe 924 RegOpenKey HKLM\Software\Microsoft\TelemetryClient\SampleStore\sqm SUCCESS Desired Access: Read
  2. 9:05:49.0636463 PM mqnplay.exe 924 RegQueryValue HKLM\SOFTWARE\Microsoft\TelemetryClient\SampleStore\sqm\SampledOut NAME NOT FOUND Length: 20
  3. 9:05:49.0636835 PM mqnplay.exe 924 RegCloseKey HKLM\SOFTWARE\Microsoft\TelemetryClient\SampleStore\sqm SUCCESS
  4. 9:05:49.0638402 PM mqnplay.exe 924 RegOpenKey HKLM\Software\Microsoft\TelemetryClient\ThrottleStore\sqm\windows\winsqm8\13238528 NAME NOT FOUND Desired Access: Read
  5. 9:05:49.0639220 PM mqnplay.exe 924 RegOpenKey HKLM\Software\Microsoft\TelemetryClient\SampleStore\sqm\windows\winsqm8\13238528 NAME NOT FOUND Desired Access: Read
  6. 9:05:49.0639408 PM mqnplay.exe 924 RegOpenKey HKLM\Software\Microsoft\TelemetryClient\ThrottleStore\sqm\windows\winsqm8 NAME NOT FOUND Desired Access: Read
  7. 9:05:49.0639561 PM mqnplay.exe 924 RegOpenKey HKLM\Software\Microsoft\TelemetryClient\ThrottleStore\sqm\windows NAME NOT FOUND Desired Access: Read
  8. 9:05:49.0639703 PM mqnplay.exe 924 RegOpenKey HKLM\Software\Microsoft\TelemetryClient\ThrottleStore\sqm NAME NOT FOUND Desired Access: Read
  9. 9:05:49.0639965 PM mqnplay.exe 924 RegOpenKey HKLM\Software\Microsoft\TelemetryClient\ThrottleStore NAME NOT FOUND Desired Access: Read
  10. 9:05:49.0640130 PM mqnplay.exe 924 RegOpenKey HKLM\Software\Policies\Microsoft\SQMClient\Windows NAME NOT FOUND Desired Access: Read
  11. 9:05:49.0640483 PM mqnplay.exe 924 RegOpenKey HKLM\Software\Microsoft\SQMClient\Windows SUCCESS Desired Access: Read
  12. 9:05:49.0640936 PM mqnplay.exe 924 RegQueryValue HKLM\SOFTWARE\Microsoft\SQMClient\Windows\StudyId NAME NOT FOUND Length: 20
  13. 9:05:49.0641086 PM mqnplay.exe 924 RegCloseKey HKLM\SOFTWARE\Microsoft\SQMClient\Windows SUCCESS
  14. 9:05:49.0641216 PM mqnplay.exe 924 RegOpenKey HKLM\Software\Microsoft\TelemetryClient\SampleStore\sqm\windows\winsqm8 NAME NOT FOUND Desired Access: Read
  15. 9:05:49.0641543 PM mqnplay.exe 924 RegOpenKey HKLM\Software\Microsoft\TelemetryClient\SampleStore\sqm\windows NAME NOT FOUND Desired Access: Read
  16. 9:05:49.0641815 PM mqnplay.exe 924 RegOpenKey HKLM\Software\Microsoft\TelemetryClient\SampleStore\sqm SUCCESS Desired Access: Read
  17. 9:05:49.0641988 PM mqnplay.exe 924 RegQueryValue HKLM\SOFTWARE\Microsoft\TelemetryClient\SampleStore\sqm\SampledOut NAME NOT FOUND Length: 20
  18. 9:05:49.0642292 PM mqnplay.exe 924 RegCloseKey HKLM\SOFTWARE\Microsoft\TelemetryClient\SampleStore\sqm SUCCESS
  19. 9:05:49.0642453 PM mqnplay.exe 924 RegOpenKey HKLM\Software\Microsoft\TelemetryClient\ThrottleStore\sqm\windows\winsqm8\13238784 NAME NOT FOUND Desired Access: Read
  20. 9:05:49.0642733 PM mqnplay.exe 924 RegOpenKey HKLM\Software\Microsoft\TelemetryClient\SampleStore\sqm\windows\winsqm8\13238784 NAME NOT FOUND Desired Access: Read
  21. 9:05:49.0672558 PM mqnplay.exe 924 CreateFile C:\Windows\Registration\R000000000006.clb SUCCESS Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened
  22. 9:05:49.0673380 PM mqnplay.exe 924 QueryStandardInformationFile C:\Windows\Registration\R000000000006.clb SUCCESS AllocationSize: 28,672, EndOfFile: 27,044, NumberOfLinks: 1, DeletePending: False, Directory: False
  23. 9:05:49.0673691 PM mqnplay.exe 924 CreateFileMapping C:\Windows\Registration\R000000000006.clb FILE LOCKED WITH ONLY READERS SyncType: SyncTypeCreateSection, PageProtection:
  24. 9:05:49.0673864 PM mqnplay.exe 924 QueryStandardInformationFile C:\Windows\Registration\R000000000006.clb SUCCESS AllocationSize: 28,672, EndOfFile: 27,044, NumberOfLinks: 1, DeletePending: False, Directory: False
  25. 9:05:49.0674359 PM mqnplay.exe 924 CreateFileMapping C:\Windows\Registration\R000000000006.clb SUCCESS SyncType: SyncTypeOther
  26. 9:05:49.0695947 PM mqnplay.exe 924 RegQueryKey HKCU\Software\Classes SUCCESS Query: Name
  27. 9:05:49.0697741 PM mqnplay.exe 924 RegQueryKey HKCU\Software\Classes SUCCESS Query: HandleTags, HandleTags: 0x0
  28. 9:05:49.0697906 PM mqnplay.exe 924 RegQueryKey HKCU\Software\Classes SUCCESS Query: HandleTags, HandleTags: 0x0
  29. 9:05:49.0698113 PM mqnplay.exe 924 RegOpenKey HKCU\Software\Classes\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E} NAME NOT FOUND Desired Access: Read
  30. 9:05:49.0698374 PM mqnplay.exe 924 RegOpenKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E} SUCCESS Desired Access: Read
  31. 9:05:49.0699092 PM mqnplay.exe 924 RegQueryKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E} SUCCESS Query: Name
  32. 9:05:49.0699254 PM mqnplay.exe 924 RegQueryKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E} SUCCESS Query: HandleTags, HandleTags: 0x0
  33. 9:05:49.0699688 PM mqnplay.exe 924 RegOpenKey HKCU\Software\Classes\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\TreatAs NAME NOT FOUND Desired Access: Query Value
  34. 9:05:49.0699845 PM mqnplay.exe 924 RegQueryKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E} SUCCESS Query: HandleTags, HandleTags: 0x0
  35. 9:05:49.0699983 PM mqnplay.exe 924 RegOpenKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\TreatAs NAME NOT FOUND Desired Access: Query Value
  36. 9:05:49.0700110 PM mqnplay.exe 924 RegQueryKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E} SUCCESS Query: Name
  37. 9:05:49.0700275 PM mqnplay.exe 924 RegQueryKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E} SUCCESS Query: Name
  38. 9:05:49.0700402 PM mqnplay.exe 924 RegQueryKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E} SUCCESS Query: HandleTags, HandleTags: 0x0
  39. 9:05:49.0700575 PM mqnplay.exe 924 RegOpenKey HKCU\Software\Classes\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E} NAME NOT FOUND Desired Access: Maximum Allowed
  40. 9:05:49.0700717 PM mqnplay.exe 924 RegQueryValue HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\(Default) SUCCESS Type: REG_SZ, Length: 50, Data: MMDeviceEnumerator class
  41. 9:05:49.0700886 PM mqnplay.exe 924 RegQueryKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E} SUCCESS Query: Name
  42. 9:05:49.0701012 PM mqnplay.exe 924 RegQueryKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E} SUCCESS Query: HandleTags, HandleTags: 0x0
  43. 9:05:49.0701174 PM mqnplay.exe 924 RegOpenKey HKCU\Software\Classes\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E} NAME NOT FOUND Desired Access: Maximum Allowed
  44. 9:05:49.0701304 PM mqnplay.exe 924 RegQueryValue HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\(Default) SUCCESS Type: REG_SZ, Length: 50, Data: MMDeviceEnumerator class
  45. 9:05:49.0701531 PM mqnplay.exe 924 RegQueryKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E} SUCCESS Query: Name
  46. 9:05:49.0701665 PM mqnplay.exe 924 RegQueryKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E} SUCCESS Query: HandleTags, HandleTags: 0x0
  47. 9:05:49.0701842 PM mqnplay.exe 924 RegOpenKey HKCU\Software\Classes\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\InprocServer32 NAME NOT FOUND Desired Access: Read
  48. 9:05:49.0701984 PM mqnplay.exe 924 RegQueryKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E} SUCCESS Query: HandleTags, HandleTags: 0x0
  49. 9:05:49.0702114 PM mqnplay.exe 924 RegOpenKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\InprocServer32 SUCCESS Desired Access: Read
  50. 9:05:49.0702460 PM mqnplay.exe 924 RegQueryKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\InprocServer32 SUCCESS Query: Name
  51. 9:05:49.0702610 PM mqnplay.exe 924 RegQueryKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\InprocServer32 SUCCESS Query: HandleTags, HandleTags: 0x0
  52. 9:05:49.0702783 PM mqnplay.exe 924 RegOpenKey HKCU\Software\Classes\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\InprocServer32 NAME NOT FOUND Desired Access: Maximum Allowed
  53. 9:05:49.0702948 PM mqnplay.exe 924 RegQueryValue HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\InprocServer32\InprocServer32 NAME NOT FOUND Length: 144
  54. 9:05:49.0703086 PM mqnplay.exe 924 RegQueryKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\InprocServer32 SUCCESS Query: Name
  55. 9:05:49.0703220 PM mqnplay.exe 924 RegQueryKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\InprocServer32 SUCCESS Query: HandleTags, HandleTags: 0x0
  56. 9:05:49.0703385 PM mqnplay.exe 924 RegOpenKey HKCU\Software\Classes\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\InprocServer32 NAME NOT FOUND Desired Access: Maximum Allowed
  57. 9:05:49.0703528 PM mqnplay.exe 924 RegQueryValue HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\InprocServer32\(Default) SUCCESS Type: REG_EXPAND_SZ, Length: 70, Data: %SystemRoot%\System32\MMDevApi.dll
  58. 9:05:49.0703677 PM mqnplay.exe 924 RegQueryKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\InprocServer32 SUCCESS Query: Name
  59. 9:05:49.0703816 PM mqnplay.exe 924 RegQueryKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\InprocServer32 SUCCESS Query: HandleTags, HandleTags: 0x0
  60. 9:05:49.0704146 PM mqnplay.exe 924 RegOpenKey HKCU\Software\Classes\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\InprocServer32 NAME NOT FOUND Desired Access: Maximum Allowed
  61. 9:05:49.0704303 PM mqnplay.exe 924 RegQueryValue HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\InprocServer32\(Default) SUCCESS Type: REG_EXPAND_SZ, Length: 70, Data: %SystemRoot%\System32\MMDevApi.dll
  62. 9:05:49.0704630 PM mqnplay.exe 924 RegQueryKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\InprocServer32 SUCCESS Query: Name
  63. 9:05:49.0704772 PM mqnplay.exe 924 RegQueryKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\InprocServer32 SUCCESS Query: HandleTags, HandleTags: 0x0
  64. 9:05:49.0704941 PM mqnplay.exe 924 RegOpenKey HKCU\Software\Classes\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\InprocServer32 NAME NOT FOUND Desired Access: Maximum Allowed
  65. 9:05:49.0705087 PM mqnplay.exe 924 RegQueryValue HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\InprocServer32\(Default) SUCCESS Type: REG_EXPAND_SZ, Length: 70, Data: %SystemRoot%\System32\MMDevApi.dll
  66. 9:05:49.0705236 PM mqnplay.exe 924 RegQueryKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\InprocServer32 SUCCESS Query: Name
  67. 9:05:49.0705371 PM mqnplay.exe 924 RegQueryKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\InprocServer32 SUCCESS Query: HandleTags, HandleTags: 0x0
  68. 9:05:49.0705540 PM mqnplay.exe 924 RegOpenKey HKCU\Software\Classes\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\InprocServer32 NAME NOT FOUND Desired Access: Maximum Allowed
  69. 9:05:49.0705693 PM mqnplay.exe 924 RegQueryValue HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\InprocServer32\ThreadingModel SUCCESS Type: REG_SZ, Length: 10, Data: both
  70. 9:05:49.0705985 PM mqnplay.exe 924 RegCloseKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\InprocServer32 SUCCESS
  71. 9:05:49.0706116 PM mqnplay.exe 924 RegQueryKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E} SUCCESS Query: Name
  72. 9:05:49.0706254 PM mqnplay.exe 924 RegQueryKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E} SUCCESS Query: HandleTags, HandleTags: 0x0
  73. 9:05:49.0706419 PM mqnplay.exe 924 RegOpenKey HKCU\Software\Classes\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\InprocHandler32 NAME NOT FOUND Desired Access: Query Value
  74. 9:05:49.0706722 PM mqnplay.exe 924 RegQueryKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E} SUCCESS Query: HandleTags, HandleTags: 0x0
  75. 9:05:49.0706872 PM mqnplay.exe 924 RegOpenKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\InprocHandler32 NAME NOT FOUND Desired Access: Query Value
  76. 9:05:49.0707095 PM mqnplay.exe 924 RegQueryKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E} SUCCESS Query: Name
  77. 9:05:49.0707344 PM mqnplay.exe 924 RegQueryKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E} SUCCESS Query: HandleTags, HandleTags: 0x0
  78. 9:05:49.0707513 PM mqnplay.exe 924 RegOpenKey HKCU\Software\Classes\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\InprocHandler NAME NOT FOUND Desired Access: Query Value
  79. 9:05:49.0707663 PM mqnplay.exe 924 RegQueryKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E} SUCCESS Query: HandleTags, HandleTags: 0x0
  80. 9:05:49.0707794 PM mqnplay.exe 924 RegOpenKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\InprocHandler NAME NOT FOUND Desired Access: Query Value
  81. 9:05:49.0708116 PM mqnplay.exe 924 RegCloseKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E} SUCCESS
  82. 9:05:49.0708842 PM mqnplay.exe 924 RegQueryKey HKLM SUCCESS Query: HandleTags, HandleTags: 0x0
  83. 9:05:49.0709076 PM mqnplay.exe 924 RegOpenKey HKLM\Software\Microsoft\OLE SUCCESS Desired Access: Read
  84. 9:05:49.0709430 PM mqnplay.exe 924 RegQueryValue HKLM\SOFTWARE\Microsoft\OLE\MaxSxSHashCount NAME NOT FOUND Length: 144
  85. 9:05:49.0709576 PM mqnplay.exe 924 RegCloseKey HKLM\SOFTWARE\Microsoft\OLE SUCCESS
  86. 9:05:49.0712091 PM mqnplay.exe 924 RegOpenKey HKCU\Software\Classes SUCCESS Desired Access: Maximum Allowed, Granted Access: All Access
  87. 9:05:49.0712551 PM mqnplay.exe 924 RegQueryKey HKCU\Software\Classes SUCCESS Query: Name
  88. 9:05:49.0712767 PM mqnplay.exe 924 RegQueryKey HKCU\Software\Classes SUCCESS Query: HandleTags, HandleTags: 0x0
  89. 9:05:49.0712909 PM mqnplay.exe 924 RegQueryKey HKCU\Software\Classes SUCCESS Query: HandleTags, HandleTags: 0x0
  90. 9:05:49.0713074 PM mqnplay.exe 924 RegOpenKey HKCU\Software\Classes\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E} NAME NOT FOUND Desired Access: Read
  91. 9:05:49.0713385 PM mqnplay.exe 924 RegOpenKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E} SUCCESS Desired Access: Read
  92. 9:05:49.0713623 PM mqnplay.exe 924 RegQueryKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E} SUCCESS Query: Name
  93. 9:05:49.0713796 PM mqnplay.exe 924 RegQueryKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E} SUCCESS Query: HandleTags, HandleTags: 0x0
  94. 9:05:49.0714087 PM mqnplay.exe 924 RegOpenKey HKCU\Software\Classes\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\TreatAs NAME NOT FOUND Desired Access: Read
  95. 9:05:49.0714264 PM mqnplay.exe 924 RegQueryKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E} SUCCESS Query: HandleTags, HandleTags: 0x0
  96. 9:05:49.0714425 PM mqnplay.exe 924 RegOpenKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\TreatAs NAME NOT FOUND Desired Access: Read
  97. 9:05:49.0714594 PM mqnplay.exe 924 RegCloseKey HKCR\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E} SUCCESS
  98. 9:05:49.0722835 PM mqnplay.exe 924 CreateFile C:\Windows\System32\MMDevAPI.dll SUCCESS Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
  99. 9:05:49.0724532 PM mqnplay.exe 924 QueryBasicInformationFile C:\Windows\System32\MMDevAPI.dll SUCCESS CreationTime: 8/22/2013 10:44:56 AM, LastAccessTime: 8/22/2013 10:44:56 AM, LastWriteTime: 8/22/2013 1:32:46 PM, ChangeTime: 12/5/2013 6:16:13 AM, FileAttributes: A
  100. 9:05:49.0724763 PM mqnplay.exe 924 CloseFile C:\Windows\System32\MMDevAPI.dll SUCCESS
  101. 9:05:49.0735284 PM mqnplay.exe 924 CreateFile C:\Windows\System32\MMDevAPI.dll SUCCESS Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
  102. 9:05:49.0737381 PM mqnplay.exe 924 CreateFileMapping C:\Windows\System32\MMDevAPI.dll FILE LOCKED WITH ONLY READERS SyncType: SyncTypeCreateSection, PageProtection:
  103. 9:05:49.0737784 PM mqnplay.exe 924 CreateFileMapping C:\Windows\System32\MMDevAPI.dll SUCCESS SyncType: SyncTypeOther
  104. 9:05:49.0746132 PM mqnplay.exe 924 Load Image C:\Windows\System32\MMDevAPI.dll SUCCESS Image Base: 0x7ffba8e90000, Image Size: 0x61000
  105. 9:05:49.0747073 PM mqnplay.exe 924 CloseFile C:\Windows\System32\MMDevAPI.dll SUCCESS
  106. 9:05:49.0758789 PM mqnplay.exe 924 CreateFile C:\Windows\System32\devobj.dll SUCCESS Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
  107. 9:05:49.0760136 PM mqnplay.exe 924 QueryBasicInformationFile C:\Windows\System32\devobj.dll SUCCESS CreationTime: 8/22/2013 10:59:52 AM, LastAccessTime: 8/22/2013 10:59:52 AM, LastWriteTime: 8/22/2013 1:45:59 PM, ChangeTime: 12/5/2013 6:15:59 AM, FileAttributes: A
  108. 9:05:49.0760455 PM mqnplay.exe 924 CloseFile C:\Windows\System32\devobj.dll SUCCESS
  109. 9:05:49.0762625 PM mqnplay.exe 924 CreateFile C:\Windows\System32\devobj.dll SUCCESS Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
  110. 9:05:49.0763327 PM mqnplay.exe 924 CreateFileMapping C:\Windows\System32\devobj.dll FILE LOCKED WITH ONLY READERS SyncType: SyncTypeCreateSection, PageProtection:
  111. 9:05:49.0763719 PM mqnplay.exe 924 CreateFileMapping C:\Windows\System32\devobj.dll SUCCESS SyncType: SyncTypeOther
  112. 9:05:49.0765800 PM mqnplay.exe 924 Load Image C:\Windows\System32\devobj.dll SUCCESS Image Base: 0x7ffbaaac0000, Image Size: 0x26000
  113. 9:05:49.0766058 PM mqnplay.exe 924 CloseFile C:\Windows\System32\devobj.dll SUCCESS
  114. 9:05:49.0771760 PM mqnplay.exe 924 CreateFile C:\Windows\System32\cfgmgr32.dll SUCCESS Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
  115. 9:05:49.0772275 PM mqnplay.exe 924 QueryBasicInformationFile C:\Windows\System32\cfgmgr32.dll SUCCESS CreationTime: 8/22/2013 11:04:50 AM, LastAccessTime: 8/22/2013 11:04:50 AM, LastWriteTime: 8/22/2013 1:45:59 PM, ChangeTime: 12/5/2013 6:21:23 AM, FileAttributes: A
  116. 9:05:49.0772478 PM mqnplay.exe 924 CloseFile C:\Windows\System32\cfgmgr32.dll SUCCESS
  117. 9:05:49.0775796 PM mqnplay.exe 924 CreateFile C:\Windows\System32\cfgmgr32.dll SUCCESS Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
  118. 9:05:49.0776514 PM mqnplay.exe 924 CreateFileMapping C:\Windows\System32\cfgmgr32.dll FILE LOCKED WITH ONLY READERS SyncType: SyncTypeCreateSection, PageProtection:
  119. 9:05:49.0776894 PM mqnplay.exe 924 CreateFileMapping C:\Windows\System32\cfgmgr32.dll SUCCESS SyncType: SyncTypeOther
  120. 9:05:49.0778591 PM mqnplay.exe 924 Load Image C:\Windows\System32\cfgmgr32.dll SUCCESS Image Base: 0x7ffbabf50000, Image Size: 0x4a000
  121. 9:05:49.0778841 PM mqnplay.exe 924 CloseFile C:\Windows\System32\cfgmgr32.dll SUCCESS
  122. 9:05:49.0792603 PM mqnplay.exe 924 RegQueryKey HKLM SUCCESS Query: HandleTags, HandleTags: 0x0
  123. 9:05:49.0792972 PM mqnplay.exe 924 RegOpenKey HKLM\Software\Microsoft\Rpc SUCCESS Desired Access: Read
  124. 9:05:49.0793567 PM mqnplay.exe 924 RegQueryValue HKLM\SOFTWARE\Microsoft\Rpc\MaxRpcSize NAME NOT FOUND Length: 144
  125. 9:05:49.0793805 PM mqnplay.exe 924 RegCloseKey HKLM\SOFTWARE\Microsoft\Rpc SUCCESS
  126. 9:05:49.0795491 PM mqnplay.exe 924 RegOpenKey HKLM\System\CurrentControlSet\Control\ComputerName\ActiveComputerName REPARSE Desired Access: Read
  127. 9:05:49.0795798 PM mqnplay.exe 924 RegOpenKey HKLM\System\CurrentControlSet\Control\ComputerName\ActiveComputerName SUCCESS Desired Access: Read
  128. 9:05:49.0796209 PM mqnplay.exe 924 RegQueryValue HKLM\System\CurrentControlSet\Control\ComputerName\ActiveComputerName\ComputerName SUCCESS Type: REG_SZ, Length: 32, Data: WIN-O7H4Q7L5HMR
  129. 9:05:49.0796413 PM mqnplay.exe 924 RegCloseKey HKLM\System\CurrentControlSet\Control\ComputerName\ActiveComputerName SUCCESS
  130. 9:05:49.0796678 PM mqnplay.exe 924 RegOpenKey HKLM\System\Setup SUCCESS Desired Access: Read
  131. 9:05:49.0796889 PM mqnplay.exe 924 RegQueryValue HKLM\SYSTEM\Setup\OOBEInProgress SUCCESS Type: REG_DWORD, Length: 4, Data: 0
  132. 9:05:49.0797062 PM mqnplay.exe 924 RegCloseKey HKLM\SYSTEM\Setup SUCCESS
  133. 9:05:49.0797234 PM mqnplay.exe 924 RegOpenKey HKLM\System\Setup SUCCESS Desired Access: Read
  134. 9:05:49.0797419 PM mqnplay.exe 924 RegQueryValue HKLM\SYSTEM\Setup\SystemSetupInProgress SUCCESS Type: REG_DWORD, Length: 4, Data: 0
  135. 9:05:49.0797584 PM mqnplay.exe 924 RegCloseKey HKLM\SYSTEM\Setup SUCCESS
  136. 9:05:49.0799596 PM mqnplay.exe 924 RegQueryKey HKLM SUCCESS Query: HandleTags, HandleTags: 0x0
  137. 9:05:49.0799815 PM mqnplay.exe 924 RegOpenKey HKLM\Software\Policies\Microsoft\Windows NT\Rpc NAME NOT FOUND Desired Access: Read
  138. 9:05:49.0800210 PM mqnplay.exe 924 RegOpenKey HKLM\Software\Policies\Microsoft\SQMClient\Windows NAME NOT FOUND Desired Access: Read
  139. 9:05:49.0800425 PM mqnplay.exe 924 RegOpenKey HKLM\Software\Microsoft\SQMClient\Windows SUCCESS Desired Access: Read
  140. 9:05:49.0800663 PM mqnplay.exe 924 RegQueryValue HKLM\SOFTWARE\Microsoft\SQMClient\Windows\CEIPEnable NAME NOT FOUND Length: 20
  141. 9:05:49.0801090 PM mqnplay.exe 924 RegCloseKey HKLM\SOFTWARE\Microsoft\SQMClient\Windows SUCCESS
  142. 9:05:49.0801973 PM mqnplay.exe 924 RegQueryKey HKLM SUCCESS Query: HandleTags, HandleTags: 0x0
  143. 9:05:49.0802157 PM mqnplay.exe 924 RegOpenKey HKLM\Software\Microsoft\Rpc SUCCESS Desired Access: Query Value
  144. 9:05:49.0802372 PM mqnplay.exe 924 RegQueryValue HKLM\SOFTWARE\Microsoft\Rpc\IdleTimerWindow NAME NOT FOUND Length: 144
  145. 9:05:49.0802549 PM mqnplay.exe 924 RegCloseKey HKLM\SOFTWARE\Microsoft\Rpc SUCCESS
  146. 9:05:49.0817244 PM mqnplay.exe 924 RegQueryKey HKLM SUCCESS Query: HandleTags, HandleTags: 0x0
  147. 9:05:49.0817479 PM mqnplay.exe 924 RegOpenKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\MMDevices\Audio\Render\ SUCCESS Desired Access: Read
  148. 9:05:49.0818181 PM mqnplay.exe 924 RegSetInfoKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\MMDevices\Audio\Render SUCCESS KeySetInformationClass: KeySetHandleTagsInformation, Length: 0
  149. 9:05:49.0818400 PM mqnplay.exe 924 RegEnumKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\MMDevices\Audio\Render SUCCESS Index: 0, Name: {726c744f-7dbe-4670-abed-4a086e5e43e9}
  150. 9:05:49.0818542 PM mqnplay.exe 924 RegQueryKey HKLM SUCCESS Query: HandleTags, HandleTags: 0x0
  151. 9:05:49.0818673 PM mqnplay.exe 924 RegOpenKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\MMDevices\Audio\Render\{726c744f-7dbe-4670-abed-4a086e5e43e9} SUCCESS Desired Access: Read
  152. 9:05:49.0818850 PM mqnplay.exe 924 RegSetInfoKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\MMDevices\Audio\Render\{726c744f-7dbe-4670-abed-4a086e5e43e9} SUCCESS KeySetInformationClass: KeySetHandleTagsInformation, Length: 0
  153. 9:05:49.0819137 PM mqnplay.exe 924 RegQueryValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\MMDevices\Audio\Render\{726c744f-7dbe-4670-abed-4a086e5e43e9}\Protocol NAME NOT FOUND Length: 144
  154. 9:05:49.0819656 PM mqnplay.exe 924 RegQueryKey HKLM SUCCESS Query: HandleTags, HandleTags: 0x0
  155. 9:05:49.0819786 PM mqnplay.exe 924 RegOpenKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\MMDevices\Audio\Render\{726c744f-7dbe-4670-abed-4a086e5e43e9}\Properties SUCCESS Desired Access: Read
  156. 9:05:49.0820040 PM mqnplay.exe 924 RegSetInfoKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\MMDevices\Audio\Render\{726c744f-7dbe-4670-abed-4a086e5e43e9}\Properties SUCCESS KeySetInformationClass: KeySetHandleTagsInformation, Length: 0
  157. 9:05:49.0820220 PM mqnplay.exe 924 RegQueryValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\MMDevices\Audio\Render\{726c744f-7dbe-4670-abed-4a086e5e43e9}\Properties\{83da6326-97a6-4088-9453-a1923f573b29},6 NAME NOT FOUND Length: 144
  158. 9:05:49.0820393 PM mqnplay.exe 924 RegQueryKey HKLM SUCCESS Query: HandleTags, HandleTags: 0x0
  159. 9:05:49.0820516 PM mqnplay.exe 924 RegOpenKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\MMDevices\Audio\Render\{726c744f-7dbe-4670-abed-4a086e5e43e9} SUCCESS Desired Access: Read
  160. 9:05:49.0820735 PM mqnplay.exe 924 RegSetInfoKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\MMDevices\Audio\Render\{726c744f-7dbe-4670-abed-4a086e5e43e9} SUCCESS KeySetInformationClass: KeySetHandleTagsInformation, Length: 0
  161. 9:05:49.0820842 PM mqnplay.exe 924 RegQueryValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\MMDevices\Audio\Render\{726c744f-7dbe-4670-abed-4a086e5e43e9}\DeviceState SUCCESS Type: REG_DWORD, Length: 4, Data: 1
  162. 9:05:49.0820977 PM mqnplay.exe 924 RegCloseKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\MMDevices\Audio\Render\{726c744f-7dbe-4670-abed-4a086e5e43e9} SUCCESS
  163. 9:05:49.0821096 PM mqnplay.exe 924 RegCloseKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\MMDevices\Audio\Render\{726c744f-7dbe-4670-abed-4a086e5e43e9} SUCCESS
  164. 9:05:49.0821196 PM mqnplay.exe 924 RegEnumKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\MMDevices\Audio\Render NO MORE ENTRIES Index: 1, Length: 288
  165. 9:05:49.0821307 PM mqnplay.exe 924 RegCloseKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\MMDevices\Audio\Render SUCCESS
  166. 9:05:49.0821453 PM mqnplay.exe 924 RegQueryValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\MMDevices\Audio\Render\{726c744f-7dbe-4670-abed-4a086e5e43e9}\Properties\{f3e80bef-1723-4ff2-bcc4-7f83dc5e46d4},3 NAME NOT FOUND Length: 144
  167. 9:05:49.0821599 PM mqnplay.exe 924 RegQueryKey HKLM SUCCESS Query: HandleTags, HandleTags: 0x0
  168. 9:05:49.0821722 PM mqnplay.exe 924 RegOpenKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\MMDevices\Audio\Render\{726c744f-7dbe-4670-abed-4a086e5e43e9} SUCCESS Desired Access: Read
  169. 9:05:49.0821872 PM mqnplay.exe 924 RegSetInfoKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\MMDevices\Audio\Render\{726c744f-7dbe-4670-abed-4a086e5e43e9} SUCCESS KeySetInformationClass: KeySetHandleTagsInformation, Length: 0
  170. 9:05:49.0821971 PM mqnplay.exe 924 RegQueryValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\MMDevices\Audio\Render\{726c744f-7dbe-4670-abed-4a086e5e43e9}\Role:0 NAME NOT FOUND Length: 144
  171. 9:05:49.0822079 PM mqnplay.exe 924 RegCloseKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\MMDevices\Audio\Render\{726c744f-7dbe-4670-abed-4a086e5e43e9} SUCCESS
  172. 9:05:49.0822221 PM mqnplay.exe 924 RegQueryValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\MMDevices\Audio\Render\{726c744f-7dbe-4670-abed-4a086e5e43e9}\Properties\{5a9125b7-f367-4924-ace2-0803a4a3a471},0 SUCCESS Type: REG_DWORD, Length: 4, Data: 1610712932
  173. 9:05:49.0822448 PM mqnplay.exe 924 RegQueryValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\MMDevices\Audio\Render\{726c744f-7dbe-4670-abed-4a086e5e43e9}\Properties\{5a9125b7-f367-4924-ace2-0803a4a3a471},0 SUCCESS Type: REG_DWORD, Length: 4, Data: 1610712932
  174. 9:05:49.0826284 PM mqnplay.exe 924 CreateFile C:\mqn\AUDIOSES.DLL NAME NOT FOUND Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
  175. 9:05:49.0831518 PM mqnplay.exe 924 CreateFile C:\Windows\System32\AudioSes.dll SUCCESS Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
  176. 9:05:49.0832001 PM mqnplay.exe 924 QueryBasicInformationFile C:\Windows\System32\AudioSes.dll SUCCESS CreationTime: 8/22/2013 10:36:48 AM, LastAccessTime: 8/22/2013 10:36:48 AM, LastWriteTime: 8/22/2013 1:32:40 PM, ChangeTime: 12/5/2013 6:15:49 AM, FileAttributes: A
  177. 9:05:49.0832163 PM mqnplay.exe 924 CloseFile C:\Windows\System32\AudioSes.dll SUCCESS
  178. 9:05:49.0834555 PM mqnplay.exe 924 CreateFile C:\Windows\System32\AudioSes.dll SUCCESS Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
  179. 9:05:49.0835154 PM mqnplay.exe 924 CreateFileMapping C:\Windows\System32\AudioSes.dll FILE LOCKED WITH ONLY READERS SyncType: SyncTypeCreateSection, PageProtection:
  180. 9:05:49.0835703 PM mqnplay.exe 924 CreateFileMapping C:\Windows\System32\AudioSes.dll SUCCESS SyncType: SyncTypeOther
  181. 9:05:49.0838115 PM mqnplay.exe 924 Load Image C:\Windows\System32\AudioSes.dll SUCCESS Image Base: 0x7ffb9e750000, Image Size: 0x76000
  182. 9:05:49.0838326 PM mqnplay.exe 924 CloseFile C:\Windows\System32\AudioSes.dll SUCCESS
  183. 9:05:49.0846897 PM mqnplay.exe 924 Load Image C:\Windows\System32\oleaut32.dll SUCCESS Image Base: 0x7ffbac3d0000, Image Size: 0xb7000
  184. 9:05:49.0853256 PM mqnplay.exe 924 CreateFile C:\Windows\System32\powrprof.dll SUCCESS Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
  185. 9:05:49.0853843 PM mqnplay.exe 924 QueryBasicInformationFile C:\Windows\System32\powrprof.dll SUCCESS CreationTime: 8/22/2013 11:02:23 AM, LastAccessTime: 8/22/2013 11:02:23 AM, LastWriteTime: 8/22/2013 1:45:59 PM, ChangeTime: 12/5/2013 6:22:03 AM, FileAttributes: A
  186. 9:05:49.0854373 PM mqnplay.exe 924 CloseFile C:\Windows\System32\powrprof.dll SUCCESS
  187. 9:05:49.0855802 PM mqnplay.exe 924 CreateFile C:\Windows\System32\powrprof.dll SUCCESS Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
  188. 9:05:49.0856466 PM mqnplay.exe 924 CreateFileMapping C:\Windows\System32\powrprof.dll FILE LOCKED WITH ONLY READERS SyncType: SyncTypeCreateSection, PageProtection:
  189. 9:05:49.0856773 PM mqnplay.exe 924 CreateFileMapping C:\Windows\System32\powrprof.dll SUCCESS SyncType: SyncTypeOther
  190. 9:05:49.0858524 PM mqnplay.exe 924 Load Image C:\Windows\System32\powrprof.dll SUCCESS Image Base: 0x7ffbab7d0000, Image Size: 0x45000
  191. 9:05:49.0858820 PM mqnplay.exe 924 CloseFile C:\Windows\System32\powrprof.dll SUCCESS
  192. 9:05:49.0868700 PM mqnplay.exe 924 RegQueryKey HKLM SUCCESS Query: HandleTags, HandleTags: 0x0
  193. 9:05:49.0869011 PM mqnplay.exe 924 RegOpenKey HKLM\SOFTWARE\Microsoft\OLEAUT NAME NOT FOUND Desired Access: Query Value
  194. 9:05:49.0871338 PM mqnplay.exe 924 RegOpenKey HKLM\Software\Microsoft\Rpc\Extensions SUCCESS Desired Access: Read
  195. 9:05:49.0871553 PM mqnplay.exe 924 RegQueryValue HKLM\SOFTWARE\Microsoft\Rpc\Extensions\NdrOleExtDLL SUCCESS Type: REG_EXPAND_SZ, Length: 24, Data: combase.dll
  196. 9:05:49.0871695 PM mqnplay.exe 924 RegCloseKey HKLM\SOFTWARE\Microsoft\Rpc\Extensions SUCCESS
  197. 9:05:49.0873654 PM mqnplay.exe 924 RegQueryValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\MMDevices\Audio\Render\{726c744f-7dbe-4670-abed-4a086e5e43e9}\Properties\{b3f8fa53-0004-438e-9003-51a46e139bfc},22 NAME NOT FOUND Length: 144
  198. 9:05:49.0874137 PM mqnplay.exe 924 RegQueryKey HKLM SUCCESS Query: HandleTags, HandleTags: 0x0
  199. 9:05:49.0874272 PM mqnplay.exe 924 RegOpenKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\MMDevices\Audio\Render\{726c744f-7dbe-4670-abed-4a086e5e43e9} SUCCESS Desired Access: Read
  200. 9:05:49.0874656 PM mqnplay.exe 924 RegSetInfoKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\MMDevices\Audio\Render\{726c744f-7dbe-4670-abed-4a086e5e43e9} SUCCESS KeySetInformationClass: KeySetHandleTagsInformation, Length: 0
  201. 9:05:49.0874790 PM mqnplay.exe 924 RegQueryValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\MMDevices\Audio\Render\{726c744f-7dbe-4670-abed-4a086e5e43e9}\DeviceState SUCCESS Type: REG_DWORD, Length: 4, Data: 1
  202. 9:05:49.0874925 PM mqnplay.exe 924 RegCloseKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\MMDevices\Audio\Render\{726c744f-7dbe-4670-abed-4a086e5e43e9} SUCCESS
  203. 9:05:49.0875689 PM mqnplay.exe 924 RegOpenKey HKCU SUCCESS Desired Access: Maximum Allowed, Granted Access: All Access
  204. 9:05:49.0875881 PM mqnplay.exe 924 RegQueryKey HKCU SUCCESS Query: HandleTags, HandleTags: 0x0
  205. 9:05:49.0876004 PM mqnplay.exe 924 RegOpenKey HKCU\Software\Microsoft\Multimedia\Audio SUCCESS Desired Access: Query Value
  206. 9:05:49.0876295 PM mqnplay.exe 924 RegQueryValue HKCU\Software\Microsoft\Multimedia\Audio\UserDuckingPreference NAME NOT FOUND Length: 144
  207. 9:05:49.0876422 PM mqnplay.exe 924 RegCloseKey HKCU\Software\Microsoft\Multimedia\Audio SUCCESS
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!