API tools faq
paste
Advertisement
Guest User

search protect conduit

a guest
Oct 14th, 2014
704
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 354.92 KB | None | 0 0
raw download clone embed print report
  1. "Time of Day","Process Name","PID","Operation","Path","Result","Detail"
  2. "11:02:07,1855795","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\MSIMTF.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  3. "11:02:10,9498233","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\regsvr32.exe","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  4. "11:02:10,9506298","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\AppPatch\sysmain.sdb","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  5. "11:02:10,9513816","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\AppPatch\systest.sdb","NAME NOT FOUND","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a"
  6. "11:02:10,9515467","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  7. "11:02:10,9517800","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  8. "11:02:10,9521940","PowerISO6.exe","3696","CreateFile","C:\WINDOWS","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  9. "11:02:10,9523465","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  10. "11:02:10,9552891","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\regsvr32.exe","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  11. "11:02:10,9570256","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\regsvr32.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  12. "11:02:10,9574036","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\regsvr32.exe","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  13. "11:02:10,9577877","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\regsvr32.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  14. "11:02:10,9586744","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  15. "11:02:10,9587655","PowerISO6.exe","3696","CreateFile","C:\WINDOWS","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  16. "11:02:10,9589912","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  17. "11:02:10,9661865","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  18. "11:02:10,9663762","PowerISO6.exe","3696","CreateFile","C:\WINDOWS","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  19. "11:02:10,9665665","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  20. "11:02:10,9676850","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\regsvr32.exe.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  21. "11:02:10,9679750","PowerISO6.exe","3696","Process Create","C:\WINDOWS\system32\regsvr32.exe","SUCCESS","PID: 3552, Command line: regsvr32.exe /s /u ""C:\Programme\PowerISO\PWRISOSH.DLL"""
  22. "11:02:10,9679778","regsvr32.exe","3552","Process Start","","SUCCESS","Parent PID: 3696, Command line: regsvr32.exe /s /u ""C:\Programme\PowerISO\PWRISOSH.DLL"", Current directory: C:\Programme\PowerISO\, Environment:
  23. =::=::\
  24. ALLUSERSPROFILE=C:\Dokumente und Einstellungen\All Users.WINDOWS
  25. APPDATA=C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten
  26. CLIENTNAME=Console
  27. CommonProgramFiles=C:\Programme\Gemeinsame Dateien
  28. COMPUTERNAME=VM-40A11EDE3A0F
  29. ComSpec=C:\WINDOWS\system32\cmd.exe
  30. FP_NO_HOST_CHECK=NO
  31. HOMEDRIVE=C:
  32. HOMEPATH=\Dokumente und Einstellungen\Administrator
  33. LOGONSERVER=\\VM-40A11EDE3A0F
  34. NUMBER_OF_PROCESSORS=1
  35. OS=Windows_NT
  36. Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Python27;C:\Python33
  37. PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
  38. PROCESSOR_ARCHITECTURE=x86
  39. PROCESSOR_IDENTIFIER=x86 Family 6 Model 58 Stepping 9, GenuineIntel
  40. PROCESSOR_LEVEL=6
  41. PROCESSOR_REVISION=3a09
  42. ProgramFiles=C:\Programme
  43. Python2=C:\Python27\python.exe
  44. Python3=C:\Python33
  45. SESSIONNAME=Console
  46. SystemDrive=C:
  47. SystemRoot=C:\WINDOWS
  48. TEMP=C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp
  49. TMP=C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp
  50. USERDOMAIN=VM-40A11EDE3A0F
  51. USERNAME=Administrator
  52. USERPROFILE=C:\Dokumente und Einstellungen\Administrator
  53. windir=C:\WINDOWS"
  54. "11:02:10,9720415","regsvr32.exe","3552","CreateFile","C:\WINDOWS\Prefetch\REGSVR32.EXE-25EEFE2F.pf","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: None, AllocationSize: n/a, OpenResult: Opened"
  55. "11:02:10,9812337","regsvr32.exe","3552","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  56. "11:02:11,0702389","regsvr32.exe","3552","CreateFile","C:\WINDOWS\system32\shimeng.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  57. "11:02:11,0754792","regsvr32.exe","3552","CreateFile","C:\WINDOWS\AppPatch\sysmain.sdb","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  58. "11:02:11,0788034","regsvr32.exe","3552","CreateFile","C:\WINDOWS\AppPatch\systest.sdb","NAME NOT FOUND","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a"
  59. "11:02:11,0815026","regsvr32.exe","3552","CreateFile","C:\WINDOWS\AppPatch\AcGenral.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  60. "11:02:11,0842781","regsvr32.exe","3552","CreateFile","C:\WINDOWS\AppPatch\AcGenral.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  61. "11:02:11,0862518","regsvr32.exe","3552","CreateFile","C:\WINDOWS\AppPatch\AcGenral.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  62. "11:02:11,0875464","regsvr32.exe","3552","CreateFile","C:\WINDOWS\AppPatch\AcGenral.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  63. "11:02:11,0912527","regsvr32.exe","3552","CreateFile","C:\WINDOWS\system32\winmm.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  64. "11:02:11,1107077","regsvr32.exe","3552","CreateFile","C:\WINDOWS\system32\msacm32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  65. "11:02:11,1504622","regsvr32.exe","3552","CreateFile","C:\WINDOWS\system32\uxtheme.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  66. "11:02:11,2542782","regsvr32.exe","3552","CreateFile","C:\WINDOWS\system32\imm32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  67. "11:02:11,2559963","regsvr32.exe","3552","CreateFile","C:\WINDOWS\system32\imm32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  68. "11:02:11,2603756","regsvr32.exe","3552","CreateFile","C:\WINDOWS\system32\imm32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  69. "11:02:11,3142202","regsvr32.exe","3552","CreateFile","C:\WINDOWS\system32\shell32.dll","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  70. "11:02:11,3411054","regsvr32.exe","3552","CreateFile","C:\WINDOWS\system32\SHELL32.dll.124.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  71. "11:02:11,3548868","regsvr32.exe","3552","CreateFile","C:\WINDOWS\system32\SHELL32.dll.124.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  72. "11:02:11,3626892","regsvr32.exe","3552","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  73. "11:02:11,3627766","regsvr32.exe","3552","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  74. "11:02:11,3683240","regsvr32.exe","3552","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  75. "11:02:11,3762484","regsvr32.exe","3552","CreateFile","C:\WINDOWS\WindowsShell.Manifest","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  76. "11:02:11,3799475","regsvr32.exe","3552","CreateFile","C:\WINDOWS\WindowsShell.Manifest","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  77. "11:02:11,3810884","regsvr32.exe","3552","CreateFile","C:\WINDOWS\WindowsShell.Manifest","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  78. "11:02:11,3812407","regsvr32.exe","3552","CreateFile","C:\WINDOWS\WindowsShell.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  79. "11:02:11,4495882","regsvr32.exe","3552","CreateFile","C:\WINDOWS\system32\comctl32.dll","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  80. "11:02:11,4587399","regsvr32.exe","3552","CreateFile","C:\WINDOWS\system32\comctl32.dll.124.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  81. "11:02:11,4604055","regsvr32.exe","3552","CreateFile","C:\WINDOWS\system32\comctl32.dll.124.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  82. "11:02:11,4900380","regsvr32.exe","3552","CreateFile","C:\WINDOWS\system32\rpcss.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  83. "11:02:11,5174988","regsvr32.exe","3552","CreateFile","C:\WINDOWS\system32\MSCTF.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  84. "11:02:11,5195650","regsvr32.exe","3552","CreateFile","C:\WINDOWS\system32\MSCTF.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  85. "11:02:11,5718998","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  86. "11:02:11,5723896","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  87. "11:02:11,5728561","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  88. "11:02:11,5735277","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  89. "11:02:11,5745284","PowerISO6.exe","3696","CreateFile","C:\WINDOWS","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  90. "11:02:11,5746552","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  91. "11:02:11,5748117","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\drivers","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  92. "11:02:11,5765063","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\drivers","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  93. "11:02:11,5768750","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\drivers\scdemu.sys","SUCCESS","Desired Access: Generic Read/Write, Disposition: OpenIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  94. "11:02:11,5791575","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\drivers\scdemu.sys","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  95. "11:02:11,5795469","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\drivers\scdemu.sys","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0, OpenResult: Overwritten"
  96. "11:02:11,5796212","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\drivers","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  97. "11:02:11,5938306","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Skins","NAME NOT FOUND","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
  98. "11:02:11,5938901","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  99. "11:02:11,5956774","PowerISO6.exe","3696","CreateFile","C:\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  100. "11:02:11,5957411","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  101. "11:02:11,5958660","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Skins","NAME NOT FOUND","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
  102. "11:02:11,5959839","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Skins","NAME NOT FOUND","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
  103. "11:02:11,5960359","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  104. "11:02:11,5961440","PowerISO6.exe","3696","CreateFile","C:\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  105. "11:02:11,5971827","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  106. "11:02:11,5978850","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Skins","NAME NOT FOUND","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
  107. "11:02:11,5985912","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Skins","NAME NOT FOUND","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
  108. "11:02:11,5998872","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  109. "11:02:11,6007298","PowerISO6.exe","3696","CreateFile","C:\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  110. "11:02:11,6013038","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  111. "11:02:11,6015550","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Skins","NAME NOT FOUND","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
  112. "11:02:11,6017237","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Skins","NAME NOT FOUND","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
  113. "11:02:11,6018087","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  114. "11:02:11,6039271","PowerISO6.exe","3696","CreateFile","C:\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  115. "11:02:11,6052309","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  116. "11:02:11,6056941","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Skins","NAME NOT FOUND","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
  117. "11:02:11,6060274","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Skins","NAME NOT FOUND","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
  118. "11:02:11,6061690","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  119. "11:02:11,6138462","PowerISO6.exe","3696","CreateFile","C:\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  120. "11:02:11,6139613","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  121. "11:02:11,6144728","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Skins","NAME NOT FOUND","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
  122. "11:02:11,6151104","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Skins","NAME NOT FOUND","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
  123. "11:02:11,6152037","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  124. "11:02:11,6154431","PowerISO6.exe","3696","CreateFile","C:\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  125. "11:02:11,6155395","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  126. "11:02:11,6161088","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Skins","NAME NOT FOUND","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
  127. "11:02:11,6164963","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Skins","NAME NOT FOUND","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
  128. "11:02:11,6167444","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  129. "11:02:11,6175459","PowerISO6.exe","3696","CreateFile","C:\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  130. "11:02:11,6176428","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  131. "11:02:11,6185259","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Skins","NAME NOT FOUND","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
  132. "11:02:11,6186245","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","NAME NOT FOUND","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
  133. "11:02:11,6186756","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  134. "11:02:11,6187801","PowerISO6.exe","3696","CreateFile","C:\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  135. "11:02:11,6198791","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  136. "11:02:11,6201143","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","NAME NOT FOUND","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
  137. "11:02:11,6202401","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","NAME NOT FOUND","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
  138. "11:02:11,6202915","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  139. "11:02:11,6215779","PowerISO6.exe","3696","CreateFile","C:\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  140. "11:02:11,6216400","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  141. "11:02:11,6217606","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","NAME NOT FOUND","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
  142. "11:02:11,6243601","PowerISO6.exe","3696","CreateFile","C:\Programme","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  143. "11:02:11,6244465","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  144. "11:02:11,6245604","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Created"
  145. "11:02:11,6248982","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  146. "11:02:11,6275748","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\SimpChinese.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  147. "11:02:11,6276318","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  148. "11:02:11,6550512","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\TradChinese.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  149. "11:02:11,6552015","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  150. "11:02:11,6608041","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\italian.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  151. "11:02:11,6609511","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  152. "11:02:11,6640490","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\Polish.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  153. "11:02:11,6641040","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  154. "11:02:11,6810162","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\french.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  155. "11:02:11,6810774","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  156. "11:02:11,6907395","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\Arabic.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  157. "11:02:11,6908027","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  158. "11:02:11,6928367","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\Bulgarian.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  159. "11:02:11,6928948","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  160. "11:02:11,6958307","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\Korean.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  161. "11:02:11,6959013","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  162. "11:02:11,7004620","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\czech.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  163. "11:02:11,7005198","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  164. "11:02:11,7030447","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\Lithuanian.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  165. "11:02:11,7031017","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  166. "11:02:11,7059711","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\Greek.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  167. "11:02:11,7060283","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  168. "11:02:11,7109686","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\Spanish.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  169. "11:02:11,7110248","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  170. "11:02:11,7181810","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\Turkish.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  171. "11:02:11,7182899","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  172. "11:02:11,7212685","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\Hungarian.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  173. "11:02:11,7215364","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  174. "11:02:11,7257347","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\German.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  175. "11:02:11,7257915","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  176. "11:02:11,7297246","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\Russian.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  177. "11:02:11,7297794","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  178. "11:02:11,7566767","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\Japanese.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  179. "11:02:11,7569043","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  180. "11:02:11,7700943","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\Slovenian.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  181. "11:02:11,7714959","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  182. "11:02:11,8325106","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\Swedish.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  183. "11:02:11,8325712","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  184. "11:02:11,8348120","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\Norsk.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  185. "11:02:11,8348710","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  186. "11:02:11,8365662","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\Portuguese(Brazil).lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  187. "11:02:11,8366226","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  188. "11:02:11,8398967","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\Dutch.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  189. "11:02:11,8399554","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  190. "11:02:11,8427859","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\Thai.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  191. "11:02:11,8428426","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  192. "11:02:11,8461615","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\danish.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  193. "11:02:11,8462177","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  194. "11:02:11,8495265","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\Ukrainian.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  195. "11:02:11,8495823","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  196. "11:02:11,8537393","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\croatian.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  197. "11:02:11,8537968","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  198. "11:02:11,8560980","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\Farsi.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  199. "11:02:11,8561563","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  200. "11:02:11,8592372","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\Belarusian.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  201. "11:02:11,8592995","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  202. "11:02:11,8633033","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\Armenian.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  203. "11:02:11,8633620","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  204. "11:02:11,8666088","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\Serbian(cyrl).lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  205. "11:02:11,8666658","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  206. "11:02:11,8691418","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\Malay.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  207. "11:02:11,8691993","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  208. "11:02:11,8727040","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\Bosnian.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  209. "11:02:11,8727624","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  210. "11:02:11,8784871","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\Slovak.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  211. "11:02:11,8785514","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  212. "11:02:11,8814258","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\Vietnamese.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  213. "11:02:11,8814970","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  214. "11:02:11,8841325","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\kazakh.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  215. "11:02:11,8841876","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  216. "11:02:11,8884945","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\Indonesian.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  217. "11:02:11,8885524","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  218. "11:02:11,8921118","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\Azerbaijani.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  219. "11:02:11,8921668","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  220. "11:02:11,8969565","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\Urdu(Pakistan).lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  221. "11:02:11,8971054","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  222. "11:02:11,9026421","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang\Romanian.lng","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  223. "11:02:11,9026991","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Lang","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  224. "11:02:11,9083147","PowerISO6.exe","3696","CreateFile","C:\Programme","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  225. "11:02:11,9083962","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  226. "11:02:11,9085812","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  227. "11:02:11,9096654","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\piso.exe","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  228. "11:02:11,9097347","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  229. "11:02:11,9109060","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  230. "11:02:11,9118835","PowerISO6.exe","3696","CreateFile","C:\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  231. "11:02:11,9119419","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  232. "11:02:11,9120439","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  233. "11:02:11,9127719","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  234. "11:02:11,9128809","PowerISO6.exe","3696","CreateFile","C:\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  235. "11:02:11,9136234","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  236. "11:02:11,9137307","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  237. "11:02:11,9138844","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  238. "11:02:11,9145962","PowerISO6.exe","3696","CreateFile","C:\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  239. "11:02:11,9146534","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  240. "11:02:11,9147549","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  241. "11:02:11,9165850","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\PowerISO.exe","SUCCESS","Desired Access: Generic Read/Write, Disposition: OpenIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  242. "11:02:11,9179187","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\PowerISO.exe","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  243. "11:02:11,9181841","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\PowerISO.exe","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0, OpenResult: Overwritten"
  244. "11:02:11,9182299","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  245. "11:02:12,0990143","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\lame_enc.dll","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  246. "11:02:12,1004561","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  247. "11:02:12,1106689","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\libFLAC.dll","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  248. "11:02:12,1107812","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  249. "11:02:12,2058695","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\MACDll.dll","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  250. "11:02:12,2059134","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  251. "11:02:12,2130824","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\PowerISO.chm","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  252. "11:02:12,2131241","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  253. "11:02:12,2273317","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\Readme.txt","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  254. "11:02:12,2273742","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  255. "11:02:12,2329040","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\License.txt","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  256. "11:02:12,2337404","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  257. "11:02:12,2363399","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\History.txt","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  258. "11:02:12,2363820","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  259. "11:02:12,2376093","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  260. "11:02:12,2389810","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  261. "11:02:12,2394327","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  262. "11:02:12,2398663","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  263. "11:02:12,2409519","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\PWRISOSH.DLL","SUCCESS","Desired Access: Generic Read/Write, Disposition: OpenIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  264. "11:02:12,2433257","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\PWRISOSH.DLL","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  265. "11:02:12,2435751","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\PWRISOSH.DLL","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0, OpenResult: Overwritten"
  266. "11:02:12,2436156","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  267. "11:02:12,2759315","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\PWRISOVM.EXE","SUCCESS","Desired Access: Generic Read/Write, Disposition: OpenIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  268. "11:02:12,2782198","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\PWRISOVM.EXE","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  269. "11:02:12,2788852","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\PWRISOVM.EXE","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0, OpenResult: Overwritten"
  270. "11:02:12,2789721","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  271. "11:02:12,3013437","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\uninstall.exe","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  272. "11:02:12,3013847","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  273. "11:02:12,5304862","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  274. "11:02:12,5305683","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  275. "11:02:12,5306421","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Startmenü","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  276. "11:02:12,5307200","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  277. "11:02:12,5406160","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  278. "11:02:12,5406777","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  279. "11:02:12,5419108","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\PowerISO","NAME NOT FOUND","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
  280. "11:02:12,5423436","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Desktop","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  281. "11:02:12,5424617","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  282. "11:02:12,5441826","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  283. "11:02:12,5444198","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  284. "11:02:12,5445341","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Desktop","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  285. "11:02:12,5447050","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  286. "11:02:12,5447830","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Startmenü","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  287. "11:02:12,5453923","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  288. "11:02:12,5463787","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  289. "11:02:12,5467687","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  290. "11:02:12,5468651","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  291. "11:02:12,5477141","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  292. "11:02:12,5477948","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  293. "11:02:12,5489980","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  294. "11:02:12,5490821","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  295. "11:02:12,5491598","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  296. "11:02:12,5497615","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  297. "11:02:12,5498761","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\PowerISO","NAME NOT FOUND","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
  298. "11:02:12,5509832","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  299. "11:02:12,5510947","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  300. "11:02:12,5511852","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  301. "11:02:12,5512419","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  302. "11:02:12,5513592","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  303. "11:02:12,5520250","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  304. "11:02:12,5521037","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  305. "11:02:12,5521820","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  306. "11:02:12,5526298","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  307. "11:02:12,5527125","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  308. "11:02:12,5528033","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  309. "11:02:12,5529488","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  310. "11:02:12,5530192","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  311. "11:02:12,5530840","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  312. "11:02:12,5539439","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  313. "11:02:12,5540381","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\PowerISO","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Created"
  314. "11:02:12,5593477","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  315. "11:02:12,5612027","PowerISO6.exe","3696","CreateFile","C:\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  316. "11:02:12,5613792","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  317. "11:02:12,5621517","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  318. "11:02:12,5622411","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  319. "11:02:12,5623338","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  320. "11:02:12,5636882","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  321. "11:02:12,5639463","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  322. "11:02:12,5642444","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  323. "11:02:12,5759068","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  324. "11:02:12,5771988","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  325. "11:02:12,5775181","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  326. "11:02:12,5790429","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  327. "11:02:12,5792871","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  328. "11:02:12,5807037","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  329. "11:02:12,5820316","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  330. "11:02:12,5830239","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  331. "11:02:12,5837809","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  332. "11:02:12,5862153","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  333. "11:02:12,5872180","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  334. "11:02:12,5874194","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  335. "11:02:12,5879700","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  336. "11:02:12,5880575","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  337. "11:02:12,5884774","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  338. "11:02:12,5906695","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\linkinfo.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  339. "11:02:12,5924105","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\ntshrui.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  340. "11:02:12,5935654","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\atl.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  341. "11:02:12,5947480","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\netapi32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  342. "11:02:12,5985113","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\ntshrui.dll","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  343. "11:02:12,5989061","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\ntshrui.dll.123.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  344. "11:02:12,5991726","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\ntshrui.dll.123.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  345. "11:02:12,6075004","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  346. "11:02:12,6075390","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  347. "11:02:12,6093546","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\uninstall.exe","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  348. "11:02:12,6098499","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","IS DIRECTORY","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
  349. "11:02:12,6099010","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  350. "11:02:12,6100488","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  351. "11:02:12,6112029","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\uninstall.exe","SUCCESS","Desired Access: Generic Read, Write Attributes, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  352. "11:02:12,6121125","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\PowerISO\Uninstall PowerISO.lnk","SUCCESS","Desired Access: Generic Read/Write, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Created"
  353. "11:02:12,6122290","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\PowerISO","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  354. "11:02:12,6238453","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  355. "11:02:12,6239506","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  356. "11:02:12,6243825","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  357. "11:02:12,6251186","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Startmenü\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  358. "11:02:12,6255888","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Startmenü\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  359. "11:02:12,6259120","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Startmenü\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  360. "11:02:12,6282698","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  361. "11:02:12,6295706","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  362. "11:02:12,6296885","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  363. "11:02:12,6300555","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  364. "11:02:12,6305313","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  365. "11:02:12,6314378","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  366. "11:02:12,6320544","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  367. "11:02:12,6321407","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  368. "11:02:12,6399923","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  369. "11:02:12,6401669","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  370. "11:02:12,6404801","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  371. "11:02:12,6416115","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  372. "11:02:12,6420900","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  373. "11:02:12,6421750","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  374. "11:02:12,6422568","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  375. "11:02:12,6435201","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  376. "11:02:12,6442414","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  377. "11:02:12,6445336","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  378. "11:02:12,6449136","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  379. "11:02:12,6456050","PowerISO6.exe","3696","CreateFile","C:\WINDOWS","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  380. "11:02:12,6458830","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  381. "11:02:12,6464453","PowerISO6.exe","3696","CreateFile","C:\WINDOWS","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  382. "11:02:12,6467085","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  383. "11:02:12,6478416","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  384. "11:02:12,6479307","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  385. "11:02:12,6491401","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  386. "11:02:12,6496745","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  387. "11:02:12,6499156","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  388. "11:02:12,6504741","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  389. "11:02:12,6507305","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  390. "11:02:12,6513367","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  391. "11:02:12,6520927","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  392. "11:02:12,6523478","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Eigene Dateien","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  393. "11:02:12,6525942","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Eigene Bilder\Desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  394. "11:02:12,6533415","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Eigene Bilder\Desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  395. "11:02:12,6536390","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Eigene Bilder\Desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  396. "11:02:12,6855207","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Eigene Bilder\Desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  397. "11:02:12,6870050","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Eigene Bilder\Desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  398. "11:02:12,6873170","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Eigene Bilder\Desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  399. "11:02:12,7132508","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  400. "11:02:12,7165255","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  401. "11:02:12,7167660","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  402. "11:02:12,7169956","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  403. "11:02:12,7174144","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  404. "11:02:12,7188987","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  405. "11:02:12,7199793","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  406. "11:02:12,7202078","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  407. "11:02:12,7210034","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\Eigene Bilder\Desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  408. "11:02:12,7213244","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\Eigene Bilder\Desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  409. "11:02:12,7223142","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\Eigene Bilder\Desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  410. "11:02:12,7277409","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  411. "11:02:12,7288379","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  412. "11:02:12,7290796","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  413. "11:02:12,7297724","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  414. "11:02:12,7301303","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  415. "11:02:12,7308689","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  416. "11:02:12,7310972","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  417. "11:02:12,7330466","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\Eigene Musik\Desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  418. "11:02:12,7341006","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\Eigene Musik\Desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  419. "11:02:12,7344034","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\Eigene Musik\Desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  420. "11:02:12,7354106","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  421. "11:02:12,7364436","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  422. "11:02:12,7365350","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  423. "11:02:12,7373466","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  424. "11:02:12,7376583","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  425. "11:02:12,7389040","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  426. "11:02:12,7391331","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  427. "11:02:12,7418929","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\Eigene Videos\Desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  428. "11:02:12,7422544","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\Eigene Videos\Desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  429. "11:02:12,7425467","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Dokumente\Eigene Videos\Desktop.ini","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  430. "11:02:12,7588898","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  431. "11:02:12,7637471","PowerISO6.exe","3696","CreateFile","C:\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  432. "11:02:12,7643969","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  433. "11:02:12,7666059","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  434. "11:02:12,7690735","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\PowerISO.chm","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  435. "11:02:12,7708561","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","IS DIRECTORY","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
  436. "11:02:12,7710148","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  437. "11:02:12,7719384","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  438. "11:02:12,7729745","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\PowerISO\PowerISO Help.lnk","SUCCESS","Desired Access: Generic Read/Write, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Created"
  439. "11:02:12,7730396","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\PowerISO","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  440. "11:02:12,7913844","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  441. "11:02:12,7929190","PowerISO6.exe","3696","CreateFile","C:\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  442. "11:02:12,7939767","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  443. "11:02:12,7945907","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  444. "11:02:12,7959188","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\PowerISO.exe","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  445. "11:02:12,7966563","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","IS DIRECTORY","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
  446. "11:02:12,7972416","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  447. "11:02:12,7977833","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  448. "11:02:12,7983588","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\PowerISO.exe","SUCCESS","Desired Access: Generic Read, Write Attributes, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  449. "11:02:12,8005068","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\PowerISO\PowerISO.lnk","SUCCESS","Desired Access: Generic Read/Write, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Created"
  450. "11:02:12,8005529","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\PowerISO","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  451. "11:02:12,8135509","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  452. "11:02:12,8177143","PowerISO6.exe","3696","CreateFile","C:\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  453. "11:02:12,8178769","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  454. "11:02:12,8194589","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  455. "11:02:12,8206661","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\PWRISOVM.EXE","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  456. "11:02:12,8209267","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","IS DIRECTORY","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
  457. "11:02:12,8209767","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  458. "11:02:12,8218319","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  459. "11:02:12,8221945","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\PWRISOVM.EXE","SUCCESS","Desired Access: Generic Read, Write Attributes, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  460. "11:02:12,8233147","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\PowerISO\PowerISO Virtual Drive Manager.lnk","SUCCESS","Desired Access: Generic Read/Write, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Created"
  461. "11:02:12,8233586","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\PowerISO","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  462. "11:02:12,8333199","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  463. "11:02:12,8351017","PowerISO6.exe","3696","CreateFile","C:\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  464. "11:02:12,8355308","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  465. "11:02:12,8373073","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  466. "11:02:12,8383535","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\PowerISO.exe","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  467. "11:02:12,8387569","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","IS DIRECTORY","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
  468. "11:02:12,8388089","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  469. "11:02:12,8389461","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  470. "11:02:12,8401490","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\PowerISO.exe","SUCCESS","Desired Access: Generic Read, Write Attributes, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  471. "11:02:12,8411888","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\PowerISO.lnk","SUCCESS","Desired Access: Generic Read/Write, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Created"
  472. "11:02:12,8412324","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  473. "11:02:12,8488688","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  474. "11:02:12,8493343","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  475. "11:02:12,8497846","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  476. "11:02:12,8502506","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  477. "11:02:12,9019560","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  478. "11:02:12,9025013","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  479. "11:02:12,9029520","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  480. "11:02:12,9048567","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  481. "11:02:12,9053143","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  482. "11:02:12,9058669","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  483. "11:02:12,9063219","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  484. "11:02:12,9069290","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  485. "11:02:12,9073550","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  486. "11:02:12,9077833","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  487. "11:02:12,9094366","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  488. "11:02:12,9147923","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  489. "11:02:12,9189442","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  490. "11:02:12,9193934","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  491. "11:02:12,9202184","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  492. "11:02:12,9213775","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  493. "11:02:12,9218077","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  494. "11:02:12,9224553","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  495. "11:02:12,9229419","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  496. "11:02:12,9233836","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  497. "11:02:12,9239848","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  498. "11:02:12,9244273","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  499. "11:02:12,9250799","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  500. "11:02:12,9255138","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  501. "11:02:12,9288983","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  502. "11:02:12,9298749","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  503. "11:02:12,9318755","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  504. "11:02:12,9348320","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  505. "11:02:13,8374017","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\InstOpt.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  506. "11:02:13,8377146","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\InstOpt.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  507. "11:02:13,8401566","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\InstOpt.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  508. "11:02:13,8408519","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\InstOpt.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  509. "11:02:13,8612953","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\MSIMTF.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  510. "11:02:19,9874012","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\ieframe.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  511. "11:02:20,0065883","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\ieframe.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  512. "11:02:20,0071873","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\ieframe.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  513. "11:02:20,0106179","PowerISO6.exe","3696","CreateFile","C:\Programme\Internet Explorer\iexplore.exe","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  514. "11:02:20,1019164","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\ieframe.dll.123.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  515. "11:02:20,1022776","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\ieframe.dll.123.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  516. "11:02:20,2085081","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  517. "11:02:20,2101916","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\de-de\ieframe.dll.mui","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  518. "11:02:20,2351822","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  519. "11:02:20,2352763","PowerISO6.exe","3696","CreateFile","C:\WINDOWS","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  520. "11:02:20,2354674","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  521. "11:02:20,2366555","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  522. "11:02:20,2368978","PowerISO6.exe","3696","CreateFile","C:\WINDOWS","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  523. "11:02:20,2370475","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  524. "11:02:20,2393182","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\regsvr32.exe","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  525. "11:02:20,2402515","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\regsvr32.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  526. "11:02:20,2406144","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\regsvr32.exe","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  527. "11:02:20,2409530","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\regsvr32.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  528. "11:02:20,2416377","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\regsvr32.exe","SUCCESS","Desired Access: Generic Read, Write Attributes, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  529. "11:02:20,2427287","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\regsvr32.exe","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  530. "11:02:20,2444194","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\AppPatch\sysmain.sdb","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  531. "11:02:20,2450343","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\AppPatch\systest.sdb","NAME NOT FOUND","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a"
  532. "11:02:20,2451832","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  533. "11:02:20,2454022","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  534. "11:02:20,2455511","PowerISO6.exe","3696","CreateFile","C:\WINDOWS","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  535. "11:02:20,2457397","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  536. "11:02:20,2468574","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\regsvr32.exe","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  537. "11:02:20,2472108","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\regsvr32.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  538. "11:02:20,2475726","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\regsvr32.exe","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  539. "11:02:20,2479989","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\regsvr32.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  540. "11:02:20,2484579","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  541. "11:02:20,2485456","PowerISO6.exe","3696","CreateFile","C:\WINDOWS","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  542. "11:02:20,2487278","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  543. "11:02:20,2508152","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  544. "11:02:20,2509333","PowerISO6.exe","3696","CreateFile","C:\WINDOWS","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  545. "11:02:20,2510747","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  546. "11:02:20,2523159","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\regsvr32.exe.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  547. "11:02:20,2736538","PowerISO6.exe","3696","Process Create","C:\WINDOWS\system32\regsvr32.exe","SUCCESS","PID: 3988, Command line: ""C:\WINDOWS\system32\regsvr32.exe"" /s /u ""C:\Programme\PowerISO\PWRISOSH.DLL"""
  548. "11:02:20,2736569","regsvr32.exe","3988","Process Start","","SUCCESS","Parent PID: 3696, Command line: ""C:\WINDOWS\system32\regsvr32.exe"" /s /u ""C:\Programme\PowerISO\PWRISOSH.DLL"", Current directory: C:\Programme\PowerISO, Environment:
  549. =::=::\
  550. ALLUSERSPROFILE=C:\Dokumente und Einstellungen\All Users.WINDOWS
  551. APPDATA=C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten
  552. CLIENTNAME=Console
  553. CommonProgramFiles=C:\Programme\Gemeinsame Dateien
  554. COMPUTERNAME=VM-40A11EDE3A0F
  555. ComSpec=C:\WINDOWS\system32\cmd.exe
  556. FP_NO_HOST_CHECK=NO
  557. HOMEDRIVE=C:
  558. HOMEPATH=\Dokumente und Einstellungen\Administrator
  559. LOGONSERVER=\\VM-40A11EDE3A0F
  560. NUMBER_OF_PROCESSORS=1
  561. OS=Windows_NT
  562. Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Python27;C:\Python33
  563. PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
  564. PROCESSOR_ARCHITECTURE=x86
  565. PROCESSOR_IDENTIFIER=x86 Family 6 Model 58 Stepping 9, GenuineIntel
  566. PROCESSOR_LEVEL=6
  567. PROCESSOR_REVISION=3a09
  568. ProgramFiles=C:\Programme
  569. Python2=C:\Python27\python.exe
  570. Python3=C:\Python33
  571. SESSIONNAME=Console
  572. SystemDrive=C:
  573. SystemRoot=C:\WINDOWS
  574. TEMP=C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp
  575. TMP=C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp
  576. USERDOMAIN=VM-40A11EDE3A0F
  577. USERNAME=Administrator
  578. USERPROFILE=C:\Dokumente und Einstellungen\Administrator
  579. windir=C:\WINDOWS"
  580. "11:02:20,2766154","regsvr32.exe","3988","CreateFile","C:\WINDOWS\Prefetch\REGSVR32.EXE-25EEFE2F.pf","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: None, AllocationSize: n/a, OpenResult: Opened"
  581. "11:02:20,2820677","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\shdocvw.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  582. "11:02:20,2836638","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\crypt32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  583. "11:02:20,2847209","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\msasn1.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  584. "11:02:20,2858179","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\cryptui.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  585. "11:02:20,2873553","regsvr32.exe","3988","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  586. "11:02:20,2878662","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\CRYPTUI.dll.2.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  587. "11:02:20,2879526","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\CRYPTUI.dll.2.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  588. "11:02:20,2975113","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\wintrust.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  589. "11:02:20,3032252","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  590. "11:02:20,3041652","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\shdocvw.dll","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  591. "11:02:20,3045516","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\SHDOCVW.dll.123.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  592. "11:02:20,3047952","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\SHDOCVW.dll.123.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  593. "11:02:20,3126085","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  594. "11:02:20,3176200","PowerISO6.exe","3696","CreateFile","C:\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  595. "11:02:20,3183103","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  596. "11:02:20,3212548","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\PWRISOVM.EXE","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  597. "11:02:20,3219133","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\PWRISOVM.EXE","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  598. "11:02:20,3228104","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\PWRISOVM.EXE","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  599. "11:02:20,3230875","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\PWRISOVM.EXE","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  600. "11:02:20,3235591","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\PWRISOVM.EXE","SUCCESS","Desired Access: Generic Read, Write Attributes, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  601. "11:02:20,3249386","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\PWRISOVM.EXE","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  602. "11:02:20,3255107","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\AppPatch\sysmain.sdb","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  603. "11:02:20,3258705","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\AppPatch\systest.sdb","NAME NOT FOUND","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a"
  604. "11:02:20,3265044","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  605. "11:02:20,3267508","PowerISO6.exe","3696","CreateFile","C:\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  606. "11:02:20,3268452","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  607. "11:02:20,3279258","PowerISO6.exe","3696","CreateFile","C:\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  608. "11:02:20,3280205","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  609. "11:02:20,3308049","PowerISO6.exe","3696","CreateFile","C:\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  610. "11:02:20,3309013","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  611. "11:02:20,3320663","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\PWRISOVM.EXE.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  612. "11:02:20,3622332","PowerISO6.exe","3696","CreateFile","C:\Programme\PowerISO\PWRISOVM.EXE.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  613. "11:02:20,3625894","PowerISO6.exe","3696","Process Create","C:\Programme\PowerISO\PWRISOVM.EXE","SUCCESS","PID: 3996, Command line: ""C:\Programme\PowerISO\PWRISOVM.EXE"" 999"
  614. "11:02:20,3625942","PWRISOVM.EXE","3996","Process Start","","SUCCESS","Parent PID: 3696, Command line: ""C:\Programme\PowerISO\PWRISOVM.EXE"" 999, Current directory: C:\Programme\PowerISO, Environment:
  615. =::=::\
  616. ALLUSERSPROFILE=C:\Dokumente und Einstellungen\All Users.WINDOWS
  617. APPDATA=C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten
  618. CLIENTNAME=Console
  619. CommonProgramFiles=C:\Programme\Gemeinsame Dateien
  620. COMPUTERNAME=VM-40A11EDE3A0F
  621. ComSpec=C:\WINDOWS\system32\cmd.exe
  622. FP_NO_HOST_CHECK=NO
  623. HOMEDRIVE=C:
  624. HOMEPATH=\Dokumente und Einstellungen\Administrator
  625. LOGONSERVER=\\VM-40A11EDE3A0F
  626. NUMBER_OF_PROCESSORS=1
  627. OS=Windows_NT
  628. Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Python27;C:\Python33
  629. PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
  630. PROCESSOR_ARCHITECTURE=x86
  631. PROCESSOR_IDENTIFIER=x86 Family 6 Model 58 Stepping 9, GenuineIntel
  632. PROCESSOR_LEVEL=6
  633. PROCESSOR_REVISION=3a09
  634. ProgramFiles=C:\Programme
  635. Python2=C:\Python27\python.exe
  636. Python3=C:\Python33
  637. SESSIONNAME=Console
  638. SystemDrive=C:
  639. SystemRoot=C:\WINDOWS
  640. TEMP=C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp
  641. TMP=C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp
  642. USERDOMAIN=VM-40A11EDE3A0F
  643. USERNAME=Administrator
  644. USERPROFILE=C:\Dokumente und Einstellungen\Administrator
  645. windir=C:\WINDOWS"
  646. "11:02:20,3807504","PWRISOVM.EXE","3996","CreateFile","C:\WINDOWS\Prefetch\PWRISOVM.EXE-0334CCA0.pf","NAME NOT FOUND","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: None, AllocationSize: n/a"
  647. "11:02:20,3816346","PWRISOVM.EXE","3996","CreateFile","C:\Programme\PowerISO","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  648. "11:02:20,3835242","regsvr32.exe","3988","CreateFile","C:\WINDOWS\system32\shimeng.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  649. "11:02:20,3963018","regsvr32.exe","3988","CreateFile","C:\WINDOWS\AppPatch\sysmain.sdb","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  650. "11:02:20,3966359","PWRISOVM.EXE","3996","CreateFile","C:\WINDOWS\system32\winspool.drv","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  651. "11:02:20,3991270","regsvr32.exe","3988","CreateFile","C:\WINDOWS\AppPatch\systest.sdb","NAME NOT FOUND","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a"
  652. "11:02:20,4012156","regsvr32.exe","3988","CreateFile","C:\WINDOWS\AppPatch\AcGenral.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  653. "11:02:20,4034281","regsvr32.exe","3988","CreateFile","C:\WINDOWS\AppPatch\AcGenral.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  654. "11:02:20,4080128","PowerISO6.exe","3696","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Generic Read, Write Attributes, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  655. "11:02:20,4114582","regsvr32.exe","3988","CreateFile","C:\WINDOWS\AppPatch\AcGenral.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  656. "11:02:20,4127838","PowerISO6.exe","3696","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  657. "11:02:20,4132213","PowerISO6.exe","3696","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  658. "11:02:20,4146595","regsvr32.exe","3988","CreateFile","C:\WINDOWS\AppPatch\AcGenral.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  659. "11:02:20,4157722","PowerISO6.exe","3696","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  660. "11:02:20,4161476","PowerISO6.exe","3696","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  661. "11:02:20,4174958","PWRISOVM.EXE","3996","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  662. "11:02:20,4188949","PowerISO6.exe","3696","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  663. "11:02:20,4248770","PWRISOVM.EXE","3996","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  664. "11:02:20,4280894","PowerISO6.exe","3696","CreateFile","C:\Programme","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  665. "11:02:20,4285417","PowerISO6.exe","3696","CreateFile","C:\Programme\Google","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  666. "11:02:20,4286895","PowerISO6.exe","3696","CreateFile","C:\Programme\Google\Chrome\Application","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  667. "11:02:20,4554104","PowerISO6.exe","3696","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  668. "11:02:20,4566424","PowerISO6.exe","3696","CreateFile","C:\Programme\Google\Chrome\Application\chrome.exe.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  669. "11:02:20,4803421","PowerISO6.exe","3696","Process Create","C:\Programme\Google\Chrome\Application\chrome.exe","SUCCESS","PID: 4032, Command line: ""C:\Programme\Google\Chrome\Application\chrome.exe"" -- ""http://www.poweriso.com/thank-you-for-installing.htm"""
  670. "11:02:20,4991886","PWRISOVM.EXE","3996","CreateFile","C:\WINDOWS\system32\imm32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  671. "11:02:20,5005086","regsvr32.exe","3988","CreateFile","C:\WINDOWS\system32\winmm.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  672. "11:02:20,5038392","PWRISOVM.EXE","3996","CreateFile","C:\WINDOWS\system32\imm32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  673. "11:02:20,5052324","regsvr32.exe","3988","CreateFile","C:\WINDOWS\system32\msacm32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  674. "11:02:20,5055182","PWRISOVM.EXE","3996","CreateFile","C:\WINDOWS\system32\imm32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  675. "11:02:20,5162997","PWRISOVM.EXE","3996","CreateFile","C:\WINDOWS\system32\shell32.dll","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  676. "11:02:20,5176298","PWRISOVM.EXE","3996","CreateFile","C:\WINDOWS\system32\SHELL32.dll.124.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  677. "11:02:20,5206810","regsvr32.exe","3988","CreateFile","C:\WINDOWS\system32\uxtheme.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  678. "11:02:20,5218278","PWRISOVM.EXE","3996","CreateFile","C:\WINDOWS\system32\SHELL32.dll.124.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  679. "11:02:20,5316914","PWRISOVM.EXE","3996","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  680. "11:02:20,5323004","PWRISOVM.EXE","3996","CreateFile","C:\WINDOWS\WindowsShell.Manifest","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  681. "11:02:20,5344565","PWRISOVM.EXE","3996","CreateFile","C:\WINDOWS\WindowsShell.Manifest","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  682. "11:02:20,5355907","PWRISOVM.EXE","3996","CreateFile","C:\WINDOWS\WindowsShell.Manifest","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  683. "11:02:20,5371124","PWRISOVM.EXE","3996","CreateFile","C:\WINDOWS\WindowsShell.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  684. "11:02:20,5488033","PWRISOVM.EXE","3996","CreateFile","C:\WINDOWS\system32\urlmon.dll.123.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  685. "11:02:20,5488815","PWRISOVM.EXE","3996","CreateFile","C:\WINDOWS\system32\urlmon.dll.123.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  686. "11:02:20,5570359","PWRISOVM.EXE","3996","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  687. "11:02:20,5929399","regsvr32.exe","3988","CreateFile","C:\WINDOWS\system32\imm32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  688. "11:02:20,5932838","regsvr32.exe","3988","CreateFile","C:\WINDOWS\system32\imm32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  689. "11:02:20,5960037","regsvr32.exe","3988","CreateFile","C:\WINDOWS\system32\imm32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  690. "11:02:20,6088439","PWRISOVM.EXE","3996","CreateFile","C:\WINDOWS\system32\WININET.dll.123.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  691. "11:02:20,6089272","PWRISOVM.EXE","3996","CreateFile","C:\WINDOWS\system32\WININET.dll.123.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  692. "11:02:20,6280762","PWRISOVM.EXE","3996","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  693. "11:02:20,6285305","regsvr32.exe","3988","CreateFile","C:\WINDOWS\system32\shell32.dll","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  694. "11:02:20,6287146","regsvr32.exe","3988","CreateFile","C:\WINDOWS\system32\SHELL32.dll.124.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  695. "11:02:20,6301536","regsvr32.exe","3988","CreateFile","C:\WINDOWS\system32\SHELL32.dll.124.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  696. "11:02:20,6386354","regsvr32.exe","3988","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  697. "11:02:20,6387248","regsvr32.exe","3988","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  698. "11:02:20,6504458","regsvr32.exe","3988","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  699. "11:02:20,6535742","PWRISOVM.EXE","3996","CreateFile","C:\WINDOWS\system32\uxtheme.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  700. "11:02:20,6545746","regsvr32.exe","3988","CreateFile","C:\WINDOWS\WindowsShell.Manifest","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  701. "11:02:20,6607446","regsvr32.exe","3988","CreateFile","C:\WINDOWS\WindowsShell.Manifest","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  702. "11:02:20,6615475","PWRISOVM.EXE","3996","CreateFile","C:\WINDOWS\system32\uxtheme.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  703. "11:02:20,6617875","regsvr32.exe","3988","CreateFile","C:\WINDOWS\WindowsShell.Manifest","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  704. "11:02:20,6631061","regsvr32.exe","3988","CreateFile","C:\WINDOWS\WindowsShell.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  705. "11:02:21,0230845","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  706. "11:02:21,0232237","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  707. "11:02:21,0233779","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  708. "11:02:21,0288582","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  709. "11:02:21,0292239","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  710. "11:02:21,0335370","regsvr32.exe","3988","CreateFile","C:\WINDOWS\system32\comctl32.dll","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  711. "11:02:21,0383798","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\sp-downloader.exe","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  712. "11:02:21,0418721","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\sp-downloader.exe","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0, OpenResult: Overwritten"
  713. "11:02:21,0419705","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  714. "11:02:21,0467694","regsvr32.exe","3988","CreateFile","C:\WINDOWS\system32\comctl32.dll.124.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  715. "11:02:21,0490527","regsvr32.exe","3988","CreateFile","C:\WINDOWS\system32\comctl32.dll.124.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  716. "11:02:21,0522000","PWRISOVM.EXE","3996","CreateFile","C:\WINDOWS\system32\MSCTF.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  717. "11:02:21,0571456","regsvr32.exe","3988","CreateFile","C:\WINDOWS\system32\rpcss.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  718. "11:02:21,0615475","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsc20.tmp","SUCCESS","Desired Access: Generic Read, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: None, AllocationSize: 0, OpenResult: Created"
  719. "11:02:21,0620951","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  720. "11:02:21,0623809","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  721. "11:02:21,0627047","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsc20.tmp","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  722. "11:02:21,0630687","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsc20.tmp","SUCCESS","Desired Access: Read Attributes, Delete, Disposition: Open, Options: Non-Directory File, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  723. "11:02:21,0639858","PWRISOVM.EXE","3996","CreateFile","C:\WINDOWS\system32\MSCTF.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  724. "11:02:21,0669122","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\InstOpt.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  725. "11:02:21,0672592","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\InstOpt.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  726. "11:02:21,0692927","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\InstOpt.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  727. "11:02:21,0699777","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\InstOpt.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  728. "11:02:21,1062339","regsvr32.exe","3988","CreateFile","C:\WINDOWS\system32\MSCTF.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  729. "11:02:21,1075062","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  730. "11:02:21,1076003","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  731. "11:02:21,1087491","regsvr32.exe","3988","CreateFile","C:\WINDOWS\system32\MSCTF.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  732. "11:02:21,1090905","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  733. "11:02:21,1092813","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  734. "11:02:21,1117140","PWRISOVM.EXE","3996","CreateFile","C:\WINDOWS\system32\MSCTFIME.IME","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  735. "11:02:21,1131859","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\sp-downloader.exe","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  736. "11:02:21,1136301","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\sp-downloader.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  737. "11:02:21,1140578","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\sp-downloader.exe","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  738. "11:02:21,1178368","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\sp-downloader.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  739. "11:02:21,1184313","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\sp-downloader.exe","SUCCESS","Desired Access: Generic Read, Write Attributes, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  740. "11:02:21,1202639","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\sp-downloader.exe","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  741. "11:02:21,1207187","regsvr32.exe","3988","CreateFile","C:\Programme\PowerISO\PWRISOSH.DLL","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  742. "11:02:21,1211641","PWRISOVM.EXE","3996","CreateFile","C:\WINDOWS\system32\MSCTFIME.IME","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  743. "11:02:21,1420784","PWRISOVM.EXE","3996","CreateFile","C:\WINDOWS\system32\MSCTFIME.IME","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  744. "11:02:21,1489500","PWRISOVM.EXE","3996","CreateFile","C:\WINDOWS\system32\MSCTFIME.IME","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  745. "11:02:21,1782383","regsvr32.exe","3988","CreateFile","C:\Programme\PowerISO\PWRISOSH.DLL","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  746. "11:02:21,1799126","PWRISOVM.EXE","3996","CreateFile","C:\WINDOWS\system32\MSCTFIME.IME","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  747. "11:02:21,1811742","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\AppPatch\sysmain.sdb","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  748. "11:02:21,1817170","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\AppPatch\systest.sdb","NAME NOT FOUND","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a"
  749. "11:02:21,1819056","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  750. "11:02:21,1822101","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  751. "11:02:21,1823087","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  752. "11:02:21,1832367","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  753. "11:02:21,1834270","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  754. "11:02:21,1838136","PWRISOVM.EXE","3996","CreateFile","C:\WINDOWS\system32\MSCTFIME.IME","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  755. "11:02:21,1859793","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  756. "11:02:21,1876898","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  757. "11:02:21,1878491","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  758. "11:02:21,1880114","regsvr32.exe","3988","CreateFile","C:\WINDOWS\system32\winspool.drv","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  759. "11:02:21,1890336","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  760. "11:02:21,1897485","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\sp-downloader.exe.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  761. "11:02:21,1914085","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\sp-downloader.exe.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  762. "11:02:21,1916102","PowerISO6.exe","3696","Process Create","C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\sp-downloader.exe","SUCCESS","PID: 4052, Command line: ""C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\sp-downloader.exe"" -carrier_type=ctid -carrier_id=ct3321459 -platform=all -startpage=true -defaultsearch=true -install_time_revert=true -local=de "
  763. "11:02:21,1916130","sp-downloader.exe","4052","Process Start","","SUCCESS","Parent PID: 3696, Command line: ""C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp\sp-downloader.exe"" -carrier_type=ctid -carrier_id=ct3321459 -platform=all -startpage=true -defaultsearch=true -install_time_revert=true -local=de , Current directory: C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp, Environment:
  764. =::=::\
  765. ALLUSERSPROFILE=C:\Dokumente und Einstellungen\All Users.WINDOWS
  766. APPDATA=C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten
  767. CLIENTNAME=Console
  768. CommonProgramFiles=C:\Programme\Gemeinsame Dateien
  769. COMPUTERNAME=VM-40A11EDE3A0F
  770. ComSpec=C:\WINDOWS\system32\cmd.exe
  771. FP_NO_HOST_CHECK=NO
  772. HOMEDRIVE=C:
  773. HOMEPATH=\Dokumente und Einstellungen\Administrator
  774. LOGONSERVER=\\VM-40A11EDE3A0F
  775. NUMBER_OF_PROCESSORS=1
  776. OS=Windows_NT
  777. Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Python27;C:\Python33
  778. PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
  779. PROCESSOR_ARCHITECTURE=x86
  780. PROCESSOR_IDENTIFIER=x86 Family 6 Model 58 Stepping 9, GenuineIntel
  781. PROCESSOR_LEVEL=6
  782. PROCESSOR_REVISION=3a09
  783. ProgramFiles=C:\Programme
  784. Python2=C:\Python27\python.exe
  785. Python3=C:\Python33
  786. SESSIONNAME=Console
  787. SystemDrive=C:
  788. SystemRoot=C:\WINDOWS
  789. TEMP=C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp
  790. TMP=C:\DOKUME~1\ADMINI~1\LOKALE~1\Temp
  791. USERDOMAIN=VM-40A11EDE3A0F
  792. USERNAME=Administrator
  793. USERPROFILE=C:\Dokumente und Einstellungen\Administrator
  794. windir=C:\WINDOWS"
  795. "11:02:21,1940742","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\Prefetch\SP-DOWNLOADER.EXE-293A46B0.pf","NAME NOT FOUND","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: None, AllocationSize: n/a"
  796. "11:02:21,1953092","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  797. "11:02:21,2197422","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\imm32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  798. "11:02:21,2238807","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\imm32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  799. "11:02:21,2251868","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\imm32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  800. "11:02:21,2315029","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\shell32.dll","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  801. "11:02:21,2330984","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\SHELL32.dll.124.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  802. "11:02:21,2356635","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\SHELL32.dll.124.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  803. "11:02:21,2436704","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  804. "11:02:21,2437584","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  805. "11:02:21,2452994","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  806. "11:02:21,2485747","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\WindowsShell.Manifest","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  807. "11:02:21,2500522","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\WindowsShell.Manifest","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  808. "11:02:21,2511158","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\WindowsShell.Manifest","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  809. "11:02:21,2513541","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\WindowsShell.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  810. "11:02:21,2597247","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\sp-downloader.exe","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  811. "11:02:21,2609871","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\sp-downloader.exe.124.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  812. "11:02:21,2626748","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\comctl32.dll","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  813. "11:02:21,2628958","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\COMCTL32.dll.124.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  814. "11:02:21,2635229","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\COMCTL32.dll.124.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  815. "11:02:21,2678299","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\rpcss.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  816. "11:02:21,2697740","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\uxtheme.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  817. "11:02:21,2709350","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\uxtheme.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  818. "11:02:21,3055305","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\MSCTF.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  819. "11:02:21,3103392","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\MSCTF.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  820. "11:02:21,3149923","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\shfolder.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  821. "11:02:21,3214870","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\setupapi.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  822. "11:02:21,3334670","sp-downloader.exe","4052","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  823. "11:02:21,3365353","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  824. "11:02:21,3370781","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  825. "11:02:21,3374103","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  826. "11:02:21,3507483","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  827. "11:02:21,3511148","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsh21.tmp","SUCCESS","Desired Access: Generic Read, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: None, AllocationSize: 0, OpenResult: Created"
  828. "11:02:21,3540531","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsh21.tmp","SUCCESS","Desired Access: Read Attributes, Delete, Disposition: Open, Options: Non-Directory File, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  829. "11:02:21,3553637","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\sp-downloader.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  830. "11:02:21,4196168","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz22.tmp","SUCCESS","Desired Access: Generic Read, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: None, AllocationSize: 0, OpenResult: Created"
  831. "11:02:21,4201873","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz22.tmp","SUCCESS","Desired Access: Generic Read/Write, Delete, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Delete On Close, Attributes: T, ShareMode: None, AllocationSize: 0, OpenResult: Overwritten"
  832. "11:02:21,4202873","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  833. "11:02:21,4264006","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp","SUCCESS","Desired Access: Generic Read, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: None, AllocationSize: 0, OpenResult: Created"
  834. "11:02:21,4276114","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  835. "11:02:21,4283428","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp","SUCCESS","Desired Access: Read Attributes, Delete, Disposition: Open, Options: Non-Directory File, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  836. "11:02:21,4289819","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  837. "11:02:21,4295544","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  838. "11:02:21,4297061","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  839. "11:02:21,4303271","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  840. "11:02:21,4305570","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Created"
  841. "11:02:21,4324860","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  842. "11:02:21,4351291","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  843. "11:02:21,4362435","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  844. "11:02:21,4373992","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  845. "11:02:21,4900847","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  846. "11:02:21,4914999","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  847. "11:02:21,4924009","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  848. "11:02:21,4936854","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  849. "11:02:21,4947202","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  850. "11:02:21,4952705","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  851. "11:02:21,4958276","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  852. "11:02:21,4965193","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  853. "11:02:21,5033009","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  854. "11:02:21,5045943","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  855. "11:02:21,5065116","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  856. "11:02:21,5085284","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  857. "11:02:21,5107904","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  858. "11:02:21,5124764","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  859. "11:02:21,5136718","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  860. "11:02:21,5148253","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  861. "11:02:21,5149448","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  862. "11:02:21,5152801","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  863. "11:02:21,5154622","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  864. "11:02:21,5158757","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp","NAME COLLISION","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Attributes: N, ShareMode: Read, Write, AllocationSize: 0"
  865. "11:02:21,5161101","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  866. "11:02:21,5167892","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  867. "11:02:21,5174641","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  868. "11:02:21,5483041","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  869. "11:02:21,6585340","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  870. "11:02:21,6624887","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\MiniStubUtils.dll","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  871. "11:02:21,7522973","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\MiniStubUtils.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  872. "11:02:21,7530117","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\MiniStubUtils.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  873. "11:02:21,7542141","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\MiniStubUtils.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  874. "11:02:21,7924619","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\MiniStubUtils.dll.2.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  875. "11:02:21,7927799","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\MiniStubUtils.dll.2.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  876. "11:02:21,7951933","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\MiniStubUtils.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  877. "11:02:21,7956459","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\winlogon.exe","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  878. "11:02:21,7983462","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\xpsp2res.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  879. "11:02:21,7999347","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\clbcatq.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  880. "11:02:21,8022693","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\comres.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  881. "11:02:21,8041863","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\Registration\R000000000007.clb","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  882. "11:02:21,8145276","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\wbem\wbemprox.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  883. "11:02:21,8190843","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\wbem\wbemprox.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  884. "11:02:21,8261713","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\wbem\wbemcomn.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  885. "11:02:21,8280410","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\ws2_32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  886. "11:02:21,8304369","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\ws2help.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  887. "11:02:21,8557775","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\wbem\wbemsvc.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  888. "11:02:21,8566941","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\wbem\wbemsvc.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  889. "11:02:21,8745120","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\wbem\fastprox.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  890. "11:02:21,8765877","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\wbem\fastprox.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  891. "11:02:21,8779954","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\msvcp60.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  892. "11:02:21,8794752","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\ntdsapi.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  893. "11:02:21,8819208","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\dnsapi.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  894. "11:02:21,8846055","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\netapi32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  895. "11:02:24,0565869","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\rsaenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  896. "11:02:24,0575965","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\rsaenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  897. "11:02:24,1009836","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\rsaenh.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  898. "11:02:24,1053154","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\crypt32.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  899. "11:02:24,1088265","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\rsaenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  900. "11:02:24,1095363","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\rsaenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  901. "11:02:24,1431604","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  902. "11:02:24,1438301","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  903. "11:02:24,1444016","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  904. "11:02:24,1448961","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  905. "11:02:24,1456973","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  906. "11:02:24,1463480","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  907. "11:02:24,1468863","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  908. "11:02:24,1475775","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  909. "11:02:24,2109500","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\inetc.dll","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  910. "11:02:24,2128846","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\inetc.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  911. "11:02:24,2139881","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\inetc.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  912. "11:02:24,2147380","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\inetc.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  913. "11:02:24,2378739","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\urlmon.dll.123.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  914. "11:02:24,2379602","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\urlmon.dll.123.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  915. "11:02:24,2492306","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  916. "11:02:24,2522690","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\PowerISO_Setup.txt","NAME NOT FOUND","Desired Access: Read Attributes, Delete, Disposition: Open, Options: Non-Directory File, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
  917. "11:02:24,2536127","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  918. "11:02:24,2544545","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  919. "11:02:24,2548757","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  920. "11:02:24,2552892","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  921. "11:02:24,2557063","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  922. "11:02:24,2561672","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  923. "11:02:24,2565793","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  924. "11:02:24,2569953","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  925. "11:02:24,2574372","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  926. "11:02:24,2588064","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  927. "11:02:24,2592322","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  928. "11:02:24,2596601","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  929. "11:02:24,2600756","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  930. "11:02:24,2604918","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  931. "11:02:24,3092030","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  932. "11:02:24,3103755","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  933. "11:02:24,3110415","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  934. "11:02:24,3285583","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  935. "11:02:24,3648601","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\WININET.dll.123.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  936. "11:02:24,3649369","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\WININET.dll.123.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  937. "11:02:24,4073546","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  938. "11:02:24,4118169","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  939. "11:02:24,4123837","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  940. "11:02:24,4128587","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  941. "11:02:24,4306880","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  942. "11:02:24,4311875","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  943. "11:02:24,4316750","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  944. "11:02:24,4321511","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  945. "11:02:24,4339546","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  946. "11:02:24,4344382","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  947. "11:02:24,4348995","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  948. "11:02:24,4353244","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  949. "11:02:24,4357510","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  950. "11:02:24,4373635","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  951. "11:02:24,4377912","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  952. "11:02:24,4382264","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  953. "11:02:24,4395218","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\MSCTFIME.IME","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  954. "11:02:24,4398939","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  955. "11:02:24,4432860","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\MSCTFIME.IME","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  956. "11:02:24,4451851","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\MSCTFIME.IME","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  957. "11:02:24,4464227","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\MSCTFIME.IME","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  958. "11:02:24,4629550","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\MSCTFIME.IME","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  959. "11:02:24,4673069","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\MSCTFIME.IME","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  960. "11:02:24,5212568","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\MSIMTF.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  961. "11:02:24,5565574","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  962. "11:02:24,5602087","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\Content.IE5","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  963. "11:02:24,5629146","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Verlauf","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  964. "11:02:24,5642153","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Verlauf\History.IE5","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  965. "11:02:24,5651255","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\Content.IE5","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  966. "11:02:24,5652901","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\Content.IE5\index.dat","SUCCESS","Desired Access: Generic Read/Write, Disposition: OpenIf, Options: Synchronous IO Non-Alert, Non-Directory File, Random Access, Attributes: HSNCI, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Opened"
  967. "11:02:24,5658337","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Cookies","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  968. "11:02:24,5661991","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Cookies\index.dat","SUCCESS","Desired Access: Generic Read/Write, Disposition: OpenIf, Options: Synchronous IO Non-Alert, Non-Directory File, Random Access, Attributes: HSNCI, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Opened"
  969. "11:02:24,5671987","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Verlauf\History.IE5","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  970. "11:02:24,5674054","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Verlauf\History.IE5\index.dat","SUCCESS","Desired Access: Generic Read/Write, Disposition: OpenIf, Options: Synchronous IO Non-Alert, Non-Directory File, Random Access, Attributes: HSNCI, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Opened"
  971. "11:02:24,5688126","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\Content.IE5","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  972. "11:02:24,5691065","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Verlauf\History.IE5","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  973. "11:02:24,6287825","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\inet.txt1_M888A4D8A-D73E-432C-AFF8-1DDB6C2A283D","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Created"
  974. "11:02:24,6288780","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  975. "11:02:24,6330607","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\rasapi32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  976. "11:02:24,6461531","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\rasman.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  977. "11:02:24,6477030","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\tapi32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  978. "11:02:24,6489918","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\rtutils.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  979. "11:02:24,6499061","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\winmm.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  980. "11:02:24,6551953","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\tapi32.dll","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  981. "11:02:24,6556161","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\TAPI32.dll.124.Manifest","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  982. "11:02:24,6558968","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\TAPI32.dll.124.Config","NAME NOT FOUND","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a"
  983. "11:02:24,6699832","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  984. "11:02:24,7074070","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\msapsspc.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  985. "11:02:24,7116223","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\msvcrt40.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  986. "11:02:24,7173401","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\schannel.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  987. "11:02:24,8249557","sp-downloader.exe","4052","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  988. "11:02:24,8257843","sp-downloader.exe","4052","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  989. "11:02:24,8271672","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\crypt32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  990. "11:02:24,8280667","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\msasn1.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  991. "11:02:24,8301757","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\digest.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  992. "11:02:24,8326087","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  993. "11:02:24,8326922","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  994. "11:02:24,8329168","sp-downloader.exe","4052","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  995. "11:02:24,8345382","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\msnsspc.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  996. "11:02:24,8360150","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  997. "11:02:24,8360926","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  998. "11:02:24,8373090","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\msvcrt40.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  999. "11:02:24,8407181","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\msv1_0.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1000. "11:02:24,8413366","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\msv1_0.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1001. "11:02:24,8425622","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\cryptdll.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1002. "11:02:24,8438984","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\iphlpapi.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1003. "11:02:24,8483537","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Microsoft\Network\Connections\Pbk","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1004. "11:02:24,8485571","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\ras","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1005. "11:02:24,8532037","sp-downloader.exe","4052","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  1006. "11:02:24,8534806","sp-downloader.exe","4052","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1007. "11:02:24,8564192","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1008. "11:02:24,8565016","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1009. "11:02:24,8566458","sp-downloader.exe","4052","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1010. "11:02:24,8598090","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1011. "11:02:24,8598862","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1012. "11:02:24,9097609","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\Network\Connections\Pbk\","PATH NOT FOUND","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a"
  1013. "11:02:24,9159324","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\sensapi.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1014. "11:02:24,9236490","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\mswsock.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1015. "11:02:24,9242354","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\mswsock.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1016. "11:02:24,9475800","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\rasadhlp.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1017. "11:02:25,2277385","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1018. "11:02:25,2510320","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1019. "11:02:25,2544433","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1020. "11:02:25,2581192","PowerISO6.exe","3696","CreateFile","C:\WINDOWS\system32\MSIMTF.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1021. "11:02:25,2693231","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1022. "11:02:25,2758116","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\hnetcfg.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1023. "11:02:25,2824010","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1024. "11:02:25,2828488","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1025. "11:02:25,2841149","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\wshtcpip.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1026. "11:02:25,2847438","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\wshtcpip.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1027. "11:02:25,2870983","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1028. "11:02:25,2875419","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1029. "11:02:25,2907929","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1030. "11:02:25,2933644","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1031. "11:02:25,3361961","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1032. "11:02:25,3394711","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1033. "11:02:25,3399234","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1034. "11:02:25,3871448","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1035. "11:02:25,7738272","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1036. "11:02:25,7940867","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1037. "11:02:25,8021766","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1038. "11:02:25,8643535","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1039. "11:02:25,8677427","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\inet.txt1_M888A4D8A-D73E-432C-AFF8-1DDB6C2A283D","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1040. "11:02:25,9330860","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1041. "11:02:25,9335581","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1042. "11:02:25,9337455","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\inet.txt1_M888A4D8A-D73E-432C-AFF8-1DDB6C2A283D","SUCCESS","Desired Access: Read Attributes, Delete, Disposition: Open, Options: Non-Directory File, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1043. "11:02:25,9378737","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1044. "11:02:25,9408657","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1045. "11:02:25,9413540","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1046. "11:02:25,9417887","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1047. "11:02:25,9977006","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1048. "11:02:25,9978269","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1049. "11:02:25,9985619","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1050. "11:02:26,0311521","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1051. "11:02:26,0430611","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1052. "11:02:26,0437235","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1053. "11:02:26,0446923","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1054. "11:02:26,0791372","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1055. "11:02:26,0815347","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1056. "11:02:26,0953138","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1057. "11:02:26,1022887","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1058. "11:02:26,1027732","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1059. "11:02:26,1390160","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsp29.tmp","SUCCESS","Desired Access: Generic Read, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: None, AllocationSize: 0, OpenResult: Created"
  1060. "11:02:26,1414786","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1061. "11:02:26,1421332","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1062. "11:02:26,1433339","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1063. "11:02:26,1437851","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1064. "11:02:26,1439301","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1065. "11:02:26,1448609","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1066. "11:02:26,1450414","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1067. "11:02:26,1463089","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1068. "11:02:26,1467329","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsp29.tmp","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1069. "11:02:26,1479714","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1070. "11:02:26,1483885","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1071. "11:02:26,1485994","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsp29.tmp","SUCCESS","Desired Access: Read Attributes, Delete, Disposition: Open, Options: Non-Directory File, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1072. "11:02:26,1498012","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1073. "11:02:26,1637611","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1074. "11:02:26,1642382","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1075. "11:02:26,1655465","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1076. "11:02:26,1660008","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1077. "11:02:26,1666969","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1078. "11:02:26,1859748","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1079. "11:02:26,1883868","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1080. "11:02:26,1886654","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1081. "11:02:26,1891987","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1082. "11:02:26,1915534","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1083. "11:02:26,1924371","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1084. "11:02:26,1936294","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1085. "11:02:26,1940496","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1086. "11:02:26,1943613","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1087. "11:02:26,1963689","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1088. "11:02:26,1968100","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1089. "11:02:26,1972503","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1090. "11:02:26,1973592","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1091. "11:02:26,1978883","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1092. "11:02:26,1990234","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1093. "11:02:26,1997514","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1094. "11:02:26,2446937","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1095. "11:02:26,2450362","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1096. "11:02:26,2455486","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1097. "11:02:26,2464766","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1098. "11:02:26,2472502","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1099. "11:02:26,2481232","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1100. "11:02:26,2485381","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1101. "11:02:26,2486811","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1102. "11:02:26,2491845","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1103. "11:02:26,2500472","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1104. "11:02:26,2509671","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1105. "11:02:26,2521335","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1106. "11:02:26,2525542","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1107. "11:02:26,2526978","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1108. "11:02:26,2532225","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1109. "11:02:26,2544011","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1110. "11:02:26,2551828","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1111. "11:02:26,2559527","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1112. "11:02:26,2563709","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1113. "11:02:26,2568972","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1114. "11:02:26,2587243","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1115. "11:02:26,2592880","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1116. "11:02:26,2841549","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsu2A.tmp","SUCCESS","Desired Access: Generic Read, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: None, AllocationSize: 0, OpenResult: Created"
  1117. "11:02:26,2844225","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1118. "11:02:26,3065952","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\inetc.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1119. "11:02:26,3067689","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1120. "11:02:26,3541755","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\inetc.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1121. "11:02:26,3703798","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1122. "11:02:26,3846850","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1123. "11:02:26,3898326","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\inetc.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1124. "11:02:26,4105014","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1125. "11:02:26,4110026","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\inetc.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1126. "11:02:26,4126964","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1127. "11:02:26,4509076","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1128. "11:02:26,4513395","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1129. "11:02:26,4638517","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\MSIMTF.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1130. "11:02:26,4716628","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1131. "11:02:26,4721075","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1132. "11:02:26,4735449","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1133. "11:02:26,4741299","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsu2A.tmp","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: 0, OpenResult: Overwritten"
  1134. "11:02:26,4742240","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1135. "11:02:26,4754546","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1136. "11:02:26,4758781","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1137. "11:02:26,4857917","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1138. "11:02:26,4868910","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1139. "11:02:26,4873134","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1140. "11:02:26,4885395","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1141. "11:02:26,4889041","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\crypt32.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1142. "11:02:26,4907038","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\msasn1.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1143. "11:02:26,5025502","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1144. "11:02:26,5129795","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1145. "11:02:26,5176695","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1146. "11:02:26,5454814","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1147. "11:02:26,5487215","PowerISO6.exe","3696","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1148. "11:02:26,5519713","sp-downloader.exe","4052","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  1149. "11:02:26,5682731","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1150. "11:02:26,5695529","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\InstOpt.dll","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1151. "11:02:26,5698588","sp-downloader.exe","4052","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1152. "11:02:26,5706368","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1153. "11:02:26,5711796","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\InstOpt.dll","SUCCESS","Desired Access: Read Attributes, Delete, Disposition: Open, Options: Non-Directory File, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1154. "11:02:26,5715020","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1155. "11:02:26,5725941","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\nsDialogs.dll","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1156. "11:02:26,5727390","sp-downloader.exe","4052","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1157. "11:02:26,5738453","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1158. "11:02:26,5892316","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\nsDialogs.dll","SUCCESS","Desired Access: Read Attributes, Delete, Disposition: Open, Options: Non-Directory File, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1159. "11:02:26,5912478","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1160. "11:02:26,5934878","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\OCSetupHlp.dll","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1161. "11:02:26,5943789","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\OCSetupHlp.dll","SUCCESS","Desired Access: Read Attributes, Delete, Disposition: Open, Options: Non-Directory File, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1162. "11:02:26,5952506","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\Certificates","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1163. "11:02:26,5964862","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CRLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1164. "11:02:26,5966357","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\OCSetupHlp.dll","SUCCESS","Desired Access: Read Attributes, Delete, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1165. "11:02:26,6146921","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CTLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1166. "11:02:26,6148276","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1167. "11:02:26,6157898","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp\System.dll","SUCCESS","Desired Access: Read Attributes, Delete, Disposition: Open, Options: Non-Directory File, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1168. "11:02:26,6186924","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\wintrust.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1169. "11:02:26,6605351","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1170. "11:02:26,6737524","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\schannel.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1171. "11:02:26,6742134","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1172. "11:02:26,6868228","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp","SUCCESS","Desired Access: Read Attributes, Delete, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1173. "11:02:26,7043231","PowerISO6.exe","3696","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nss6.tmp","SUCCESS","Desired Access: Read Attributes, Delete, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1174. "11:02:26,7840760","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1175. "11:02:26,7848207","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\Certificates","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1176. "11:02:26,7854069","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CRLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1177. "11:02:26,7877133","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CTLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1178. "11:02:26,8570461","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\dssenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  1179. "11:02:26,8584913","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\dssenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  1180. "11:02:26,8871969","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\dssenh.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1181. "11:02:26,9098470","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\dssenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1182. "11:02:26,9176192","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\dssenh.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1183. "11:02:27,1716325","sp-downloader.exe","4052","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  1184. "11:02:27,1770807","sp-downloader.exe","4052","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1185. "11:02:27,1774883","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1186. "11:02:27,1780515","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1187. "11:02:27,1790013","sp-downloader.exe","4052","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1188. "11:02:27,1795416","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1189. "11:02:27,1800246","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1190. "11:02:27,1813440","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\Certificates","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1191. "11:02:27,1919518","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CRLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1192. "11:02:27,1931531","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CTLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1193. "11:02:27,2816557","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  1194. "11:02:27,2817699","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\Certificates","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1195. "11:02:27,2821895","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CRLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1196. "11:02:27,2828734","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\SystemCertificates\My\CTLs","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1197. "11:02:27,3130734","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\cryptnet.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1198. "11:02:27,3245472","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\psapi.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1199. "11:02:27,3257236","sp-downloader.exe","4052","CreateFile","C:\WINDOWS\system32\winhttp.dll","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  1200. "11:02:27,3915107","sp-downloader.exe","4052","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  1201. "11:02:27,3925494","sp-downloader.exe","4052","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1202. "11:02:27,3928564","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1203. "11:02:27,3931855","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1204. "11:02:27,3935987","sp-downloader.exe","4052","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1205. "11:02:27,3939040","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1206. "11:02:27,3961864","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1207. "11:02:27,4153517","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\CryptnetUrlCache\MetaData\FB788E090BC1F3AA2FBC9E8FB2859601","NAME NOT FOUND","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a"
  1208. "11:02:27,7737411","sp-downloader.exe","4052","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  1209. "11:02:27,7756707","sp-downloader.exe","4052","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1210. "11:02:27,7769211","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1211. "11:02:27,7775145","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1212. "11:02:27,7848657","sp-downloader.exe","4052","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1213. "11:02:27,7867623","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1214. "11:02:27,7979227","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1215. "11:02:27,8024808","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\CryptnetUrlCache\MetaData\FB788E090BC1F3AA2FBC9E8FB2859601","SUCCESS","Desired Access: Generic Read/Write, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: S, ShareMode: None, AllocationSize: 0, OpenResult: Created"
  1216. "11:02:27,8025297","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\CryptnetUrlCache\MetaData","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1217. "11:02:27,8075183","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\CryptnetUrlCache\Content\FB788E090BC1F3AA2FBC9E8FB2859601","SUCCESS","Desired Access: Generic Read/Write, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: S, ShareMode: None, AllocationSize: 0, OpenResult: Created"
  1218. "11:02:27,8091951","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\CryptnetUrlCache\Content","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1219. "11:02:27,8260679","sp-downloader.exe","4052","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  1220. "11:02:27,8270549","sp-downloader.exe","4052","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1221. "11:02:27,8373076","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1222. "11:02:27,8804999","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1223. "11:02:27,8826877","sp-downloader.exe","4052","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1224. "11:02:27,8973797","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1225. "11:02:27,9107907","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1226. "11:02:27,9218474","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\CryptnetUrlCache\MetaData\1DAF2884EC4DFA96BA4A58D4DBC9C406","NAME NOT FOUND","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a"
  1227. "11:02:28,3388420","sp-downloader.exe","4052","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  1228. "11:02:28,3791488","sp-downloader.exe","4052","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1229. "11:02:28,4044788","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1230. "11:02:28,4084841","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1231. "11:02:28,4323374","sp-downloader.exe","4052","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1232. "11:02:28,4688663","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1233. "11:02:28,4820669","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1234. "11:02:28,4952471","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\CryptnetUrlCache\MetaData\1DAF2884EC4DFA96BA4A58D4DBC9C406","SUCCESS","Desired Access: Generic Read/Write, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: S, ShareMode: None, AllocationSize: 0, OpenResult: Created"
  1235. "11:02:28,4952870","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\CryptnetUrlCache\MetaData","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1236. "11:02:28,5091731","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\CryptnetUrlCache\Content\1DAF2884EC4DFA96BA4A58D4DBC9C406","SUCCESS","Desired Access: Generic Read/Write, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: S, ShareMode: None, AllocationSize: 0, OpenResult: Created"
  1237. "11:02:28,5092181","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\CryptnetUrlCache\Content","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1238. "11:02:28,5876868","sp-downloader.exe","4052","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  1239. "11:02:28,5897236","sp-downloader.exe","4052","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1240. "11:02:28,5909576","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1241. "11:02:28,6020358","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1242. "11:02:28,6039268","sp-downloader.exe","4052","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1243. "11:02:28,6182091","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1244. "11:02:28,6296711","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1245. "11:02:28,6458453","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\CryptnetUrlCache\MetaData\7D1F03728133589A90656A87E482B21F","NAME NOT FOUND","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a"
  1246. "11:02:29,2159515","sp-downloader.exe","4052","CreateFile","C:\AUTOEXEC.BAT","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  1247. "11:02:29,2256717","sp-downloader.exe","4052","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1248. "11:02:29,2279835","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1249. "11:02:29,3099732","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1250. "11:02:29,3110184","sp-downloader.exe","4052","CreateFile","C:\","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1251. "11:02:29,3118632","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1252. "11:02:29,3305451","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1253. "11:02:29,3317724","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\CryptnetUrlCache\MetaData\7D1F03728133589A90656A87E482B21F","SUCCESS","Desired Access: Generic Read/Write, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: S, ShareMode: None, AllocationSize: 0, OpenResult: Created"
  1254. "11:02:29,3318143","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\CryptnetUrlCache\MetaData","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1255. "11:02:29,3345945","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\CryptnetUrlCache\Content\7D1F03728133589A90656A87E482B21F","SUCCESS","Desired Access: Generic Read/Write, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: S, ShareMode: None, AllocationSize: 0, OpenResult: Created"
  1256. "11:02:29,3346406","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Microsoft\CryptnetUrlCache\Content","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Open For Backup, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  1257. "11:02:29,5150250","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temporary Internet Files\Content.IE5\ONMNSLY5\downloadstub[1]","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: NCI, ShareMode: Read, Write, Delete, AllocationSize: 0, OpenResult: Created"
  1258. "11:02:29,6110956","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
  1259. "11:02:29,6121474","sp-downloader.exe","4052","CreateFile","C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\nsz23.tmp\System.dll","NAME COLLISION","Desired Access: Generic Write, Read Attributes, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: A, ShareMode: Read, AllocationSize: 0"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!