1	16:07:07	cmd.exe:5624	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe	SUCCESS		
2	16:07:07	cmd.exe:5624	IRP_MJ_DIRECTORY_CONTROL	E:\Dev-C++\Bin\	SUCCESS	FileBothDirectoryInformation: rundll32.exe	
3	16:07:07	cmd.exe:5624	IRP_MJ_CREATE	E:\Dev-C++\Bin\rundll32.exe	SUCCESS	Attributes: Any Options: Open 	
4	16:07:07	cmd.exe:5624	IRP_MJ_DIRECTORY_CONTROL	E:\Dev-C++\Bin\	SUCCESS	FileBothDirectoryInformation: rundll32.exe	
5	16:07:07	cmd.exe:5624	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe	SUCCESS		
6	16:07:07	cmd.exe:5624	IRP_MJ_DIRECTORY_CONTROL	E:\Dev-C++\Bin\	SUCCESS	FileBothDirectoryInformation: rundll32.exe	
7	16:07:07	cmd.exe:5624	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe	SUCCESS		
8	16:07:07	cmd.exe:5624	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe	SUCCESS		
9	16:07:07	cmd.exe:5624	IRP_MJ_CREATE	E:\Dev-C++\Bin\rundll32.exe	SUCCESS	Attributes: Any Options: Open 	
10	16:07:07	cmd.exe:5624	FASTIO_QUERY_STANDARD_INFO	E:\Dev-C++\Bin\rundll32.exe	SUCCESS	Size: 33280	
11	16:07:07	cmd.exe:5624	IRP_MJ_CLEANUP	E:\Dev-C++\Bin\rundll32.exe	SUCCESS		
12	16:07:07	cmd.exe:5624	IRP_MJ_CLOSE 	E:\Dev-C++\Bin\rundll32.exe	SUCCESS		
13	16:07:07	cmd.exe:5624	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe	SUCCESS		
14	16:07:07	cmd.exe:5624	IRP_MJ_CREATE	E:\Dev-C++\Bin\rundll32.exe	SUCCESS	Attributes: Any Options: Open 	
15	16:07:07	cmd.exe:5624	FASTIO_QUERY_STANDARD_INFO	E:\Dev-C++\Bin\rundll32.exe	SUCCESS	Size: 33280	
16	16:07:07	cmd.exe:5624	IRP_MJ_CLEANUP	E:\Dev-C++\Bin\rundll32.exe	SUCCESS		
17	16:07:07	cmd.exe:5624	IRP_MJ_CLOSE 	E:\Dev-C++\Bin\rundll32.exe	SUCCESS		
18	16:07:07	cmd.exe:5624	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe	SUCCESS		
19	16:07:07	cmd.exe:5624	IRP_MJ_CREATE	E:\Dev-C++\Bin\rundll32.exe	SUCCESS	Attributes: Any Options: Open 	
20	16:07:07	cmd.exe:5624	FASTIO_QUERY_STANDARD_INFO	E:\Dev-C++\Bin\rundll32.exe	SUCCESS	Size: 33280	
21	16:07:07	cmd.exe:5624	IRP_MJ_CLEANUP	E:\Dev-C++\Bin\rundll32.exe	SUCCESS		
22	16:07:07	cmd.exe:5624	IRP_MJ_CLOSE 	E:\Dev-C++\Bin\rundll32.exe	SUCCESS		
23	16:07:07	cmd.exe:5624	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe	SUCCESS		
24	16:07:07	cmd.exe:5624	IRP_MJ_CREATE	E:\Dev-C++\Bin\rundll32.exe	SUCCESS	Attributes: Any Options: Open 	
25	16:07:07	cmd.exe:5624	FASTIO_QUERY_STANDARD_INFO	E:\Dev-C++\Bin\rundll32.exe	SUCCESS	Size: 33280	
26	16:07:07	cmd.exe:5624	IRP_MJ_CLEANUP	E:\Dev-C++\Bin\rundll32.exe	SUCCESS		
27	16:07:07	cmd.exe:5624	IRP_MJ_CLOSE 	E:\Dev-C++\Bin\rundll32.exe	SUCCESS		
28	16:07:07	cmd.exe:5624	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe	SUCCESS		
29	16:07:07	cmd.exe:5624	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe	SUCCESS		
30	16:07:07	cmd.exe:5624	IRP_MJ_DIRECTORY_CONTROL	E:\Dev-C++\Bin\	SUCCESS	FileBothDirectoryInformation: rundll32.exe	
31	16:07:07	cmd.exe:5624	IRP_MJ_QUERY_INFORMATION	E:\Dev-C++\Bin\rundll32.exe	SUCCESS	FileNameInformation	
32	16:07:07	cmd.exe:5624	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe	SUCCESS		
33	16:07:07	cmd.exe:5624	IRP_MJ_DIRECTORY_CONTROL	E:\Dev-C++\Bin\	SUCCESS	FileBothDirectoryInformation: rundll32.exe	
34	16:07:07	cmd.exe:5624	FASTIO_QUERY_STANDARD_INFO	E:\Dev-C++\Bin\rundll32.exe	SUCCESS	Size: 33280	
35	16:07:07	cmd.exe:5624	FASTIO_QUERY_STANDARD_INFO	E:\Dev-C++\Bin\rundll32.exe	SUCCESS	Size: 33280	
36	16:07:07	cmd.exe:5624	IRP_MJ_CREATE	E:\Dev-C++\Bin\rundll32.exe.Manifest	FILE NOT FOUND	Attributes: Any Options: Open 	
37	16:07:07	cmd.exe:5624	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe	SUCCESS		
38	16:07:07	cmd.exe:5624	IRP_MJ_CLEANUP	E:\Dev-C++\Bin\rundll32.exe	SUCCESS		
39	16:07:07	rundll32.exe:4220	IRP_MJ_QUERY_INFORMATION	E:\Dev-C++\Bin\rundll32.exe	SUCCESS	FileNameInformation	
40	16:07:07	cmd.exe:5624	IRP_MJ_CLOSE 	E:\Dev-C++\Bin\rundll32.exe	SUCCESS		
41	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\Prefetch\RUNDLL32.EXE-3D13FD1B.pf	SUCCESS	Attributes: Any Options: Open 	
42	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\Prefetch\RUNDLL32.EXE-3D13FD1B.pf	SUCCESS	Size: 15530	
43	16:07:07	rundll32.exe:4220	IRP_MJ_READ 	C:\WINDOWS\Prefetch\RUNDLL32.EXE-3D13FD1B.pf	SUCCESS	Offset: 0 Length: 15530	
44	16:07:07	System:4220	IRP_MJ_CLEANUP	C:\WINDOWS\Prefetch\RUNDLL32.EXE-3D13FD1B.pf	SUCCESS		
45	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:	SUCCESS	Attributes: Any Options: Open 	
46	16:07:07	rundll32.exe:4220	IRP_MJ_QUERY_VOLUME_INFORMATION	C:	BUFFER OVERFLOW	FileFsVolumeInformation	
47	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	E:	SUCCESS	Attributes: Any Options: Open 	
48	16:07:07	rundll32.exe:4220	IRP_MJ_QUERY_VOLUME_INFORMATION	E:	BUFFER OVERFLOW	FileFsVolumeInformation	
49	16:07:07	rundll32.exe:4220	IOCTL: 0x90120	C:	SUCCESS		
50	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\	SUCCESS	Attributes: Any Options: Open Directory 	
51	16:07:07	rundll32.exe:4220	IRP_MJ_DIRECTORY_CONTROL	C:\	SUCCESS	FileNamesInformation	
52	16:07:07	rundll32.exe:4220	IRP_MJ_DIRECTORY_CONTROL	C:\	NO MORE FILES	FileNamesInformation	
53	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\	SUCCESS	Attributes: Any Options: Open Directory 	
54	16:07:07	rundll32.exe:4220	IRP_MJ_DIRECTORY_CONTROL	C:\WINDOWS\	SUCCESS	FileNamesInformation	
55	16:07:07	rundll32.exe:4220	IRP_MJ_DIRECTORY_CONTROL	C:\WINDOWS\	NO MORE FILES	FileNamesInformation	
56	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\APPPATCH\	SUCCESS	Attributes: Any Options: Open Directory 	
57	16:07:07	rundll32.exe:4220	IRP_MJ_DIRECTORY_CONTROL	C:\WINDOWS\APPPATCH\	SUCCESS	FileNamesInformation	
58	16:07:07	rundll32.exe:4220	IRP_MJ_DIRECTORY_CONTROL	C:\WINDOWS\APPPATCH\	NO MORE FILES	FileNamesInformation	
59	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\	SUCCESS	Attributes: Any Options: Open Directory 	
60	16:07:07	rundll32.exe:4220	IRP_MJ_DIRECTORY_CONTROL	C:\WINDOWS\SYSTEM32\	SUCCESS	FileNamesInformation	
61	16:07:07	rundll32.exe:4220	IRP_MJ_DIRECTORY_CONTROL	C:\WINDOWS\SYSTEM32\	SUCCESS	FileNamesInformation	
62	16:07:07	rundll32.exe:4220	IRP_MJ_DIRECTORY_CONTROL	C:\WINDOWS\SYSTEM32\	SUCCESS	FileNamesInformation	
63	16:07:07	rundll32.exe:4220	IRP_MJ_DIRECTORY_CONTROL	C:\WINDOWS\SYSTEM32\	SUCCESS	FileNamesInformation	
64	16:07:07	rundll32.exe:4220	IRP_MJ_DIRECTORY_CONTROL	C:\WINDOWS\SYSTEM32\	SUCCESS	FileNamesInformation	
65	16:07:07	rundll32.exe:4220	IRP_MJ_DIRECTORY_CONTROL	C:\WINDOWS\SYSTEM32\	SUCCESS	FileNamesInformation	
66	16:07:07	rundll32.exe:4220	IRP_MJ_DIRECTORY_CONTROL	C:\WINDOWS\SYSTEM32\	NO MORE FILES	FileNamesInformation	
67	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\CONFIG\	SUCCESS	Attributes: Any Options: Open Directory 	
68	16:07:07	rundll32.exe:4220	IRP_MJ_DIRECTORY_CONTROL	C:\WINDOWS\SYSTEM32\CONFIG\	SUCCESS	FileNamesInformation	
69	16:07:07	rundll32.exe:4220	IRP_MJ_DIRECTORY_CONTROL	C:\WINDOWS\SYSTEM32\CONFIG\	NO MORE FILES	FileNamesInformation	
70	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\WINSXS\	SUCCESS	Attributes: Any Options: Open Directory 	
71	16:07:07	rundll32.exe:4220	IRP_MJ_DIRECTORY_CONTROL	C:\WINDOWS\WINSXS\	SUCCESS	FileNamesInformation	
72	16:07:07	rundll32.exe:4220	IRP_MJ_DIRECTORY_CONTROL	C:\WINDOWS\WINSXS\	NO MORE FILES	FileNamesInformation	
73	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.2600.2982_X-WW_AC3F9C03\	SUCCESS	Attributes: Any Options: Open Directory 	
74	16:07:07	rundll32.exe:4220	IRP_MJ_DIRECTORY_CONTROL	C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.2600.2982_X-WW_AC3F9C03\	SUCCESS	FileNamesInformation	
75	16:07:07	rundll32.exe:4220	IRP_MJ_DIRECTORY_CONTROL	C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.2600.2982_X-WW_AC3F9C03\	NO MORE FILES	FileNamesInformation	
76	16:07:07	rundll32.exe:4220	IOCTL: 0x90120	E:	SUCCESS		
77	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	E:\	SUCCESS	Attributes: Any Options: Open Directory 	
78	16:07:07	rundll32.exe:4220	IRP_MJ_DIRECTORY_CONTROL	E:\	SUCCESS	FileNamesInformation	
79	16:07:07	rundll32.exe:4220	IRP_MJ_DIRECTORY_CONTROL	E:\	NO MORE FILES	FileNamesInformation	
80	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	E:\DEV-C++\	SUCCESS	Attributes: Any Options: Open Directory 	
81	16:07:07	rundll32.exe:4220	IRP_MJ_DIRECTORY_CONTROL	E:\DEV-C++\	SUCCESS	FileNamesInformation	
82	16:07:07	rundll32.exe:4220	IRP_MJ_DIRECTORY_CONTROL	E:\DEV-C++\	NO MORE FILES	FileNamesInformation	
83	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	E:\DEV-C++\BIN\	SUCCESS	Attributes: Any Options: Open Directory 	
84	16:07:07	rundll32.exe:4220	IRP_MJ_DIRECTORY_CONTROL	E:\DEV-C++\BIN\	SUCCESS	FileNamesInformation	
85	16:07:07	rundll32.exe:4220	IRP_MJ_DIRECTORY_CONTROL	E:\DEV-C++\BIN\	NO MORE FILES	FileNamesInformation	
86	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\NTDLL.DLL	SUCCESS	Attributes: N Options: Open 	
87	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\NTDLL.DLL	SUCCESS	Size: 708096	
88	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\KERNEL32.DLL	SUCCESS	Attributes: N Options: Open 	
89	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\KERNEL32.DLL	SUCCESS	Size: 984576	
90	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\UNICODE.NLS	SUCCESS	Attributes: N Options: Open 	
91	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\UNICODE.NLS	SUCCESS	Size: 89588	
92	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\LOCALE.NLS	SUCCESS	Attributes: N Options: Open 	
93	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\LOCALE.NLS	SUCCESS	Size: 249270	
94	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\SORTTBLS.NLS	SUCCESS	Attributes: N Options: Open 	
95	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\SORTTBLS.NLS	SUCCESS	Size: 22040	
96	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\MSVCRT.DLL	SUCCESS	Attributes: N Options: Open 	
97	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\MSVCRT.DLL	SUCCESS	Size: 343040	
98	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\GDI32.DLL	SUCCESS	Attributes: N Options: Open 	
99	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\GDI32.DLL	SUCCESS	Size: 282112	
100	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\USER32.DLL	SUCCESS	Attributes: N Options: Open 	
101	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\USER32.DLL	SUCCESS	Size: 577536	
102	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\IMAGEHLP.DLL	SUCCESS	Attributes: N Options: Open 	
103	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\IMAGEHLP.DLL	SUCCESS	Size: 144384	
104	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\SHIMENG.DLL	SUCCESS	Attributes: N Options: Open 	
105	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\SHIMENG.DLL	SUCCESS	Size: 65536	
106	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\APPPATCH\SYSMAIN.SDB	SUCCESS	Attributes: N Options: Open 	
107	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\APPPATCH\SYSMAIN.SDB	SUCCESS	Size: 1190796	
108	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\APPPATCH\ACGENRAL.DLL	SUCCESS	Attributes: N Options: Open 	
109	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\APPPATCH\ACGENRAL.DLL	SUCCESS	Size: 1852416	
110	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\ADVAPI32.DLL	SUCCESS	Attributes: N Options: Open 	
111	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\ADVAPI32.DLL	SUCCESS	Size: 616960	
112	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\RPCRT4.DLL	SUCCESS	Attributes: N Options: Open 	
113	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\RPCRT4.DLL	SUCCESS	Size: 584192	
114	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\SECUR32.DLL	SUCCESS	Attributes: N Options: Open 	
115	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\SECUR32.DLL	SUCCESS	Size: 55808	
116	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\WINMM.DLL	SUCCESS	Attributes: N Options: Open 	
117	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\WINMM.DLL	SUCCESS	Size: 176128	
118	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\OLE32.DLL	SUCCESS	Attributes: N Options: Open 	
119	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\OLE32.DLL	SUCCESS	Size: 1285120	
120	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\OLEAUT32.DLL	SUCCESS	Attributes: N Options: Open 	
121	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\OLEAUT32.DLL	SUCCESS	Size: 549376	
122	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\MSACM32.DLL	SUCCESS	Attributes: N Options: Open 	
123	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\MSACM32.DLL	SUCCESS	Size: 71680	
124	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\VERSION.DLL	SUCCESS	Attributes: N Options: Open 	
125	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\VERSION.DLL	SUCCESS	Size: 18944	
126	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\SHELL32.DLL	SUCCESS	Attributes: N Options: Open 	
127	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\SHELL32.DLL	SUCCESS	Size: 8454656	
128	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\SHLWAPI.DLL	SUCCESS	Attributes: N Options: Open 	
129	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\SHLWAPI.DLL	SUCCESS	Size: 474112	
130	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\USERENV.DLL	SUCCESS	Attributes: N Options: Open 	
131	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\USERENV.DLL	SUCCESS	Size: 723456	
132	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\UXTHEME.DLL	SUCCESS	Attributes: N Options: Open 	
133	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\UXTHEME.DLL	SUCCESS	Size: 218624	
134	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\CTYPE.NLS	SUCCESS	Attributes: N Options: Open 	
135	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\CTYPE.NLS	SUCCESS	Size: 8386	
136	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\IMM32.DLL	SUCCESS	Attributes: N Options: Open 	
137	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\IMM32.DLL	SUCCESS	Size: 110080	
138	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.2600.2982_X-WW_AC3F9C03\COMCTL32.DLL	SUCCESS	Attributes: N Options: Open 	
139	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.2600.2982_X-WW_AC3F9C03\COMCTL32.DLL	SUCCESS	Size: 1054208	
140	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\WINDOWSSHELL.MANIFEST	SUCCESS	Attributes: N Options: Open 	
141	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\WINDOWSSHELL.MANIFEST	SUCCESS	Size: 749	
142	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\COMCTL32.DLL	SUCCESS	Attributes: N Options: Open 	
143	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\COMCTL32.DLL	SUCCESS	Size: 617472	
144	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	E:\DEV-C++\BIN\DESKTOP.DLL	SUCCESS	Attributes: N Options: Open 	
145	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	E:\DEV-C++\BIN\DESKTOP.DLL	SUCCESS	Size: 98304	
146	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\WS2_32.DLL	SUCCESS	Attributes: N Options: Open 	
147	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\WS2_32.DLL	SUCCESS	Size: 82944	
148	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\WS2HELP.DLL	SUCCESS	Attributes: N Options: Open 	
149	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\WS2HELP.DLL	SUCCESS	Size: 19968	
150	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\SORTKEY.NLS	SUCCESS	Attributes: N Options: Open 	
151	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\SORTKEY.NLS	SUCCESS	Size: 262148	
152	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\MSCTF.DLL	SUCCESS	Attributes: N Options: Open 	
153	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\MSCTF.DLL	SUCCESS	Size: 294400	
154	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\C_1252.NLS	SUCCESS	Attributes: N Options: Open 	
155	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\C_1252.NLS	SUCCESS	Size: 66082	
156	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\MSCTFIME.IME	SUCCESS	Attributes: N Options: Open 	
157	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\MSCTFIME.IME	SUCCESS	Size: 177152	
158	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\DOCUME~1\UNKNOWN\LOCALS~1\TEMP\77696E766965772E6F6378FA.TMP	FILE NOT FOUND	Attributes: N Options: Open 	
159	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM	SHARING VIOLATION	Attributes: N Options: Open 	
160	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\MSTMDM.DLL	SUCCESS	Attributes: N Options: Open 	
161	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\MSTMDM.DLL	SUCCESS	Size: 98304	
162	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE	SHARING VIOLATION	Attributes: N Options: Open 	
163	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\APPHELP.DLL	SUCCESS	Attributes: N Options: Open 	
164	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\APPHELP.DLL	SUCCESS	Size: 126976	
165	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\EXPLORER.EXE	SUCCESS	Attributes: N Options: Open 	
166	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\EXPLORER.EXE	SUCCESS	Size: 1033216	
167	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\WINVIEW.OCX	SUCCESS	Attributes: N Options: Open 	
168	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\SYSTEM32\WINVIEW.OCX	SUCCESS	Size: 321	
169	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\NTDLL.DLL	SUCCESS		
170	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\KERNEL32.DLL	SUCCESS		
171	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\UNICODE.NLS	SUCCESS		
172	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\LOCALE.NLS	SUCCESS		
173	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\SORTTBLS.NLS	SUCCESS		
174	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\MSVCRT.DLL	SUCCESS		
175	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\GDI32.DLL	SUCCESS		
176	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\USER32.DLL	SUCCESS		
177	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\IMAGEHLP.DLL	SUCCESS		
178	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\SHIMENG.DLL	SUCCESS		
179	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\APPPATCH\SYSMAIN.SDB	SUCCESS		
180	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\APPPATCH\ACGENRAL.DLL	SUCCESS		
181	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\ADVAPI32.DLL	SUCCESS		
182	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\RPCRT4.DLL	SUCCESS		
183	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\SECUR32.DLL	SUCCESS		
184	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\WINMM.DLL	SUCCESS		
185	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\OLE32.DLL	SUCCESS		
186	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\OLEAUT32.DLL	SUCCESS		
187	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\MSACM32.DLL	SUCCESS		
188	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\VERSION.DLL	SUCCESS		
189	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\SHELL32.DLL	SUCCESS		
190	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\SHLWAPI.DLL	SUCCESS		
191	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\USERENV.DLL	SUCCESS		
192	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\UXTHEME.DLL	SUCCESS		
193	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\CTYPE.NLS	SUCCESS		
194	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\IMM32.DLL	SUCCESS		
195	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.2600.2982_X-WW_AC3F9C03\COMCTL32.DLL	SUCCESS		
196	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\WINDOWSSHELL.MANIFEST	SUCCESS		
197	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\COMCTL32.DLL	SUCCESS		
198	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	E:\DEV-C++\BIN\DESKTOP.DLL	SUCCESS		
199	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\WS2_32.DLL	SUCCESS		
200	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\WS2HELP.DLL	SUCCESS		
201	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\SORTKEY.NLS	SUCCESS		
202	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\MSCTF.DLL	SUCCESS		
203	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\C_1252.NLS	SUCCESS		
204	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\MSCTFIME.IME	SUCCESS		
205	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\MSTMDM.DLL	SUCCESS		
206	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\APPHELP.DLL	SUCCESS		
207	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\EXPLORER.EXE	SUCCESS		
208	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\WINVIEW.OCX	SUCCESS		
209	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\NTDLL.DLL	SUCCESS	Attributes: N Options: Open 	
210	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\KERNEL32.DLL	SUCCESS	Attributes: N Options: Open 	
211	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\MSVCRT.DLL	SUCCESS	Attributes: N Options: Open 	
212	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\GDI32.DLL	SUCCESS	Attributes: N Options: Open 	
213	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\USER32.DLL	SUCCESS	Attributes: N Options: Open 	
214	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\IMAGEHLP.DLL	SUCCESS	Attributes: N Options: Open 	
215	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\SHIMENG.DLL	SUCCESS	Attributes: N Options: Open 	
216	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\APPPATCH\ACGENRAL.DLL	SUCCESS	Attributes: N Options: Open 	
217	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\ADVAPI32.DLL	SUCCESS	Attributes: N Options: Open 	
218	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\RPCRT4.DLL	SUCCESS	Attributes: N Options: Open 	
219	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\SECUR32.DLL	SUCCESS	Attributes: N Options: Open 	
220	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\WINMM.DLL	SUCCESS	Attributes: N Options: Open 	
221	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\OLE32.DLL	SUCCESS	Attributes: N Options: Open 	
222	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\OLEAUT32.DLL	SUCCESS	Attributes: N Options: Open 	
223	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\MSACM32.DLL	SUCCESS	Attributes: N Options: Open 	
224	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\VERSION.DLL	SUCCESS	Attributes: N Options: Open 	
225	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\SHELL32.DLL	SUCCESS	Attributes: N Options: Open 	
226	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\SHLWAPI.DLL	SUCCESS	Attributes: N Options: Open 	
227	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\USERENV.DLL	SUCCESS	Attributes: N Options: Open 	
228	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\UXTHEME.DLL	SUCCESS	Attributes: N Options: Open 	
229	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\IMM32.DLL	SUCCESS	Attributes: N Options: Open 	
230	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.2600.2982_X-WW_AC3F9C03\COMCTL32.DLL	SUCCESS	Attributes: N Options: Open 	
231	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\COMCTL32.DLL	SUCCESS	Attributes: N Options: Open 	
232	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	E:\DEV-C++\BIN\DESKTOP.DLL	SUCCESS	Attributes: N Options: Open 	
233	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\WS2_32.DLL	SUCCESS	Attributes: N Options: Open 	
234	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\WS2HELP.DLL	SUCCESS	Attributes: N Options: Open 	
235	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\MSCTF.DLL	SUCCESS	Attributes: N Options: Open 	
236	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\MSCTFIME.IME	SUCCESS	Attributes: N Options: Open 	
237	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\SYSTEM32\APPHELP.DLL	SUCCESS	Attributes: N Options: Open 	
238	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\NTDLL.DLL	SUCCESS		
239	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\KERNEL32.DLL	SUCCESS		
240	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\MSVCRT.DLL	SUCCESS		
241	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\GDI32.DLL	SUCCESS		
242	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\USER32.DLL	SUCCESS		
243	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\IMAGEHLP.DLL	SUCCESS		
244	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\SHIMENG.DLL	SUCCESS		
245	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\APPPATCH\ACGENRAL.DLL	SUCCESS		
246	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\ADVAPI32.DLL	SUCCESS		
247	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\RPCRT4.DLL	SUCCESS		
248	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\SECUR32.DLL	SUCCESS		
249	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\WINMM.DLL	SUCCESS		
250	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\OLE32.DLL	SUCCESS		
251	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\OLEAUT32.DLL	SUCCESS		
252	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\MSACM32.DLL	SUCCESS		
253	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\VERSION.DLL	SUCCESS		
254	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\SHELL32.DLL	SUCCESS		
255	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\SHLWAPI.DLL	SUCCESS		
256	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\USERENV.DLL	SUCCESS		
257	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\UXTHEME.DLL	SUCCESS		
258	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\IMM32.DLL	SUCCESS		
259	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\WINSXS\X86_MICROSOFT.WINDOWS.COMMON-CONTROLS_6595B64144CCF1DF_6.0.2600.2982_X-WW_AC3F9C03\COMCTL32.DLL	SUCCESS		
260	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\COMCTL32.DLL	SUCCESS		
261	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	E:\DEV-C++\BIN\DESKTOP.DLL	SUCCESS		
262	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\WS2_32.DLL	SUCCESS		
263	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\WS2HELP.DLL	SUCCESS		
264	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\MSCTF.DLL	SUCCESS		
265	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\MSCTFIME.IME	SUCCESS		
266	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\SYSTEM32\APPHELP.DLL	SUCCESS		
267	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	E:\Dev-C++\Bin	SUCCESS	Attributes: Any Options: Open Directory 	
268	16:07:07	rundll32.exe:4220	FSCTL_IS_VOLUME_MOUNTED	E:\Dev-C++\Bin	SUCCESS		
269	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local	SUCCESS		
270	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local	SUCCESS		
271	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local	SUCCESS		
272	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\ShimEng.dll	SUCCESS	Attributes: Any Options: Open 	
273	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\system32\ShimEng.dll	SUCCESS		
274	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\system32\ShimEng.dll	SUCCESS		
275	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\AppPatch\sysmain.sdb	SUCCESS	Attributes: N Options: Open 	
276	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\AppPatch\sysmain.sdb	SUCCESS	Size: 1190796	
277	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\AppPatch\sysmain.sdb	SUCCESS	Size: 1190796	
278	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\AppPatch\sysmain.sdb	SUCCESS	Size: 1190796	
279	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\AppPatch\systest.sdb	FILE NOT FOUND	Attributes: N Options: Open 	
280	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\AppPatch\AcGenral.DLL	SUCCESS	Attributes: N Options: Open 	
281	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\AppPatch\AcGenral.DLL	SUCCESS		
282	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\AppPatch\AcGenral.DLL	SUCCESS		
283	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local	SUCCESS		
284	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\AppPatch\AcGenral.DLL	SUCCESS	Attributes: Any Options: Open 	
285	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\AppPatch\AcGenral.DLL	SUCCESS	Size: 1852416	
286	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\AppPatch\AcGenral.DLL	SUCCESS		
287	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\AppPatch\AcGenral.DLL	SUCCESS		
288	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local	SUCCESS		
289	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\AppPatch\AcGenral.DLL	SUCCESS	Attributes: Any Options: Open 	
290	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\AppPatch\AcGenral.DLL	SUCCESS	Size: 1852416	
291	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\AppPatch\AcGenral.DLL	SUCCESS		
292	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\AppPatch\AcGenral.DLL	SUCCESS		
293	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local	SUCCESS		
294	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\AppPatch\AcGenral.DLL	SUCCESS	Attributes: Any Options: Open 	
295	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\AppPatch\AcGenral.DLL	SUCCESS		
296	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\AppPatch\AcGenral.DLL	SUCCESS		
297	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local	SUCCESS		
298	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local	SUCCESS		
299	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\WINMM.dll	SUCCESS	Attributes: Any Options: Open 	
300	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\system32\WINMM.dll	SUCCESS		
301	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\system32\WINMM.dll	SUCCESS		
302	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local	SUCCESS		
303	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local	SUCCESS		
304	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\MSACM32.dll	SUCCESS	Attributes: Any Options: Open 	
305	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\system32\MSACM32.dll	SUCCESS		
306	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\system32\MSACM32.dll	SUCCESS		
307	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local	SUCCESS		
308	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local	SUCCESS		
309	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\UxTheme.dll	SUCCESS	Attributes: Any Options: Open 	
310	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\system32\UxTheme.dll	SUCCESS		
311	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\system32\UxTheme.dll	SUCCESS		
312	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\AppPatch\sysmain.sdb	SUCCESS		
313	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\AppPatch\sysmain.sdb	SUCCESS		
314	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local	SUCCESS		
315	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\IMM32.DLL	SUCCESS	Attributes: Any Options: Open 	
316	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\system32\IMM32.DLL	SUCCESS	Size: 110080	
317	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\system32\IMM32.DLL	SUCCESS		
318	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\system32\IMM32.DLL	SUCCESS		
319	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local	SUCCESS		
320	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\IMM32.DLL	SUCCESS	Attributes: Any Options: Open 	
321	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\system32\IMM32.DLL	SUCCESS	Size: 110080	
322	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\system32\IMM32.DLL	SUCCESS		
323	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\system32\IMM32.DLL	SUCCESS		
324	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local	SUCCESS		
325	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\IMM32.DLL	SUCCESS	Attributes: Any Options: Open 	
326	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\system32\IMM32.DLL	SUCCESS		
327	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\system32\IMM32.DLL	SUCCESS		
328	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local	SUCCESS		
329	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local	SUCCESS		
330	16:07:07	rundll32.exe:4220	IRP_MJ_QUERY_INFORMATION	E:\Dev-C++\Bin\rundll32.exe	BUFFER OVERFLOW	FileNameInformation	
331	16:07:07	rundll32.exe:4220	IRP_MJ_QUERY_INFORMATION	E:\Dev-C++\Bin\rundll32.exe	SUCCESS	FileNameInformation	
332	16:07:07	rundll32.exe:4220	IRP_MJ_SET_INFORMATION 	C:\WINDOWS\system32\config\software.LOG	SUCCESS	FileEndOfFileInformation	
333	16:07:07	rundll32.exe:4220	IRP_MJ_SET_INFORMATION 	C:\WINDOWS\system32\config\software.LOG	SUCCESS	FileEndOfFileInformation	
334	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\SHELL32.dll	SUCCESS	Attributes: Any Options: Open 	
335	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\system32\SHELL32.dll	SUCCESS	Size: 8454656	
336	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\SHELL32.dll.124.Manifest	FILE NOT FOUND	Attributes: Any Options: Open 	
337	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\SHELL32.dll.124.Config	FILE NOT FOUND	Attributes: Any Options: Open 	
338	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\system32\SHELL32.dll	SUCCESS		
339	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\system32\SHELL32.dll	SUCCESS		
340	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local\	SUCCESS		
341	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local\	SUCCESS		
342	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03	SUCCESS	Attributes: Any Options: Open Directory 	
343	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll	SUCCESS	Attributes: Any Options: Open 	
344	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll	SUCCESS	Size: 1054208	
345	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll	SUCCESS		
346	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll	SUCCESS		
347	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll	SUCCESS	Attributes: Any Options: Open 	
348	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll	SUCCESS		
349	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll	SUCCESS		
350	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local\	SUCCESS		
351	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\WindowsShell.Manifest	SUCCESS	Attributes: Any Options: Open 	
352	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\WindowsShell.Manifest	SUCCESS	Size: 749	
353	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\WindowsShell.Manifest	SUCCESS		
354	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\WindowsShell.Manifest	SUCCESS		
355	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local\	SUCCESS		
356	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\WindowsShell.Manifest	SUCCESS	Attributes: Any Options: Open 	
357	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\WindowsShell.Manifest	SUCCESS	Size: 749	
358	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\WindowsShell.Manifest	SUCCESS		
359	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\WindowsShell.Manifest	SUCCESS		
360	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\WindowsShell.Manifest	SUCCESS	Attributes: Any Options: Open 	
361	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\WindowsShell.Manifest	SUCCESS	Size: 749	
362	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\WindowsShell.Manifest	SUCCESS	Size: 749	
363	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\WindowsShell.Config	FILE NOT FOUND	Attributes: Any Options: Open 	
364	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\WindowsShell.Manifest	SUCCESS		
365	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\WindowsShell.Manifest	SUCCESS		
366	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\comctl32.dll	SUCCESS	Attributes: Any Options: Open 	
367	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\system32\comctl32.dll	SUCCESS	Size: 617472	
368	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\comctl32.dll.124.Manifest	FILE NOT FOUND	Attributes: Any Options: Open 	
369	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\comctl32.dll.124.Config	FILE NOT FOUND	Attributes: Any Options: Open 	
370	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\system32\comctl32.dll	SUCCESS		
371	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\system32\comctl32.dll	SUCCESS		
372	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local\	SUCCESS		
373	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local\	SUCCESS		
374	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	E:\Dev-C++\Bin\desktop.dll	SUCCESS	Attributes: Any Options: Open 	
375	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	E:\Dev-C++\Bin\desktop.dll	SUCCESS	Size: 98304	
376	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	E:\Dev-C++\Bin\desktop.dll.123.Manifest	FILE NOT FOUND	Attributes: Any Options: Open 	
377	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	E:\Dev-C++\Bin\desktop.dll	SUCCESS		
378	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	E:\Dev-C++\Bin\desktop.dll	SUCCESS		
379	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local\	SUCCESS		
380	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	E:\Dev-C++\Bin\desktop.dll	SUCCESS	Attributes: Any Options: Open 	
381	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	E:\Dev-C++\Bin\desktop.dll	SUCCESS		
382	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	E:\Dev-C++\Bin\desktop.dll	SUCCESS		
383	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local\	SUCCESS		
384	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local\	SUCCESS		
385	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\WS2_32.dll	SUCCESS	Attributes: Any Options: Open 	
386	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\system32\WS2_32.dll	SUCCESS		
387	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\system32\WS2_32.dll	SUCCESS		
388	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local\	SUCCESS		
389	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local\	SUCCESS		
390	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\WS2HELP.dll	SUCCESS	Attributes: Any Options: Open 	
391	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\system32\WS2HELP.dll	SUCCESS		
392	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\system32\WS2HELP.dll	SUCCESS		
393	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\1.txt	SUCCESS	Attributes: Any Options: OverwriteIf 	
394	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\1.txt	SUCCESS		
395	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\1.txt	SUCCESS		
396	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\1.txt	SUCCESS	Attributes: Any Options: Open 	
397	16:07:07	rundll32.exe:4220	IRP_MJ_QUERY_INFORMATION	C:\WINDOWS\1.txt	SUCCESS	FileObjectIdInformation	
398	16:07:07	rundll32.exe:4220	IRP_MJ_SET_INFORMATION 	C:\WINDOWS\1.txt	SUCCESS	FileDispositionInformation	
399	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\1.txt	SUCCESS		
400	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\1.txt	SUCCESS		
401	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\DOCUME~1\unknown\LOCALS~1\Temp\	NAME COLLISION	Attributes: N Options: Create Directory 	
402	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\DOCUME~1\unknown\LOCALS~1\Temp	NAME COLLISION	Attributes: N Options: Create Directory 	
403	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS	NAME COLLISION	Attributes: N Options: Create Directory 	
404	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\1.txt	SUCCESS	Attributes: Any Options: OverwriteIf 	
405	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\1.txt	SUCCESS		
406	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\1.txt	SUCCESS		
407	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\1.txt	SUCCESS	Attributes: Any Options: Open 	
408	16:07:07	rundll32.exe:4220	IRP_MJ_QUERY_INFORMATION	C:\WINDOWS\1.txt	SUCCESS	FileObjectIdInformation	
409	16:07:07	rundll32.exe:4220	IRP_MJ_SET_INFORMATION 	C:\WINDOWS\1.txt	SUCCESS	FileDispositionInformation	
410	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\1.txt	SUCCESS		
411	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\1.txt	SUCCESS		
412	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\DOCUME~1\unknown\LOCALS~1\Temp\	NAME COLLISION	Attributes: N Options: Create Directory 	
413	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\DOCUME~1\unknown\LOCALS~1\Temp	NAME COLLISION	Attributes: N Options: Create Directory 	
414	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS	NAME COLLISION	Attributes: N Options: Create Directory 	
415	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe	SUCCESS		
416	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	C:\WINDOWS\system32\MSCTF.dll	SUCCESS		
417	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\MSCTF.dll	SUCCESS	Attributes: Any Options: Open 	
418	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\system32\MSCTF.dll	SUCCESS	Size: 294400	
419	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\system32\MSCTF.dll	SUCCESS		
420	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\system32\MSCTF.dll	SUCCESS		
421	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	C:\WINDOWS\system32\MSCTF.dll	SUCCESS		
422	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\MSCTF.dll	SUCCESS	Attributes: Any Options: Open 	
423	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\system32\MSCTF.dll	SUCCESS		
424	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\system32\MSCTF.dll	SUCCESS		
425	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	C:\WINDOWS\system32\MSCTF.dll	SUCCESS		
426	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	C:\WINDOWS\system32\MSCTF.dll	SUCCESS		
427	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	C:\WINDOWS\system32\MSCTF.dll	SUCCESS		
428	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	C:\WINDOWS\system32\MSCTF.dll	SUCCESS		
429	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\msctfime.ime	SUCCESS	Attributes: Any Options: Open 	
430	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\system32\msctfime.ime	SUCCESS	Size: 177152	
431	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\system32\msctfime.ime	SUCCESS		
432	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\system32\msctfime.ime	SUCCESS		
433	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	C:\WINDOWS\system32\MSCTF.dll	SUCCESS		
434	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\msctfime.ime	SUCCESS	Attributes: Any Options: Open 	
435	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\system32\msctfime.ime	SUCCESS	Size: 177152	
436	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\system32\msctfime.ime	SUCCESS		
437	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\system32\msctfime.ime	SUCCESS		
438	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	C:\WINDOWS\system32\MSCTF.dll	SUCCESS		
439	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\msctfime.ime	SUCCESS	Attributes: Any Options: Open 	
440	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\system32\msctfime.ime	SUCCESS	Size: 177152	
441	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\system32\msctfime.ime	SUCCESS		
442	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\system32\msctfime.ime	SUCCESS		
443	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	C:\WINDOWS\system32\MSCTF.dll	SUCCESS		
444	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\msctfime.ime	SUCCESS	Attributes: Any Options: Open 	
445	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\system32\msctfime.ime	SUCCESS	Size: 177152	
446	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\system32\msctfime.ime	SUCCESS		
447	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\system32\msctfime.ime	SUCCESS		
448	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	C:\WINDOWS\system32\MSCTF.dll	SUCCESS		
449	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\msctfime.ime	SUCCESS	Attributes: Any Options: Open 	
450	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\system32\msctfime.ime	SUCCESS	Size: 177152	
451	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\system32\msctfime.ime	SUCCESS		
452	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\system32\msctfime.ime	SUCCESS		
453	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	C:\WINDOWS\system32\MSCTF.dll	SUCCESS		
454	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\msctfime.ime	SUCCESS	Attributes: Any Options: Open 	
455	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\system32\msctfime.ime	SUCCESS		
456	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\system32\msctfime.ime	SUCCESS		
457	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	C:\WINDOWS\system32\MSCTF.dll	SUCCESS		
458	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	C:\WINDOWS\system32\MSCTF.dll	SUCCESS		
459	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	C:\WINDOWS\system32\msctfime.ime	SUCCESS		
460	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\__1.dat	SUCCESS	Attributes: N Options: OverwriteIf 	
461	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\system32\__1.dat	SUCCESS		
462	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\system32\__1.dat	SUCCESS		
463	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\__1.dat	SUCCESS	Attributes: Any Options: Open 	
464	16:07:07	rundll32.exe:4220	IRP_MJ_QUERY_INFORMATION	C:\WINDOWS\system32\__1.dat	SUCCESS	FileObjectIdInformation	
465	16:07:07	rundll32.exe:4220	IRP_MJ_SET_INFORMATION 	C:\WINDOWS\system32\__1.dat	SUCCESS	FileDispositionInformation	
466	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\system32\__1.dat	SUCCESS		
467	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\system32\__1.dat	SUCCESS		
468	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\win.com	SUCCESS	Attributes: N Options: Open 	
469	16:07:07	rundll32.exe:4220	FASTIO_QUERY_BASIC_INFO	C:\WINDOWS\system32\win.com	SUCCESS	Attributes: A	
470	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\system32\win.com	SUCCESS		
471	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\system32\win.com	SUCCESS		
472	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\dswiz.dat	FILE NOT FOUND	Attributes: N Options: Open 	
473	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\DOCUME~1\unknown\LOCALS~1\Temp\	NAME COLLISION	Attributes: N Options: Create Directory 	
474	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\DOCUME~1\unknown\LOCALS~1\Temp\77696E766965772E6F6378FA.tmp	SUCCESS	Attributes: N Options: OpenIf 	
475	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\DOCUME~1\unknown\LOCALS~1\Temp\77696E766965772E6F6378FA.tmp	SUCCESS	Size: 0	
476	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\DOCUME~1\unknown\LOCALS~1\Temp\77696E766965772E6F6378FA.tmp	SUCCESS	Size: 0	
477	16:07:07	rundll32.exe:4220	IRP_MJ_WRITE 	C:\DOCUME~1\unknown\LOCALS~1\Temp\77696E766965772E6F6378FA.tmp	SUCCESS	Offset: 0 Length: 31	
478	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\DOCUME~1\unknown\LOCALS~1\Temp\77696E766965772E6F6378FA.tmp	SUCCESS	Size: 31	
479	16:07:07	rundll32.exe:4220	FASTIO_WRITE	C:\DOCUME~1\unknown\LOCALS~1\Temp\77696E766965772E6F6378FA.tmp	FAILURE	Offset: 31 Length: 54	
480	16:07:07	rundll32.exe:4220	IRP_MJ_WRITE 	C:\DOCUME~1\unknown\LOCALS~1\Temp\77696E766965772E6F6378FA.tmp	SUCCESS	Offset: 31 Length: 54	
481	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local\	SUCCESS		
482	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\DOCUME~1\unknown\LOCALS~1\Temp\~DFBA.tmp	SUCCESS	Attributes: N Options: Create 	
483	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\DOCUME~1\unknown\LOCALS~1\Temp\~DFBA.tmp	SUCCESS		
484	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\DOCUME~1\unknown\LOCALS~1\Temp\~DFBA.tmp	SUCCESS		
485	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\DOCUME~1\unknown\LOCALS~1\Temp\~DFBA.tmp	SUCCESS	Attributes: Any Options: Open 	
486	16:07:07	rundll32.exe:4220	IRP_MJ_QUERY_INFORMATION	C:\DOCUME~1\unknown\LOCALS~1\Temp\~DFBA.tmp	SUCCESS	FileObjectIdInformation	
487	16:07:07	rundll32.exe:4220	IRP_MJ_SET_INFORMATION 	C:\DOCUME~1\unknown\LOCALS~1\Temp\~DFBA.tmp	SUCCESS	FileDispositionInformation	
488	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\DOCUME~1\unknown\LOCALS~1\Temp\~DFBA.tmp	SUCCESS		
489	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\DOCUME~1\unknown\LOCALS~1\Temp\~DFBA.tmp	SUCCESS		
490	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\mstmdm.dll	SUCCESS	Attributes: Any Options: Open 	
491	16:07:07	rundll32.exe:4220	IRP_MJ_QUERY_INFORMATION	C:\WINDOWS\system32\mstmdm.dll	SUCCESS	FileObjectIdInformation	
492	16:07:07	rundll32.exe:4220	FASTIO_QUERY_BASIC_INFO	C:\WINDOWS\system32\mstmdm.dll	SUCCESS	Attributes: HSA	
493	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\DOCUME~1\unknown\LOCALS~1\Temp\~DFBA.tmp	SUCCESS	Attributes: Any Options: Open 	
494	16:07:07	rundll32.exe:4220	IRP_MJ_SET_INFORMATION 	C:\WINDOWS\system32\mstmdm.dll	SUCCESS	FileRenameInformation	
495	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\DOCUME~1\unknown\LOCALS~1\Temp\~DFBA.tmp	SUCCESS		
496	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\DOCUME~1\unknown\LOCALS~1\Temp\~DFBA.tmp	SUCCESS		
497	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\DOCUME~1\unknown\LOCALS~1\Temp\77696E766965772E6F6378FA.tmp	SUCCESS	Size: 85	
498	16:07:07	rundll32.exe:4220	FASTIO_WRITE	C:\DOCUME~1\unknown\LOCALS~1\Temp\77696E766965772E6F6378FA.tmp	FAILURE	Offset: 85 Length: 107	
499	16:07:07	rundll32.exe:4220	IRP_MJ_WRITE 	C:\DOCUME~1\unknown\LOCALS~1\Temp\77696E766965772E6F6378FA.tmp	SUCCESS	Offset: 85 Length: 107	
500	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\DOCUME~1\unknown\LOCALS~1\Temp\~DFBA.tmp	SUCCESS	Attributes: Any Options: Open 	
501	16:07:07	rundll32.exe:4220	IRP_MJ_QUERY_INFORMATION	C:\DOCUME~1\unknown\LOCALS~1\Temp\~DFBA.tmp	SUCCESS	FileObjectIdInformation	
502	16:07:07	rundll32.exe:4220	IRP_MJ_SET_INFORMATION 	C:\WINDOWS\system32\config\system.LOG	SUCCESS	FileEndOfFileInformation	
503	16:07:07	rundll32.exe:4220	IRP_MJ_SET_INFORMATION 	C:\WINDOWS\system32\config\system.LOG	SUCCESS	FileEndOfFileInformation	
504	16:07:07	rundll32.exe:4220	IRP_MJ_SET_INFORMATION 	C:\WINDOWS\system32\config\system.LOG	SUCCESS	FileEndOfFileInformation	
505	16:07:07	rundll32.exe:4220	IRP_MJ_SET_INFORMATION 	C:\WINDOWS\system32\config\system.LOG	SUCCESS	FileEndOfFileInformation	
506	16:07:07	rundll32.exe:4220	IRP_MJ_SET_INFORMATION 	C:\WINDOWS\system32\config\system.LOG	SUCCESS	FileEndOfFileInformation	
507	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\DOCUME~1\unknown\LOCALS~1\Temp\~DFBA.tmp	SUCCESS		
508	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\DOCUME~1\unknown\LOCALS~1\Temp\~DFBA.tmp	SUCCESS		
509	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	E:\Dev-C++\Bin\desktop.dll	SUCCESS	Attributes: Any Options: Open Sequential 	
510	16:07:07	rundll32.exe:4220	IRP_MJ_QUERY_INFORMATION	E:\Dev-C++\Bin\desktop.dll	SUCCESS	FileObjectIdInformation	
511	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	E:\Dev-C++\Bin\desktop.dll	SUCCESS	Size: 98304	
512	16:07:07	rundll32.exe:4220	FASTIO_QUERY_BASIC_INFO	E:\Dev-C++\Bin\desktop.dll	SUCCESS	Attributes: HSA	
513	16:07:07	rundll32.exe:4220	IRP_MJ_QUERY_INFORMATION	E:\Dev-C++\Bin\desktop.dll	SUCCESS	FileStreamInformation	
514	16:07:07	rundll32.exe:4220	FASTIO_QUERY_BASIC_INFO	E:\Dev-C++\Bin\desktop.dll	SUCCESS	Attributes: HSA	
515	16:07:07	rundll32.exe:4220	IRP_MJ_QUERY_INFORMATION	E:\Dev-C++\Bin\desktop.dll	SUCCESS	FileEaInformation	
516	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\mstmdm.dll	SUCCESS	Attributes: HSA Options: Create Sequential 	
517	16:07:07	rundll32.exe:4220	IRP_MJ_QUERY_VOLUME_INFORMATION	C:\WINDOWS\system32\mstmdm.dll	SUCCESS	FileFsAttributeInformation	
518	16:07:07	rundll32.exe:4220	FASTIO_QUERY_BASIC_INFO	C:\WINDOWS\system32\mstmdm.dll	SUCCESS	Attributes: HSA	
519	16:07:07	rundll32.exe:4220	IRP_MJ_QUERY_VOLUME_INFORMATION	E:\Dev-C++\Bin\desktop.dll	SUCCESS	FileFsAttributeInformation	
520	16:07:07	rundll32.exe:4220	IRP_MJ_SET_INFORMATION 	C:\WINDOWS\system32\mstmdm.dll	SUCCESS	FileEndOfFileInformation	
521	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	E:\Dev-C++\Bin\desktop.dll	SUCCESS	Size: 98304	
522	16:07:07	rundll32.exe:4220	IRP_MJ_WRITE 	C:\WINDOWS\system32\mstmdm.dll	SUCCESS	Offset: 0 Length: 65536	
523	16:07:07	rundll32.exe:4220	FASTIO_WRITE	C:\WINDOWS\system32\mstmdm.dll	SUCCESS	Offset: 65536 Length: 32768	
524	16:07:07	rundll32.exe:4220	IRP_MJ_SET_INFORMATION 	C:\WINDOWS\system32\mstmdm.dll	SUCCESS	FileBasicInformation	
525	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	E:\Dev-C++\Bin\desktop.dll	SUCCESS		
526	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	E:\Dev-C++\Bin\desktop.dll	SUCCESS		
527	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\system32\mstmdm.dll	SUCCESS		
528	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\DOCUME~1\unknown\LOCALS~1\Temp\77696E766965772E6F6378FA.tmp	SUCCESS	Size: 192	
529	16:07:07	rundll32.exe:4220	FASTIO_WRITE	C:\DOCUME~1\unknown\LOCALS~1\Temp\77696E766965772E6F6378FA.tmp	FAILURE	Offset: 192 Length: 82	
530	16:07:07	rundll32.exe:4220	IRP_MJ_WRITE 	C:\DOCUME~1\unknown\LOCALS~1\Temp\77696E766965772E6F6378FA.tmp	SUCCESS	Offset: 192 Length: 82	
531	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\mstmdm.dll	SUCCESS	Attributes: N Options: Open 	
532	16:07:07	rundll32.exe:4220	IRP_MJ_SET_INFORMATION 	C:\WINDOWS\system32\mstmdm.dll	SUCCESS	FileBasicInformation	
533	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\system32\mstmdm.dll	SUCCESS		
534	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\system32\mstmdm.dll	SUCCESS		
535	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	E:\	SUCCESS	Attributes: Any Options: Open Directory 	
536	16:07:07	rundll32.exe:4220	IRP_MJ_QUERY_INFORMATION	E:\	SUCCESS	FileNameInformation	
537	16:07:07	rundll32.exe:4220	IRP_MJ_QUERY_VOLUME_INFORMATION	E:\	SUCCESS	FileFsVolumeInformation	
538	16:07:07	rundll32.exe:4220	IRP_MJ_QUERY_VOLUME_INFORMATION	E:\	SUCCESS	FileFsAttributeInformation	
539	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	E:\	SUCCESS		
540	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	E:\	SUCCESS		
541	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\DOCUME~1\unknown\LOCALS~1\Temp\77696E766965772E6F6378FA.tmp	SUCCESS	Size: 274	
542	16:07:07	rundll32.exe:4220	FASTIO_WRITE	C:\DOCUME~1\unknown\LOCALS~1\Temp\77696E766965772E6F6378FA.tmp	FAILURE	Offset: 274 Length: 29	
543	16:07:07	rundll32.exe:4220	IRP_MJ_WRITE 	C:\DOCUME~1\unknown\LOCALS~1\Temp\77696E766965772E6F6378FA.tmp	SUCCESS	Offset: 274 Length: 29	
544	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local\	SUCCESS		
545	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local\	SUCCESS		
546	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local\	SUCCESS		
547	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local\	SUCCESS		
548	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local\	SUCCESS		
549	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local\	SUCCESS		
550	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\explorer.exe	SUCCESS	Attributes: Any Options: Open 	
551	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local\	SUCCESS		
552	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\Apphelp.dll	SUCCESS	Attributes: Any Options: Open 	
553	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\system32\Apphelp.dll	SUCCESS	Size: 126976	
554	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\system32\Apphelp.dll	SUCCESS		
555	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\system32\Apphelp.dll	SUCCESS		
556	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local\	SUCCESS		
557	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\Apphelp.dll	SUCCESS	Attributes: Any Options: Open 	
558	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\system32\Apphelp.dll	SUCCESS		
559	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\system32\Apphelp.dll	SUCCESS		
560	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\AppPatch\sysmain.sdb	SUCCESS	Attributes: N Options: Open 	
561	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\AppPatch\sysmain.sdb	SUCCESS	Size: 1190796	
562	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\AppPatch\sysmain.sdb	SUCCESS	Size: 1190796	
563	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\AppPatch\sysmain.sdb	SUCCESS	Size: 1190796	
564	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\AppPatch\systest.sdb	FILE NOT FOUND	Attributes: N Options: Open 	
565	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\	SUCCESS	Attributes: Any Options: Open Directory 	
566	16:07:07	rundll32.exe:4220	IRP_MJ_DIRECTORY_CONTROL	C:\WINDOWS\	SUCCESS	FileBothDirectoryInformation: explorer.exe	
567	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\	SUCCESS		
568	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\	SUCCESS		
569	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local\	SUCCESS		
570	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\	SUCCESS	Attributes: Any Options: Open Directory 	
571	16:07:07	rundll32.exe:4220	IRP_MJ_DIRECTORY_CONTROL	C:\	SUCCESS	FileBothDirectoryInformation: WINDOWS	
572	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\	SUCCESS		
573	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\	SUCCESS		
574	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\	SUCCESS	Attributes: Any Options: Open Directory 	
575	16:07:07	rundll32.exe:4220	IRP_MJ_DIRECTORY_CONTROL	C:\WINDOWS\	SUCCESS	FileBothDirectoryInformation: explorer.exe	
576	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\	SUCCESS		
577	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\	SUCCESS		
578	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local\	SUCCESS		
579	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local\	SUCCESS		
580	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\explorer.exe	SUCCESS	Attributes: Any Options: Open 	
581	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\explorer.exe	SUCCESS	Size: 1033216	
582	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\explorer.exe	SUCCESS		
583	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\explorer.exe	SUCCESS		
584	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local\	SUCCESS		
585	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\explorer.exe	SUCCESS	Attributes: Any Options: Open 	
586	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\explorer.exe	SUCCESS	Size: 1033216	
587	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\explorer.exe	SUCCESS		
588	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\explorer.exe	SUCCESS		
589	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local\	SUCCESS		
590	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\explorer.exe	SUCCESS	Attributes: Any Options: Open 	
591	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\explorer.exe	SUCCESS	Size: 1033216	
592	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\explorer.exe	SUCCESS		
593	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\explorer.exe	SUCCESS		
594	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local\	SUCCESS		
595	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\explorer.exe	SUCCESS	Attributes: Any Options: Open 	
596	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\explorer.exe	SUCCESS	Size: 1033216	
597	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\explorer.exe	SUCCESS		
598	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\explorer.exe	SUCCESS		
599	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local\	SUCCESS		
600	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\	SUCCESS	Attributes: Any Options: Open Directory 	
601	16:07:07	rundll32.exe:4220	IRP_MJ_DIRECTORY_CONTROL	C:\	SUCCESS	FileBothDirectoryInformation: WINDOWS	
602	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\	SUCCESS		
603	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\	SUCCESS		
604	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\	SUCCESS	Attributes: Any Options: Open Directory 	
605	16:07:07	rundll32.exe:4220	IRP_MJ_DIRECTORY_CONTROL	C:\WINDOWS\	SUCCESS	FileBothDirectoryInformation: explorer.exe	
606	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\	SUCCESS		
607	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\	SUCCESS		
608	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\AppPatch\sysmain.sdb	SUCCESS		
609	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\AppPatch\sysmain.sdb	SUCCESS		
610	16:07:07	rundll32.exe:4220	IRP_MJ_QUERY_INFORMATION	C:\WINDOWS\explorer.exe	SUCCESS	FileNameInformation	
611	16:07:07	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local\	SUCCESS		
612	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\	SUCCESS	Attributes: Any Options: Open Directory 	
613	16:07:07	rundll32.exe:4220	IRP_MJ_DIRECTORY_CONTROL	C:\	SUCCESS	FileBothDirectoryInformation: WINDOWS	
614	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\	SUCCESS		
615	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\	SUCCESS		
616	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\	SUCCESS	Attributes: Any Options: Open Directory 	
617	16:07:07	rundll32.exe:4220	IRP_MJ_DIRECTORY_CONTROL	C:\WINDOWS\	SUCCESS	FileBothDirectoryInformation: explorer.exe	
618	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\	SUCCESS		
619	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\	SUCCESS		
620	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\explorer.exe	SUCCESS	Size: 1033216	
621	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\explorer.exe	SUCCESS	Size: 1033216	
622	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\explorer.exe.Manifest	FILE NOT FOUND	Attributes: Any Options: Open 	
623	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\explorer.exe	SUCCESS		
624	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\explorer.exe	SUCCESS		
625	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\DOCUME~1\unknown\LOCALS~1\Temp\77696E766965772E6F6378FA.tmp	SUCCESS	Size: 303	
626	16:07:07	rundll32.exe:4220	FASTIO_WRITE	C:\DOCUME~1\unknown\LOCALS~1\Temp\77696E766965772E6F6378FA.tmp	FAILURE	Offset: 303 Length: 18	
627	16:07:07	rundll32.exe:4220	IRP_MJ_WRITE 	C:\DOCUME~1\unknown\LOCALS~1\Temp\77696E766965772E6F6378FA.tmp	SUCCESS	Offset: 303 Length: 18	
628	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\winview.ocx	SUCCESS	Attributes: N Options: Open 	
629	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\system32\winview.ocx	SUCCESS	Size: 321	
630	16:07:07	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\DOCUME~1\unknown\LOCALS~1\Temp\77696E766965772E6F6378FA.tmp	SUCCESS	Size: 321	
631	16:07:07	rundll32.exe:4220	FASTIO_READ	C:\DOCUME~1\unknown\LOCALS~1\Temp\77696E766965772E6F6378FA.tmp	SUCCESS	Offset: 0 Length: 321	
632	16:07:07	rundll32.exe:4220	IRP_MJ_WRITE 	C:\WINDOWS\system32\winview.ocx	SUCCESS	Offset: 321 Length: 321	
633	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\system32\winview.ocx	SUCCESS		
634	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\DOCUME~1\unknown\LOCALS~1\Temp\77696E766965772E6F6378FA.tmp	SUCCESS		
635	16:07:07	rundll32.exe:4220	IRP_MJ_CREATE	C:\DOCUME~1\unknown\LOCALS~1\Temp\77696E766965772E6F6378FA.tmp	SUCCESS	Attributes: Any Options: Open 	
636	16:07:07	rundll32.exe:4220	IRP_MJ_QUERY_INFORMATION	C:\DOCUME~1\unknown\LOCALS~1\Temp\77696E766965772E6F6378FA.tmp	SUCCESS	FileObjectIdInformation	
637	16:07:07	rundll32.exe:4220	IRP_MJ_SET_INFORMATION 	C:\DOCUME~1\unknown\LOCALS~1\Temp\77696E766965772E6F6378FA.tmp	SUCCESS	FileDispositionInformation	
638	16:07:07	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\DOCUME~1\unknown\LOCALS~1\Temp\77696E766965772E6F6378FA.tmp	SUCCESS		
639	16:07:07	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\DOCUME~1\unknown\LOCALS~1\Temp\77696E766965772E6F6378FA.tmp	SUCCESS		
640	16:07:12	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local	SUCCESS		
641	16:07:12	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\__1.dat	SUCCESS	Attributes: N Options: OverwriteIf 	
642	16:07:12	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\system32\__1.dat	SUCCESS		
643	16:07:12	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\system32\__1.dat	SUCCESS		
644	16:07:12	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\__1.dat	SUCCESS	Attributes: Any Options: Open 	
645	16:07:12	rundll32.exe:4220	IRP_MJ_QUERY_INFORMATION	C:\WINDOWS\system32\__1.dat	SUCCESS	FileObjectIdInformation	
646	16:07:12	rundll32.exe:4220	IRP_MJ_SET_INFORMATION 	C:\WINDOWS\system32\__1.dat	SUCCESS	FileDispositionInformation	
647	16:07:12	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\system32\__1.dat	SUCCESS		
648	16:07:12	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\system32\__1.dat	SUCCESS		
649	16:07:12	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\win.com	SUCCESS	Attributes: N Options: Open 	
650	16:07:12	rundll32.exe:4220	FASTIO_QUERY_BASIC_INFO	C:\WINDOWS\system32\win.com	SUCCESS	Attributes: A	
651	16:07:12	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\system32\win.com	SUCCESS		
652	16:07:12	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\system32\win.com	SUCCESS		
653	16:07:12	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\dswiz.dat	FILE NOT FOUND	Attributes: N Options: Open 	
654	16:07:12	rundll32.exe:4220	IRP_MJ_CREATE	C:\DOCUME~1\unknown\LOCALS~1\Temp\	NAME COLLISION	Attributes: N Options: Create Directory 	
655	16:07:12	rundll32.exe:4220	IRP_MJ_CREATE	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS	Attributes: N Options: OpenIf 	
656	16:07:12	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS	Size: 3839	
657	16:07:12	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS	Size: 3839	
658	16:07:12	rundll32.exe:4220	IRP_MJ_WRITE 	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS	Offset: 3839 Length: 31	
659	16:07:12	rundll32.exe:4220	FASTIO_QUERY_OPEN	C:\WINDOWS\system32\tapi32d.exe	SUCCESS		
660	16:07:12	rundll32.exe:4220	FASTIO_QUERY_OPEN	C:\WINDOWS\system32\tapi32d.exe	SUCCESS		
661	16:07:12	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\tapi32d.exe	FILE NOT FOUND	Attributes: N Options: Open 	
662	16:07:12	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS	Size: 3870	
663	16:07:12	rundll32.exe:4220	FASTIO_WRITE	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS	Offset: 3870 Length: 56	
664	16:07:12	rundll32.exe:4220	FASTIO_QUERY_OPEN	C:\WINDOWS\system32\tapi32d.exe	SUCCESS		
665	16:07:12	rundll32.exe:4220	FASTIO_QUERY_OPEN	C:\WINDOWS\system32\tapi32d.exe	SUCCESS		
666	16:07:12	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\typecli.exe	FILE NOT FOUND	Attributes: N Options: Open 	
667	16:07:12	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS	Size: 3926	
668	16:07:12	rundll32.exe:4220	FASTIO_WRITE	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS	Offset: 3926 Length: 18	
669	16:07:12	rundll32.exe:4220	IRP_MJ_CREATE	C:\windows\system32\mswmpdat.tlb	SUCCESS	Attributes: N Options: Open 	
670	16:07:12	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\windows\system32\mswmpdat.tlb	SUCCESS	Size: 6162	
671	16:07:12	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS	Size: 3944	
672	16:07:12	rundll32.exe:4220	FASTIO_READ	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS	Offset: 0 Length: 3944	
673	16:07:12	rundll32.exe:4220	IRP_MJ_WRITE 	C:\windows\system32\mswmpdat.tlb	SUCCESS	Offset: 6162 Length: 3944	
674	16:07:12	rundll32.exe:4220	IRP_MJ_READ*	C:\windows\system32\mswmpdat.tlb	SUCCESS	Offset: 4096 Length: 8192	
675	16:07:12	rundll32.exe:4220	FASTIO_QUERY_OPEN	C:\WINDOWS\explorer.exe.Local	SUCCESS		
676	16:07:12	rundll32.exe:4220	FASTIO_QUERY_OPEN	C:\WINDOWS\explorer.exe.Local	SUCCESS		
677	16:07:12	rundll32.exe:4220	IRP_MJ_CREATE	C:\WINDOWS\system32\iphlpapi.dll	SUCCESS	Attributes: Any Options: Open 	
678	16:07:12	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\system32\iphlpapi.dll	SUCCESS		
679	16:07:12	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\system32\iphlpapi.dll	SUCCESS		
680	16:07:12	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\windows\system32\mswmpdat.tlb	SUCCESS		
681	16:07:12	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS		
682	16:07:12	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS		
683	16:07:12	rundll32.exe:4220	IRP_MJ_CREATE	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SHARING VIOLATION	Attributes: Any Options: Open 	
684	16:07:12	rundll32.exe:4220	IRP_MJ_CREATE	C:\DOCUME~1\unknown\LOCALS~1\Temp\	NAME COLLISION	Attributes: N Options: Create Directory 	
685	16:07:12	rundll32.exe:4220	IRP_MJ_CREATE	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS	Attributes: N Options: OpenIf 	
686	16:07:12	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS	Size: 3944	
687	16:07:12	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS	Size: 3944	
688	16:07:12	rundll32.exe:4220	IRP_MJ_WRITE 	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS	Offset: 3944 Length: 31	
689	16:07:12	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS	Size: 3975	
690	16:07:12	rundll32.exe:4220	FASTIO_WRITE	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS	Offset: 3975 Length: 23	
691	16:07:12	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS	Size: 3998	
692	16:07:12	rundll32.exe:4220	FASTIO_WRITE	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	FAILURE	Offset: 3998 Length: 421	
693	16:07:12	rundll32.exe:4220	IRP_MJ_WRITE 	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS	Offset: 3998 Length: 421	
694	16:07:12	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS	Size: 4419	
695	16:07:12	rundll32.exe:4220	FASTIO_WRITE	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS	Offset: 4419 Length: 27	
696	16:07:12	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS	Size: 4446	
697	16:07:12	rundll32.exe:4220	FASTIO_WRITE	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS	Offset: 4446 Length: 22	
698	16:07:12	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS	Size: 4468	
699	16:07:12	rundll32.exe:4220	FASTIO_WRITE	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS	Offset: 4468 Length: 28	
700	16:07:12	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS	Size: 4496	
701	16:07:12	rundll32.exe:4220	FASTIO_WRITE	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS	Offset: 4496 Length: 22	
702	16:07:12	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS	Size: 4518	
703	16:07:12	rundll32.exe:4220	FASTIO_WRITE	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS	Offset: 4518 Length: 22	
704	16:07:12	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS	Size: 4540	
705	16:07:12	rundll32.exe:4220	FASTIO_WRITE	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS	Offset: 4540 Length: 18	
706	16:07:12	rundll32.exe:4220	IRP_MJ_CREATE	C:\windows\system32\mswmpdat.tlb	SUCCESS	Attributes: N Options: Open 	
707	16:07:12	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\windows\system32\mswmpdat.tlb	SUCCESS	Size: 10106	
708	16:07:12	rundll32.exe:4220	FASTIO_QUERY_STANDARD_INFO	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS	Size: 4558	
709	16:07:12	rundll32.exe:4220	FASTIO_READ	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS	Offset: 0 Length: 4558	
710	16:07:12	rundll32.exe:4220	IRP_MJ_WRITE 	C:\windows\system32\mswmpdat.tlb	SUCCESS	Offset: 10106 Length: 4558	
711	16:07:12	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\windows\system32\mswmpdat.tlb	SUCCESS		
712	16:07:12	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\windows\system32\mswmpdat.tlb	SUCCESS		
713	16:07:12	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS		
714	16:07:12	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SUCCESS		
715	16:07:12	rundll32.exe:4220	IRP_MJ_CREATE	C:\DOCUME~1\unknown\LOCALS~1\Temp\6D73776D706461742E746C62FA.tmp	SHARING VIOLATION	Attributes: Any Options: Open 	
716	16:07:17	svchost.exe:1176	IRP_MJ_CREATE	C:\WINDOWS\Prefetch\RUNDLL32.EXE-3D13FD1B.pf	SUCCESS	Attributes: Any Options: Open 	
717	16:07:17	svchost.exe:1176	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\Prefetch\RUNDLL32.EXE-3D13FD1B.pf	SUCCESS	Size: 15530	
718	16:07:17	svchost.exe:1176	FASTIO_QUERY_STANDARD_INFO	C:\WINDOWS\Prefetch\RUNDLL32.EXE-3D13FD1B.pf	SUCCESS	Size: 15530	
719	16:07:17	svchost.exe:1176	IRP_MJ_CLEANUP	C:\WINDOWS\Prefetch\RUNDLL32.EXE-3D13FD1B.pf	SUCCESS		
720	16:07:17	svchost.exe:1176	IRP_MJ_CLOSE 	C:\WINDOWS\Prefetch\RUNDLL32.EXE-3D13FD1B.pf	SUCCESS		
721	16:07:17	svchost.exe:1176	IRP_MJ_CREATE	C:\WINDOWS\Prefetch\RUNDLL32.EXE-3D13FD1B.pf	SUCCESS	Attributes: Any Options: OverwriteIf 	
722	16:07:17	System:4	IRP_MJ_CLOSE 	C:\WINDOWS\Prefetch\RUNDLL32.EXE-3D13FD1B.pf	SUCCESS		
723	16:07:17	svchost.exe:1176	IRP_MJ_WRITE 	C:\WINDOWS\Prefetch\RUNDLL32.EXE-3D13FD1B.pf	SUCCESS	Offset: 0 Length: 15530	
724	16:07:17	svchost.exe:1176	IRP_MJ_CLEANUP	C:\WINDOWS\Prefetch\RUNDLL32.EXE-3D13FD1B.pf	SUCCESS		
725	16:07:17	svchost.exe:1176	IRP_MJ_CLOSE 	C:\WINDOWS\Prefetch\RUNDLL32.EXE-3D13FD1B.pf	SUCCESS		
726	16:07:17	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local\	SUCCESS		
727	16:07:17	rundll32.exe:4220	FASTIO_QUERY_OPEN	E:\Dev-C++\Bin\rundll32.exe.Local\	SUCCESS		
728	16:07:17	rundll32.exe:4220	IRP_MJ_CLEANUP	E:\Dev-C++\Bin	SUCCESS		
729	16:07:17	rundll32.exe:4220	IRP_MJ_CLOSE 	E:\Dev-C++\Bin	SUCCESS		
730	16:07:17	rundll32.exe:4220	IRP_MJ_CLEANUP	C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03	SUCCESS		
731	16:07:17	rundll32.exe:4220	IRP_MJ_CLOSE 	C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03	SUCCESS		
732	16:07:17	System:4	IRP_MJ_CLOSE 	E:\Dev-C++\Bin\rundll32.exe	SUCCESS		
733	16:07:18	System:4	IRP_MJ_WRITE*	C:\WINDOWS\Prefetch\RUNDLL32.EXE-3D13FD1B.pf	SUCCESS	Offset: 0 Length: 16384	
734	16:07:18	System:4	IRP_MJ_SET_INFORMATION*	C:\WINDOWS\Prefetch\RUNDLL32.EXE-3D13FD1B.pf	SUCCESS	FileEndOfFileInformation