Time of Day;;Process Name;PID;Operation;Path;Result;Detail
16:32:36;1968501;MySQLWorkbench.exe;3404;RegOpenKey;HKLM\SOFTWARE\Microsoft\CTF\KnownClasses;NAME NOT FOUND;Desired Access: Read
16:32:36;1971872;MySQLWorkbench.exe;3404;RegOpenKey;HKLM\SOFTWARE\Microsoft\CTF\KnownClasses;NAME NOT FOUND;Desired Access: Read
16:32:36;1975712;MySQLWorkbench.exe;3404;RegOpenKey;HKLM\SOFTWARE\Microsoft\CTF\KnownClasses;NAME NOT FOUND;Desired Access: Read
16:32:36;3329968;MySQLWorkbench.exe;3404;RegOpenKey;HKLM\SOFTWARE\Microsoft\CTF\KnownClasses;NAME NOT FOUND;Desired Access: Read
16:32:36;3354214;MySQLWorkbench.exe;3404;QueryOpen;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\mysql.exe;FAST IO DISALLOWED;
16:32:36;3355124;MySQLWorkbench.exe;3404;CreateFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\mysql.exe;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3356351;MySQLWorkbench.exe;3404;QueryStandardInformationFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\mysql.exe;SUCCESS;AllocationSize: 2.351.104, EndOfFile: 2.347.648, NumberOfLinks: 1, DeletePending: False, Directory: False
16:32:36;3356587;MySQLWorkbench.exe;3404;QueryNetworkOpenInformationFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\mysql.exe;SUCCESS;CreationTime: 03-11-2009 21:08:02, LastAccessTime: 22-02-2010 11:56:27, LastWriteTime: 03-11-2009 21:08:02, ChangeTime: 22-02-2010 11:56:27, AllocationSize: 01-01-1601 01:00:00, EndOfFile: 01-01-1601 01:00:00, FileAttributes: A
16:32:36;3356685;MySQLWorkbench.exe;3404;CloseFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\mysql.exe;SUCCESS;
16:32:36;3359185;MySQLWorkbench.exe;3404;QueryOpen;C:\Users\erwin\AppData\Roaming;FAST IO DISALLOWED;
16:32:36;3360003;MySQLWorkbench.exe;3404;CreateFile;C:\Users\erwin\AppData\Roaming;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3360280;MySQLWorkbench.exe;3404;QueryBasicInformationFile;C:\Users\erwin\AppData\Roaming;SUCCESS;CreationTime: 25-01-2010 09:21:18, LastAccessTime: 11-02-2010 20:31:08, LastWriteTime: 11-02-2010 20:31:08, ChangeTime: 11-02-2010 20:31:08, FileAttributes: DNCI
16:32:36;3360369;MySQLWorkbench.exe;3404;CloseFile;C:\Users\erwin\AppData\Roaming;SUCCESS;
16:32:36;3362817;MySQLWorkbench.exe;3404;QueryOpen;C:\Users\erwin\AppData\Roaming\MySQL\Workbench\workbench_user_data.dat;FAST IO DISALLOWED;
16:32:36;3364582;MySQLWorkbench.exe;3404;CreateFile;C:\Users\erwin\AppData\Roaming\MySQL\Workbench\workbench_user_data.dat;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3366302;MySQLWorkbench.exe;3404;QueryStandardInformationFile;C:\Users\erwin\AppData\Roaming\MySQL\Workbench\workbench_user_data.dat;SUCCESS;AllocationSize: 304, EndOfFile: 298, NumberOfLinks: 1, DeletePending: False, Directory: False
16:32:36;3366511;MySQLWorkbench.exe;3404;QueryBasicInformationFile;C:\Users\erwin\AppData\Roaming\MySQL\Workbench\workbench_user_data.dat;SUCCESS;CreationTime: 22-02-2010 12:01:16, LastAccessTime: 22-02-2010 12:01:16, LastWriteTime: 22-02-2010 12:01:16, ChangeTime: 22-02-2010 12:01:16, FileAttributes: ANCI
16:32:36;3366602;MySQLWorkbench.exe;3404;CloseFile;C:\Users\erwin\AppData\Roaming\MySQL\Workbench\workbench_user_data.dat;SUCCESS;
16:32:36;3368940;MySQLWorkbench.exe;3404;CreateFile;C:\Users\erwin\AppData\Roaming\MySQL\Workbench\workbench_user_data.dat;SUCCESS;Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened
16:32:36;3369895;MySQLWorkbench.exe;3404;ReadFile;C:\Users\erwin\AppData\Roaming\MySQL\Workbench\workbench_user_data.dat;SUCCESS;Offset: 0, Length: 298
16:32:36;3370117;MySQLWorkbench.exe;3404;ReadFile;C:\Users\erwin\AppData\Roaming\MySQL\Workbench\workbench_user_data.dat;END OF FILE;Offset: 298, Length: 4.096
16:32:36;3370311;MySQLWorkbench.exe;3404;CloseFile;C:\Users\erwin\AppData\Roaming\MySQL\Workbench\workbench_user_data.dat;SUCCESS;
16:32:36;3386535;MySQLWorkbench.exe;3404;Thread Create;;SUCCESS;Thread ID: 4688
16:32:36;3398539;MySQLWorkbench.exe;3404;CreateFile;C:\Users\erwin\AppData\Local\Temp\tmpystmgt;SUCCESS;Desired Access: Generic Read/Write, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Created
16:32:36;3401169;MySQLWorkbench.exe;3404;QueryStandardInformationFile;C:\Users\erwin\AppData\Local\Temp\tmpystmgt;SUCCESS;AllocationSize: 0, EndOfFile: 0, NumberOfLinks: 1, DeletePending: False, Directory: False
16:32:36;3404798;MySQLWorkbench.exe;3404;QueryInformationVolume;C:\Users\erwin\AppData\Local\Temp\tmpystmgt;SUCCESS;VolumeCreationTime: 25-01-2010 09:02:12, VolumeSerialNumber: 00B8-32B0, SupportsObjects: True, VolumeLabel: OS
16:32:36;3404947;MySQLWorkbench.exe;3404;QueryAllInformationFile;C:\Users\erwin\AppData\Local\Temp\tmpystmgt;BUFFER OVERFLOW;CreationTime: 22-02-2010 16:32:36, LastAccessTime: 22-02-2010 16:32:36, LastWriteTime: 22-02-2010 16:32:36, ChangeTime: 22-02-2010 16:32:36, FileAttributes: ANCI, AllocationSize: 0, EndOfFile: 0, NumberOfLinks: 1, DeletePending: False, Directory: False, IndexNumber: 0xe00000000db28, EaSize: 0, Access: Generic Read/Write, Position: 0, Mode: Synchronous IO Non-Alert, AlignmentRequirement: Word
16:32:36;3406732;MySQLWorkbench.exe;3404;CreateFile;C:\Users\erwin\AppData\Local\Temp\tmpystmgt;SUCCESS;Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Overwritten
16:32:36;3407690;MySQLWorkbench.exe;3404;QueryInformationVolume;C:\Users\erwin\AppData\Local\Temp\tmpystmgt;SUCCESS;VolumeCreationTime: 25-01-2010 09:02:12, VolumeSerialNumber: 00B8-32B0, SupportsObjects: True, VolumeLabel: OS
16:32:36;3407821;MySQLWorkbench.exe;3404;QueryAllInformationFile;C:\Users\erwin\AppData\Local\Temp\tmpystmgt;BUFFER OVERFLOW;CreationTime: 22-02-2010 16:32:36, LastAccessTime: 22-02-2010 16:32:36, LastWriteTime: 22-02-2010 16:32:36, ChangeTime: 22-02-2010 16:32:36, FileAttributes: ANCI, AllocationSize: 0, EndOfFile: 0, NumberOfLinks: 1, DeletePending: False, Directory: False, IndexNumber: 0xe00000000db28, EaSize: 0, Access: Generic Write, Read Attributes, Position: 0, Mode: Synchronous IO Non-Alert, AlignmentRequirement: Word
16:32:36;3408025;MySQLWorkbench.exe;3404;CloseFile;C:\Users\erwin\AppData\Local\Temp\tmpystmgt;SUCCESS;
16:32:36;3408498;MySQLWorkbench.exe;3404;WriteFile;C:\Users\erwin\AppData\Local\Temp\tmpystmgt;SUCCESS;Offset: 0, Length: 27, Priority: Normal
16:32:36;3409155;MySQLWorkbench.exe;3404;CloseFile;C:\Users\erwin\AppData\Local\Temp\tmpystmgt;SUCCESS;
16:32:36;3415798;MySQLWorkbench.exe;3404;QueryOpen;C:\Windows\System32\cmd.exe;FAST IO DISALLOWED;
16:32:36;3416916;MySQLWorkbench.exe;3404;CreateFile;C:\Windows\System32\cmd.exe;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3418442;MySQLWorkbench.exe;3404;QueryBasicInformationFile;C:\Windows\System32\cmd.exe;SUCCESS;CreationTime: 25-01-2010 09:30:05, LastAccessTime: 25-01-2010 09:30:05, LastWriteTime: 18-01-2008 23:33:06, ChangeTime: 25-01-2010 09:58:58, FileAttributes: A
16:32:36;3418570;MySQLWorkbench.exe;3404;CloseFile;C:\Windows\System32\cmd.exe;SUCCESS;
16:32:36;3419882;MySQLWorkbench.exe;3404;QueryOpen;C:\Windows\System32\cmd.exe;FAST IO DISALLOWED;
16:32:36;3421086;MySQLWorkbench.exe;3404;CreateFile;C:\Windows\System32\cmd.exe;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3422359;MySQLWorkbench.exe;3404;QueryBasicInformationFile;C:\Windows\System32\cmd.exe;SUCCESS;CreationTime: 25-01-2010 09:30:05, LastAccessTime: 25-01-2010 09:30:05, LastWriteTime: 18-01-2008 23:33:06, ChangeTime: 25-01-2010 09:58:58, FileAttributes: A
16:32:36;3422455;MySQLWorkbench.exe;3404;CloseFile;C:\Windows\System32\cmd.exe;SUCCESS;
16:32:36;3424916;MySQLWorkbench.exe;3404;CreateFile;C:\Windows\System32\cmd.exe;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3427489;MySQLWorkbench.exe;3404;RegOpenKey;HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmd.exe;NAME NOT FOUND;Desired Access: Query Value, Enumerate Sub Keys
16:32:36;3427861;MySQLWorkbench.exe;3404;QuerySecurityFile;C:\Windows\System32\cmd.exe;SUCCESS;Information: 0x10
16:32:36;3429082;MySQLWorkbench.exe;3404;QueryNameInformationFile;C:\Windows\System32\cmd.exe;SUCCESS;Name: \Windows\System32\cmd.exe
16:32:36;3430274;MySQLWorkbench.exe;3404;Process Create;C:\Windows\system32\cmd.exe;SUCCESS;"PID: 6104, Command line: C:\Windows\system32\cmd.exe /c mysql.exe --defaults-extra-file=c:\users\erwin\appdata\local\temp\tmpystmgt   --host=127.0.0.1 --user=root --port=3306 --comments < ""D:\\Dump20100219\\drupal_dss_access.sql"""
16:32:36;3430300;cmd.exe;6104;Process Start;;SUCCESS;Parent PID: 3404
16:32:36;3430329;cmd.exe;6104;Thread Create;;SUCCESS;Thread ID: 4540
16:32:36;3430705;MySQLWorkbench.exe;3404;QuerySecurityFile;C:\Windows\System32\cmd.exe;SUCCESS;Information: Owner, Group, DACL, SACL, 0x10
16:32:36;3430904;MySQLWorkbench.exe;3404;QueryBasicInformationFile;C:\Windows\System32\cmd.exe;SUCCESS;CreationTime: 25-01-2010 09:30:05, LastAccessTime: 25-01-2010 09:30:05, LastWriteTime: 18-01-2008 23:33:06, ChangeTime: 25-01-2010 09:58:58, FileAttributes: A
16:32:36;3431397;MySQLWorkbench.exe;3404;RegOpenKey;HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers;SUCCESS;Desired Access: Query Value
16:32:36;3431717;MySQLWorkbench.exe;3404;RegQueryValue;HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\C:\Windows\system32\cmd.exe;NAME NOT FOUND;Length: 16
16:32:36;3431883;MySQLWorkbench.exe;3404;RegCloseKey;HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers;SUCCESS;
16:32:36;3432057;MySQLWorkbench.exe;3404;RegOpenKey;HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\cmd.exe;NAME NOT FOUND;Desired Access: Query Value
16:32:36;3432246;MySQLWorkbench.exe;3404;RegOpenKey;HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide;SUCCESS;Desired Access: Read
16:32:36;3432458;MySQLWorkbench.exe;3404;RegQueryValue;HKLM\COMPONENTS\PreferExternalManifest;NAME NOT FOUND;Length: 20
16:32:36;3432571;MySQLWorkbench.exe;3404;RegCloseKey;HKLM\COMPONENTS;SUCCESS;
16:32:36;3437842;MySQLWorkbench.exe;3404;CreateFile;C:\Windows\AppPatch\sysmain.sdb;SUCCESS;Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened
16:32:36;3439354;MySQLWorkbench.exe;3404;QueryStandardInformationFile;C:\Windows\AppPatch\sysmain.sdb;SUCCESS;AllocationSize: 3.293.184, EndOfFile: 3.289.592, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3439544;MySQLWorkbench.exe;3404;QueryStandardInformationFile;C:\Windows\AppPatch\sysmain.sdb;SUCCESS;AllocationSize: 3.293.184, EndOfFile: 3.289.592, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3439919;MySQLWorkbench.exe;3404;QueryStandardInformationFile;C:\Windows\AppPatch\sysmain.sdb;SUCCESS;AllocationSize: 3.293.184, EndOfFile: 3.289.592, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3440532;MySQLWorkbench.exe;3404;CloseFile;C:\Windows\AppPatch\sysmain.sdb;SUCCESS;
16:32:36;3440788;MySQLWorkbench.exe;3404;CloseFile;C:\Windows\System32\cmd.exe;SUCCESS;
16:32:36;3442633;cmd.exe;6104;Load Image;C:\Windows\System32\cmd.exe;SUCCESS;Image Base: 0x4ab10000, Image Size: 0x50000
16:32:36;3444264;cmd.exe;6104;Load Image;C:\Windows\System32\ntdll.dll;SUCCESS;Image Base: 0x777c0000, Image Size: 0x127000
16:32:36;3446621;cmd.exe;6104;CreateFile;C:\Windows\Prefetch\CMD.EXE-0BD30981.pf;SUCCESS;Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: None, AllocationSize: n/a, OpenResult: Opened
16:32:36;3446924;cmd.exe;6104;QueryStandardInformationFile;C:\Windows\Prefetch\CMD.EXE-0BD30981.pf;SUCCESS;AllocationSize: 8.192, EndOfFile: 6.410, NumberOfLinks: 1, DeletePending: False, Directory: False
16:32:36;3447120;cmd.exe;6104;ReadFile;C:\Windows\Prefetch\CMD.EXE-0BD30981.pf;SUCCESS;Offset: 0, Length: 6.410, Priority: Normal
16:32:36;3447460;cmd.exe;6104;CloseFile;C:\Windows\Prefetch\CMD.EXE-0BD30981.pf;SUCCESS;
16:32:36;3450052;cmd.exe;6104;CreateFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened
16:32:36;3451999;cmd.exe;6104;Load Image;C:\Windows\System32\kernel32.dll;SUCCESS;Image Base: 0x77180000, Image Size: 0xdc000
16:32:36;3501843;cmd.exe;6104;Load Image;C:\Windows\System32\advapi32.dll;SUCCESS;Image Base: 0x776f0000, Image Size: 0xc6000
16:32:36;3504680;cmd.exe;6104;Load Image;C:\Windows\System32\rpcrt4.dll;SUCCESS;Image Base: 0x77020000, Image Size: 0xc3000
16:32:36;3510395;cmd.exe;6104;Load Image;C:\Windows\System32\msvcrt.dll;SUCCESS;Image Base: 0x761f0000, Image Size: 0xaa000
16:32:36;3512083;cmd.exe;6104;RegOpenKey;HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon;SUCCESS;Desired Access: Read
16:32:36;3512402;cmd.exe;6104;RegQueryValue;HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\LeakTrack;NAME NOT FOUND;Length: 144
16:32:36;3512551;cmd.exe;6104;RegCloseKey;HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon;SUCCESS;
16:32:36;3512836;cmd.exe;6104;RegOpenKey;HKLM\System\Setup;SUCCESS;Desired Access: Read
16:32:36;3513020;cmd.exe;6104;RegQueryValue;HKLM\SYSTEM\Setup\SystemSetupInProgress;SUCCESS;Type: REG_DWORD, Length: 4, Data: 0
16:32:36;3513149;cmd.exe;6104;RegCloseKey;HKLM\SYSTEM\Setup;SUCCESS;
16:32:36;3513272;cmd.exe;6104;RegOpenKey;HKLM;SUCCESS;Desired Access: Maximum Allowed, Granted Access: Read
16:32:36;3513483;cmd.exe;6104;RegOpenKey;HKLM\Software\Microsoft\Windows NT\CurrentVersion\Diagnostics;NAME NOT FOUND;Desired Access: Read
16:32:36;3515013;cmd.exe;6104;QueryNameInformationFile;C:\Windows\System32\cmd.exe;SUCCESS;Name: \Windows\System32\cmd.exe
16:32:36;3516162;cmd.exe;6104;RegOpenKey;HKLM\Software\Policies\Microsoft\MUI\Settings;NAME NOT FOUND;Desired Access: Read
16:32:36;3516419;cmd.exe;6104;RegOpenKey;HKCU;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;3516634;cmd.exe;6104;RegOpenKey;HKCU\Software\Policies\Microsoft\Control Panel\Desktop;NAME NOT FOUND;Desired Access: Read
16:32:36;3516786;cmd.exe;6104;RegOpenKey;HKCU\Control Panel\Desktop;SUCCESS;Desired Access: Read
16:32:36;3516963;cmd.exe;6104;RegOpenKey;HKCU\Control Panel\Desktop\LanguageConfiguration;SUCCESS;Desired Access: Read
16:32:36;3517198;cmd.exe;6104;RegEnumValue;HKCU\Control Panel\Desktop\LanguageConfiguration;NO MORE ENTRIES;Index: 0, Length: 512
16:32:36;3517334;cmd.exe;6104;RegCloseKey;HKCU\Control Panel\Desktop\LanguageConfiguration;SUCCESS;
16:32:36;3517445;cmd.exe;6104;RegCloseKey;HKCU\Control Panel\Desktop;SUCCESS;
16:32:36;3517541;cmd.exe;6104;RegCloseKey;HKCU;SUCCESS;
16:32:36;3517653;cmd.exe;6104;RegOpenKey;HKLM\Software\Policies\Microsoft\MUI\Settings;NAME NOT FOUND;Desired Access: Read
16:32:36;3517850;cmd.exe;6104;RegOpenKey;HKCU;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;3518075;cmd.exe;6104;RegOpenKey;HKCU\Software\Policies\Microsoft\Control Panel\Desktop;NAME NOT FOUND;Desired Access: Read
16:32:36;3518211;cmd.exe;6104;RegOpenKey;HKCU\Control Panel\Desktop;SUCCESS;Desired Access: Read
16:32:36;3518355;cmd.exe;6104;RegCloseKey;HKCU;SUCCESS;
16:32:36;3518475;cmd.exe;6104;RegQueryValue;HKCU\Control Panel\Desktop\PreferredUILanguages;NAME NOT FOUND;Length: 12
16:32:36;3518637;cmd.exe;6104;RegCloseKey;HKCU\Control Panel\Desktop;SUCCESS;
16:32:36;3518748;cmd.exe;6104;RegOpenKey;HKLM\Software\Policies\Microsoft\MUI\Settings;NAME NOT FOUND;Desired Access: Read
16:32:36;3518937;cmd.exe;6104;RegOpenKey;HKCU;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;3519108;cmd.exe;6104;RegOpenKey;HKCU\Control Panel\Desktop;SUCCESS;Desired Access: Read
16:32:36;3519296;cmd.exe;6104;RegCloseKey;HKCU;SUCCESS;
16:32:36;3519423;cmd.exe;6104;RegQueryValue;HKCU\Control Panel\Desktop\CachedMachinePreferredUILanguages;NAME NOT FOUND;Length: 12
16:32:36;3519551;cmd.exe;6104;RegOpenKey;HKLM\System\CurrentControlSet\Control\MUI\Settings;REPARSE;Desired Access: Read
16:32:36;3519715;cmd.exe;6104;RegOpenKey;HKLM\System\CurrentControlSet\Control\MUI\Settings;SUCCESS;Desired Access: Read
16:32:36;3519902;cmd.exe;6104;RegQueryValue;HKLM\System\CurrentControlSet\Control\MUI\Settings\PreferredUILanguages;NAME NOT FOUND;Length: 12
16:32:36;3520028;cmd.exe;6104;RegCloseKey;HKLM\System\CurrentControlSet\Control\MUI\Settings;SUCCESS;
16:32:36;3520143;cmd.exe;6104;RegCloseKey;HKCU\Control Panel\Desktop;SUCCESS;
16:32:36;3538562;cmd.exe;6104;RegOpenKey;HKLM\Software\Policies\Microsoft\MUI\Settings;NAME NOT FOUND;Desired Access: Read
16:32:36;3538827;cmd.exe;6104;RegOpenKey;HKCU;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;3539094;cmd.exe;6104;RegOpenKey;HKCU\Software\Policies\Microsoft\Control Panel\Desktop;NAME NOT FOUND;Desired Access: Read
16:32:36;3539244;cmd.exe;6104;RegOpenKey;HKCU\Control Panel\Desktop;SUCCESS;Desired Access: Read
16:32:36;3539406;cmd.exe;6104;RegCloseKey;HKCU;SUCCESS;
16:32:36;3539536;cmd.exe;6104;RegQueryValue;HKCU\Control Panel\Desktop\PreferredUILanguages;NAME NOT FOUND;Length: 12
16:32:36;3539688;cmd.exe;6104;RegCloseKey;HKCU\Control Panel\Desktop;SUCCESS;
16:32:36;3540142;cmd.exe;6104;RegOpenKey;HKCU;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;3540336;cmd.exe;6104;RegOpenKey;HKCU\Software\Policies\Microsoft\Windows\System;NAME NOT FOUND;Desired Access: Read
16:32:36;3542414;cmd.exe;6104;RegOpenKey;HKLM\Software\Microsoft\Command Processor;SUCCESS;Desired Access: Maximum Allowed, Granted Access: Read
16:32:36;3542643;cmd.exe;6104;RegQueryValue;HKLM\SOFTWARE\Microsoft\Command Processor\DisableUNCCheck;NAME NOT FOUND;Length: 144
16:32:36;3542777;cmd.exe;6104;RegQueryValue;HKLM\SOFTWARE\Microsoft\Command Processor\EnableExtensions;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1
16:32:36;3542902;cmd.exe;6104;RegQueryValue;HKLM\SOFTWARE\Microsoft\Command Processor\DelayedExpansion;NAME NOT FOUND;Length: 144
16:32:36;3543011;cmd.exe;6104;RegQueryValue;HKLM\SOFTWARE\Microsoft\Command Processor\DefaultColor;SUCCESS;Type: REG_DWORD, Length: 4, Data: 0
16:32:36;3543129;cmd.exe;6104;RegQueryValue;HKLM\SOFTWARE\Microsoft\Command Processor\CompletionChar;SUCCESS;Type: REG_DWORD, Length: 4, Data: 64
16:32:36;3543245;cmd.exe;6104;RegQueryValue;HKLM\SOFTWARE\Microsoft\Command Processor\PathCompletionChar;SUCCESS;Type: REG_DWORD, Length: 4, Data: 64
16:32:36;3543361;cmd.exe;6104;RegQueryValue;HKLM\SOFTWARE\Microsoft\Command Processor\AutoRun;NAME NOT FOUND;Length: 144
16:32:36;3543575;cmd.exe;6104;RegCloseKey;HKLM\SOFTWARE\Microsoft\Command Processor;SUCCESS;
16:32:36;3543699;cmd.exe;6104;RegOpenKey;HKCU\Software\Microsoft\Command Processor;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;3543912;cmd.exe;6104;RegQueryValue;HKCU\Software\Microsoft\Command Processor\DisableUNCCheck;NAME NOT FOUND;Length: 144
16:32:36;3544054;cmd.exe;6104;RegQueryValue;HKCU\Software\Microsoft\Command Processor\EnableExtensions;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1
16:32:36;3544178;cmd.exe;6104;RegQueryValue;HKCU\Software\Microsoft\Command Processor\DelayedExpansion;NAME NOT FOUND;Length: 144
16:32:36;3544293;cmd.exe;6104;RegQueryValue;HKCU\Software\Microsoft\Command Processor\DefaultColor;SUCCESS;Type: REG_DWORD, Length: 4, Data: 0
16:32:36;3544413;cmd.exe;6104;RegQueryValue;HKCU\Software\Microsoft\Command Processor\CompletionChar;SUCCESS;Type: REG_DWORD, Length: 4, Data: 9
16:32:36;3544534;cmd.exe;6104;RegQueryValue;HKCU\Software\Microsoft\Command Processor\PathCompletionChar;SUCCESS;Type: REG_DWORD, Length: 4, Data: 9
16:32:36;3544658;cmd.exe;6104;RegQueryValue;HKCU\Software\Microsoft\Command Processor\AutoRun;NAME NOT FOUND;Length: 144
16:32:36;3544779;cmd.exe;6104;RegCloseKey;HKCU\Software\Microsoft\Command Processor;SUCCESS;
16:32:36;3546645;cmd.exe;6104;QueryOpen;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;FAST IO DISALLOWED;
16:32:36;3547644;cmd.exe;6104;CreateFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3549437;cmd.exe;6104;QueryBasicInformationFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;CreationTime: 22-02-2010 11:56:27, LastAccessTime: 22-02-2010 11:56:33, LastWriteTime: 22-02-2010 11:56:33, ChangeTime: 22-02-2010 11:56:33, FileAttributes: D
16:32:36;3549546;cmd.exe;6104;CloseFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;
16:32:36;3549992;cmd.exe;6104;CreateFile;C:\;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3550357;cmd.exe;6104;QueryDirectory;C:\Program Files;SUCCESS;Filter: Program Files, 1: Program Files
16:32:36;3550646;cmd.exe;6104;CloseFile;C:\;SUCCESS;
16:32:36;3551945;cmd.exe;6104;CreateFile;C:\Program Files;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3552296;cmd.exe;6104;QueryDirectory;C:\Program Files\MySQL;SUCCESS;Filter: MySQL, 1: MySQL
16:32:36;3552553;cmd.exe;6104;CloseFile;C:\Program Files;SUCCESS;
16:32:36;3553800;cmd.exe;6104;CreateFile;C:\Program Files\MySQL;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3554128;cmd.exe;6104;QueryDirectory;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;Filter: MySQL Workbench 5.2 OSS, 1: MySQL Workbench 5.2 OSS
16:32:36;3554352;cmd.exe;6104;CloseFile;C:\Program Files\MySQL;SUCCESS;
16:32:36;3555729;cmd.exe;6104;QueryOpen;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;FAST IO DISALLOWED;
16:32:36;3556672;cmd.exe;6104;CreateFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3556963;cmd.exe;6104;QueryBasicInformationFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;CreationTime: 22-02-2010 11:56:27, LastAccessTime: 22-02-2010 11:56:33, LastWriteTime: 22-02-2010 11:56:33, ChangeTime: 22-02-2010 11:56:33, FileAttributes: D
16:32:36;3557097;cmd.exe;6104;CloseFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;
16:32:36;3563409;cmd.exe;6104;RegOpenKey;HKLM\System\CurrentControlSet\Control\Nls\CustomLocale;REPARSE;Desired Access: Read
16:32:36;3563644;cmd.exe;6104;RegOpenKey;HKLM\System\CurrentControlSet\Control\Nls\CustomLocale;SUCCESS;Desired Access: Read
16:32:36;3563867;cmd.exe;6104;RegQueryValue;HKLM\System\CurrentControlSet\Control\Nls\CustomLocale\nl-NL;NAME NOT FOUND;Length: 532
16:32:36;3563990;cmd.exe;6104;RegCloseKey;HKLM\System\CurrentControlSet\Control\Nls\CustomLocale;SUCCESS;
16:32:36;3564115;cmd.exe;6104;RegOpenKey;HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale;REPARSE;Desired Access: Read
16:32:36;3564315;cmd.exe;6104;RegOpenKey;HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale;NAME NOT FOUND;Desired Access: Read
16:32:36;3564856;cmd.exe;6104;RegOpenKey;HKLM\System\CurrentControlSet\Control\Nls\Locale;REPARSE;Desired Access: Read
16:32:36;3565010;cmd.exe;6104;RegOpenKey;HKLM\System\CurrentControlSet\Control\Nls\Locale;SUCCESS;Desired Access: Read
16:32:36;3565186;cmd.exe;6104;RegOpenKey;HKLM\System\CurrentControlSet\Control\Nls\Locale\Alternate Sorts;REPARSE;Desired Access: Read
16:32:36;3565332;cmd.exe;6104;RegOpenKey;HKLM\System\CurrentControlSet\Control\Nls\Locale\Alternate Sorts;SUCCESS;Desired Access: Read
16:32:36;3565499;cmd.exe;6104;RegOpenKey;HKLM\System\CurrentControlSet\Control\Nls\Language Groups;REPARSE;Desired Access: Read
16:32:36;3565646;cmd.exe;6104;RegOpenKey;HKLM\System\CurrentControlSet\Control\Nls\Language Groups;SUCCESS;Desired Access: Read
16:32:36;3565826;cmd.exe;6104;RegQueryValue;HKLM\System\CurrentControlSet\Control\Nls\Locale\00000413;SUCCESS;Type: REG_SZ, Length: 4, Data: 1
16:32:36;3565967;cmd.exe;6104;RegQueryValue;HKLM\System\CurrentControlSet\Control\Nls\Language Groups\1;SUCCESS;Type: REG_SZ, Length: 4, Data: 1
16:32:36;3569392;cmd.exe;6104;CreateFile;D:\Dump20100219\drupal_dss_access.sql;SUCCESS;Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened
16:32:36;3572628;cmd.exe;6104;QueryOpen;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\mysql.exe;FAST IO DISALLOWED;
16:32:36;3573676;cmd.exe;6104;CreateFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\mysql.exe;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3574012;cmd.exe;6104;QueryBasicInformationFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\mysql.exe;SUCCESS;CreationTime: 03-11-2009 21:08:02, LastAccessTime: 22-02-2010 11:56:27, LastWriteTime: 03-11-2009 21:08:02, ChangeTime: 22-02-2010 11:56:27, FileAttributes: A
16:32:36;3574112;cmd.exe;6104;CloseFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\mysql.exe;SUCCESS;
16:32:36;3576598;cmd.exe;6104;CreateFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3576963;cmd.exe;6104;QueryDirectory;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\mysql.exe;SUCCESS;Filter: mysql.exe, 1: mysql.exe
16:32:36;3577217;cmd.exe;6104;CloseFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;
16:32:36;3578795;cmd.exe;6104;QueryOpen;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;FAST IO DISALLOWED;
16:32:36;3579686;cmd.exe;6104;CreateFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3579957;cmd.exe;6104;QueryBasicInformationFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;CreationTime: 22-02-2010 11:56:27, LastAccessTime: 22-02-2010 11:56:33, LastWriteTime: 22-02-2010 11:56:33, ChangeTime: 22-02-2010 11:56:33, FileAttributes: D
16:32:36;3580081;cmd.exe;6104;CloseFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;
16:32:36;3580493;cmd.exe;6104;RegOpenKey;HKLM\System\CurrentControlSet\Control\Session Manager;REPARSE;Desired Access: Query Value
16:32:36;3580675;cmd.exe;6104;RegOpenKey;HKLM\System\CurrentControlSet\Control\Session Manager;SUCCESS;Desired Access: Query Value
16:32:36;3580865;cmd.exe;6104;RegQueryValue;HKLM\System\CurrentControlSet\Control\Session Manager\SafeDllSearchMode;NAME NOT FOUND;Length: 16
16:32:36;3582207;cmd.exe;6104;CreateFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\mysql.exe;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3583770;cmd.exe;6104;RegOpenKey;HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mysql.exe;NAME NOT FOUND;Desired Access: Query Value, Enumerate Sub Keys
16:32:36;3584093;cmd.exe;6104;QuerySecurityFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\mysql.exe;SUCCESS;Information: 0x10
16:32:36;3585288;cmd.exe;6104;QueryNameInformationFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\mysql.exe;SUCCESS;Name: \Program Files\MySQL\MySQL Workbench 5.2 OSS\mysql.exe
16:32:36;3586632;cmd.exe;6104;Process Create;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\mysql.exe;SUCCESS;PID: 2900, Command line: mysql.exe  --defaults-extra-file=c:\users\erwin\appdata\local\temp\tmpystmgt   --host=127.0.0.1 --user=root --port=3306 --comments 
16:32:36;3586658;mysql.exe;2900;Process Start;;SUCCESS;Parent PID: 6104
16:32:36;3586687;mysql.exe;2900;Thread Create;;SUCCESS;Thread ID: 5212
16:32:36;3586935;cmd.exe;6104;RegOpenKey;HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls;REPARSE;Desired Access: Query Value
16:32:36;3587169;cmd.exe;6104;RegOpenKey;HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls;NAME NOT FOUND;Desired Access: Query Value
16:32:36;3587414;cmd.exe;6104;RegOpenKey;HKLM\System\CurrentControlSet\Control\SafeBoot\Option;REPARSE;Desired Access: Query Value, Set Value
16:32:36;3587558;cmd.exe;6104;RegOpenKey;HKLM\System\CurrentControlSet\Control\SafeBoot\Option;NAME NOT FOUND;Desired Access: Query Value, Set Value
16:32:36;3587708;cmd.exe;6104;RegOpenKey;HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers;SUCCESS;Desired Access: Query Value
16:32:36;3587949;cmd.exe;6104;RegQueryValue;HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\TransparentEnabled;NAME NOT FOUND;Length: 80
16:32:36;3588083;cmd.exe;6104;RegQueryValue;HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\AuthenticodeEnabled;SUCCESS;Type: REG_DWORD, Length: 4, Data: 0
16:32:36;3588220;cmd.exe;6104;RegCloseKey;HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers;SUCCESS;
16:32:36;3588451;cmd.exe;6104;RegOpenKey;HKCU\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers;NAME NOT FOUND;Desired Access: Query Value
16:32:36;3588639;cmd.exe;6104;RegOpenKey;HKLM\System\CurrentControlSet\Control\SafeBoot\Option;REPARSE;Desired Access: Query Value
16:32:36;3588778;cmd.exe;6104;RegOpenKey;HKLM\System\CurrentControlSet\Control\SafeBoot\Option;NAME NOT FOUND;Desired Access: Query Value
16:32:36;3588910;cmd.exe;6104;RegOpenKey;HKLM\System\CurrentControlSet\Control\Session Manager\AppCompatibility;REPARSE;Desired Access: Query Value
16:32:36;3589047;cmd.exe;6104;RegOpenKey;HKLM\System\CurrentControlSet\Control\Session Manager\AppCompatibility;NAME NOT FOUND;Desired Access: Query Value
16:32:36;3589185;cmd.exe;6104;RegOpenKey;HKLM\Software\Policies\Microsoft\Windows\AppCompat;NAME NOT FOUND;Desired Access: Query Value
16:32:36;3589414;cmd.exe;6104;QuerySecurityFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\mysql.exe;SUCCESS;Information: Owner, Group, DACL, SACL, 0x10
16:32:36;3589576;cmd.exe;6104;QueryBasicInformationFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\mysql.exe;SUCCESS;CreationTime: 03-11-2009 21:08:02, LastAccessTime: 22-02-2010 11:56:27, LastWriteTime: 03-11-2009 21:08:02, ChangeTime: 22-02-2010 11:56:27, FileAttributes: A
16:32:36;3589829;cmd.exe;6104;RegOpenKey;HKCU\Software\Microsoft\Windows NT\CurrentVersion;SUCCESS;Desired Access: Enumerate Sub Keys
16:32:36;3590057;cmd.exe;6104;RegOpenKey;HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers;SUCCESS;Desired Access: Query Value
16:32:36;3590490;cmd.exe;6104;RegQueryValue;HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\mysql.exe;NAME NOT FOUND;Length: 16
16:32:36;3590649;cmd.exe;6104;RegCloseKey;HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers;SUCCESS;
16:32:36;3590784;cmd.exe;6104;RegOpenKey;HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags;SUCCESS;Desired Access: Enumerate Sub Keys
16:32:36;3590997;cmd.exe;6104;RegOpenKey;HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\mysql.exe;NAME NOT FOUND;Desired Access: Query Value
16:32:36;3591153;cmd.exe;6104;RegOpenKey;HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options;SUCCESS;Desired Access: Query Value, Enumerate Sub Keys
16:32:36;3591342;cmd.exe;6104;RegQueryValue;HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DisableLocalOverride;NAME NOT FOUND;Length: 1.024
16:32:36;3591510;cmd.exe;6104;RegOpenKey;HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide;SUCCESS;Desired Access: Read
16:32:36;3591701;cmd.exe;6104;RegQueryValue;HKLM\COMPONENTS\PreferExternalManifest;NAME NOT FOUND;Length: 20
16:32:36;3591818;cmd.exe;6104;RegCloseKey;HKLM\COMPONENTS;SUCCESS;
16:32:36;3596407;cmd.exe;6104;QueryOpen;C:\Windows\System32\apphelp.dll;FAST IO DISALLOWED;
16:32:36;3597462;cmd.exe;6104;CreateFile;C:\Windows\System32\apphelp.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3598676;cmd.exe;6104;QueryBasicInformationFile;C:\Windows\System32\apphelp.dll;SUCCESS;CreationTime: 25-01-2010 10:11:43, LastAccessTime: 25-01-2010 10:11:43, LastWriteTime: 10-04-2009 23:28:18, ChangeTime: 25-01-2010 10:24:17, FileAttributes: A
16:32:36;3598776;cmd.exe;6104;CloseFile;C:\Windows\System32\apphelp.dll;SUCCESS;
16:32:36;3600134;cmd.exe;6104;CreateFile;C:\Windows\System32\apphelp.dll;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3605267;cmd.exe;6104;Load Image;C:\Windows\System32\apphelp.dll;SUCCESS;Image Base: 0x75ca0000, Image Size: 0x2c000
16:32:36;3605864;cmd.exe;6104;CloseFile;C:\Windows\System32\apphelp.dll;SUCCESS;
16:32:36;3607326;cmd.exe;6104;QueryOpen;C:\Windows\System32\apphelp.dll;FAST IO DISALLOWED;
16:32:36;3608334;cmd.exe;6104;CreateFile;C:\Windows\System32\apphelp.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3609481;cmd.exe;6104;QueryBasicInformationFile;C:\Windows\System32\apphelp.dll;SUCCESS;CreationTime: 25-01-2010 10:11:43, LastAccessTime: 25-01-2010 10:11:43, LastWriteTime: 10-04-2009 23:28:18, ChangeTime: 25-01-2010 10:24:17, FileAttributes: A
16:32:36;3609579;cmd.exe;6104;CloseFile;C:\Windows\System32\apphelp.dll;SUCCESS;
16:32:36;3611021;cmd.exe;6104;CreateFile;C:\Windows\System32\apphelp.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3613161;cmd.exe;6104;RegOpenKey;HKLM\System\CurrentControlSet\Control\SafeBoot\Option;REPARSE;Desired Access: Query Value, Set Value
16:32:36;3613411;cmd.exe;6104;RegOpenKey;HKLM\System\CurrentControlSet\Control\SafeBoot\Option;NAME NOT FOUND;Desired Access: Query Value, Set Value
16:32:36;3619709;cmd.exe;6104;RegOpenKey;HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers;SUCCESS;Desired Access: Query Value
16:32:36;3619970;cmd.exe;6104;RegQueryValue;HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\TransparentEnabled;NAME NOT FOUND;Length: 80
16:32:36;3620105;cmd.exe;6104;RegCloseKey;HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers;SUCCESS;
16:32:36;3620342;cmd.exe;6104;RegOpenKey;HKCU\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers;NAME NOT FOUND;Desired Access: Query Value
16:32:36;3620535;cmd.exe;6104;CloseFile;C:\Windows\System32\apphelp.dll;SUCCESS;
16:32:36;3622201;cmd.exe;6104;Load Image;C:\Windows\System32\apphelp.dll;SUCCESS;Image Base: 0x75ca0000, Image Size: 0x2c000
16:32:36;3627489;cmd.exe;6104;CreateFile;C:\Windows\AppPatch\sysmain.sdb;SUCCESS;Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened
16:32:36;3629428;cmd.exe;6104;QueryStandardInformationFile;C:\Windows\AppPatch\sysmain.sdb;SUCCESS;AllocationSize: 3.293.184, EndOfFile: 3.289.592, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3629817;cmd.exe;6104;QueryStandardInformationFile;C:\Windows\AppPatch\sysmain.sdb;SUCCESS;AllocationSize: 3.293.184, EndOfFile: 3.289.592, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3630252;cmd.exe;6104;QueryStandardInformationFile;C:\Windows\AppPatch\sysmain.sdb;SUCCESS;AllocationSize: 3.293.184, EndOfFile: 3.289.592, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3630759;cmd.exe;6104;CloseFile;C:\Windows\AppPatch\sysmain.sdb;SUCCESS;
16:32:36;3631177;cmd.exe;6104;CloseFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\mysql.exe;SUCCESS;
16:32:36;3633634;mysql.exe;2900;Load Image;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\mysql.exe;SUCCESS;Image Base: 0x400000, Image Size: 0x241000
16:32:36;3634866;mysql.exe;2900;Load Image;C:\Windows\System32\ntdll.dll;SUCCESS;Image Base: 0x777c0000, Image Size: 0x127000
16:32:36;3637106;mysql.exe;2900;CreateFile;C:\Windows\Prefetch\MYSQL.EXE-EB49D3EA.pf;SUCCESS;Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: None, AllocationSize: n/a, OpenResult: Opened
16:32:36;3638651;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\Prefetch\MYSQL.EXE-EB49D3EA.pf;SUCCESS;AllocationSize: 20.480, EndOfFile: 17.152, NumberOfLinks: 1, DeletePending: False, Directory: False
16:32:36;3638839;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\Prefetch\MYSQL.EXE-EB49D3EA.pf;SUCCESS;AllocationSize: 20.480, EndOfFile: 17.152, NumberOfLinks: 1, DeletePending: False, Directory: False
16:32:36;3639028;mysql.exe;2900;ReadFile;C:\Windows\Prefetch\MYSQL.EXE-EB49D3EA.pf;SUCCESS;Offset: 0, Length: 17.152, Priority: Normal
16:32:36;3639858;mysql.exe;2900;CloseFile;C:\Windows\Prefetch\MYSQL.EXE-EB49D3EA.pf;SUCCESS;
16:32:36;3640462;mysql.exe;2900;CreateFile;C:;SUCCESS;Desired Access: Read Attributes, Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Complete If Oplocked, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3642901;mysql.exe;2900;QueryInformationVolume;C:;SUCCESS;VolumeCreationTime: 25-01-2010 09:02:12, VolumeSerialNumber: 00B8-32B0, SupportsObjects: True, VolumeLabel: OS
16:32:36;3643308;mysql.exe;2900;CreateFile;D:;SUCCESS;Desired Access: Read Attributes, Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Complete If Oplocked, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3643607;mysql.exe;2900;QueryInformationVolume;D:;BUFFER OVERFLOW;VolumeCreationTime: 05-12-2007 06:36:21, VolumeSerialNumber: BAC5-E146, SupportsObjects: True, VolumeLabel: DAT‘
16:32:36;3643747;mysql.exe;2900;FileSystemControl;C:;SUCCESS;Control: FSCTL_FILE_PREFETCH
16:32:36;3645208;mysql.exe;2900;CreateFile;C:\Program Files;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Complete If Oplocked, Open For Backup, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3645520;mysql.exe;2900;SetBasicInformationFile;C:\Program Files;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3645679;mysql.exe;2900;QueryFileInternalInformationFile;C:\Program Files;SUCCESS;IndexNumber: 0x100000000003d
16:32:36;3645830;mysql.exe;2900;FileSystemControl;C:\Program Files;END OF FILE;Control: FSCTL_FILE_PREFETCH
16:32:36;3646300;mysql.exe;2900;CloseFile;C:\Program Files;SUCCESS;
16:32:36;3648350;mysql.exe;2900;CreateFile;C:\Program Files\MySQL;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Complete If Oplocked, Open For Backup, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3648697;mysql.exe;2900;SetBasicInformationFile;C:\Program Files\MySQL;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3648838;mysql.exe;2900;QueryFileInternalInformationFile;C:\Program Files\MySQL;SUCCESS;IndexNumber: 0x1e00000000f102
16:32:36;3648984;mysql.exe;2900;FileSystemControl;C:\Program Files\MySQL;SUCCESS;Control: FSCTL_FILE_PREFETCH
16:32:36;3649162;mysql.exe;2900;CloseFile;C:\Program Files\MySQL;SUCCESS;
16:32:36;3650475;mysql.exe;2900;CreateFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Complete If Oplocked, Open For Backup, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3650790;mysql.exe;2900;SetBasicInformationFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3650925;mysql.exe;2900;QueryFileInternalInformationFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;IndexNumber: 0x2b00000000f114
16:32:36;3651066;mysql.exe;2900;FileSystemControl;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;END OF FILE;Control: FSCTL_FILE_PREFETCH
16:32:36;3651464;mysql.exe;2900;CloseFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;
16:32:36;3653745;mysql.exe;2900;CreateFile;C:\Users;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Complete If Oplocked, Open For Backup, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3654095;mysql.exe;2900;SetBasicInformationFile;C:\Users;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3654295;mysql.exe;2900;QueryFileInternalInformationFile;C:\Users;SUCCESS;IndexNumber: 0x1000000000139
16:32:36;3654452;mysql.exe;2900;FileSystemControl;C:\Users;END OF FILE;Control: FSCTL_FILE_PREFETCH
16:32:36;3654862;mysql.exe;2900;CloseFile;C:\Users;SUCCESS;
16:32:36;3656188;mysql.exe;2900;CreateFile;C:\Users\erwin;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Complete If Oplocked, Open For Backup, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3656485;mysql.exe;2900;SetBasicInformationFile;C:\Users\erwin;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3656622;mysql.exe;2900;QueryFileInternalInformationFile;C:\Users\erwin;SUCCESS;IndexNumber: 0x2000000000178
16:32:36;3656767;mysql.exe;2900;FileSystemControl;C:\Users\erwin;END OF FILE;Control: FSCTL_FILE_PREFETCH
16:32:36;3657129;mysql.exe;2900;CloseFile;C:\Users\erwin;SUCCESS;
16:32:36;3658384;mysql.exe;2900;CreateFile;C:\Users\erwin\AppData;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Complete If Oplocked, Open For Backup, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3658790;mysql.exe;2900;SetBasicInformationFile;C:\Users\erwin\AppData;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3658927;mysql.exe;2900;QueryFileInternalInformationFile;C:\Users\erwin\AppData;SUCCESS;IndexNumber: 0x2000000000183
16:32:36;3659118;mysql.exe;2900;FileSystemControl;C:\Users\erwin\AppData;SUCCESS;Control: FSCTL_FILE_PREFETCH
16:32:36;3659285;mysql.exe;2900;CloseFile;C:\Users\erwin\AppData;SUCCESS;
16:32:36;3660517;mysql.exe;2900;CreateFile;C:\Users\erwin\AppData\Local;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Complete If Oplocked, Open For Backup, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3660825;mysql.exe;2900;SetBasicInformationFile;C:\Users\erwin\AppData\Local;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3660961;mysql.exe;2900;QueryFileInternalInformationFile;C:\Users\erwin\AppData\Local;SUCCESS;IndexNumber: 0x2000000000195
16:32:36;3661102;mysql.exe;2900;FileSystemControl;C:\Users\erwin\AppData\Local;END OF FILE;Control: FSCTL_FILE_PREFETCH
16:32:36;3661457;mysql.exe;2900;CloseFile;C:\Users\erwin\AppData\Local;SUCCESS;
16:32:36;3662713;mysql.exe;2900;CreateFile;C:\Users\erwin\AppData\Local\Temp;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Complete If Oplocked, Open For Backup, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3663007;mysql.exe;2900;SetBasicInformationFile;C:\Users\erwin\AppData\Local\Temp;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3663195;mysql.exe;2900;QueryFileInternalInformationFile;C:\Users\erwin\AppData\Local\Temp;SUCCESS;IndexNumber: 0x2000000000196
16:32:36;3663344;mysql.exe;2900;FileSystemControl;C:\Users\erwin\AppData\Local\Temp;END OF FILE;Control: FSCTL_FILE_PREFETCH
16:32:36;3663698;mysql.exe;2900;CloseFile;C:\Users\erwin\AppData\Local\Temp;SUCCESS;
16:32:36;3664993;mysql.exe;2900;CreateFile;C:\Windows;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Complete If Oplocked, Open For Backup, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3665285;mysql.exe;2900;SetBasicInformationFile;C:\Windows;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3665423;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows;SUCCESS;IndexNumber: 0x10000000001c7
16:32:36;3665623;mysql.exe;2900;FileSystemControl;C:\Windows;END OF FILE;Control: FSCTL_FILE_PREFETCH
16:32:36;3665977;mysql.exe;2900;CloseFile;C:\Windows;SUCCESS;
16:32:36;3667266;mysql.exe;2900;CreateFile;C:\Windows\System32;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Complete If Oplocked, Open For Backup, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3667546;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3667685;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32;SUCCESS;IndexNumber: 0x100000000055c
16:32:36;3667883;mysql.exe;2900;FileSystemControl;C:\Windows\System32;END OF FILE;Control: FSCTL_FILE_PREFETCH
16:32:36;3668587;mysql.exe;2900;CloseFile;C:\Windows\System32;SUCCESS;
16:32:36;3670152;mysql.exe;2900;CreateFile;C:\Windows\System32\drivers;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Complete If Oplocked, Open For Backup, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3670459;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\drivers;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3670602;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\drivers;SUCCESS;IndexNumber: 0x1000000000586
16:32:36;3670745;mysql.exe;2900;FileSystemControl;C:\Windows\System32\drivers;END OF FILE;Control: FSCTL_FILE_PREFETCH
16:32:36;3671135;mysql.exe;2900;CloseFile;C:\Windows\System32\drivers;SUCCESS;
16:32:36;3672429;mysql.exe;2900;CreateFile;C:\Windows\System32\drivers\etc;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Complete If Oplocked, Open For Backup, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3673486;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\drivers\etc;SUCCESS;AllocationSize: 0, EndOfFile: 0, NumberOfLinks: 1, DeletePending: False, Directory: True
16:32:36;3673719;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\drivers\etc;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3673856;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\drivers\etc;SUCCESS;IndexNumber: 0x1000000000587
16:32:36;3673995;mysql.exe;2900;FileSystemControl;C:\Windows\System32\drivers\etc;SUCCESS;Control: FSCTL_FILE_PREFETCH
16:32:36;3674160;mysql.exe;2900;CloseFile;C:\Windows\System32\drivers\etc;SUCCESS;
16:32:36;3675766;mysql.exe;2900;CreateFile;C:\Windows\System32\nl-NL;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Complete If Oplocked, Open For Backup, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3676058;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\nl-NL;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3676253;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\nl-NL;SUCCESS;IndexNumber: 0x10000000007dc
16:32:36;3676449;mysql.exe;2900;FileSystemControl;C:\Windows\System32\nl-NL;END OF FILE;Control: FSCTL_FILE_PREFETCH
16:32:36;3676927;mysql.exe;2900;CloseFile;C:\Windows\System32\nl-NL;SUCCESS;
16:32:36;3677295;mysql.exe;2900;FileSystemControl;D:;SUCCESS;Control: FSCTL_FILE_PREFETCH
16:32:36;3678062;mysql.exe;2900;CreateFile;D:\users;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Complete If Oplocked, Open For Backup, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3678345;mysql.exe;2900;SetBasicInformationFile;D:\users;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3678466;mysql.exe;2900;QueryFileInternalInformationFile;D:\users;SUCCESS;IndexNumber: 0x5300000000002a
16:32:36;3678594;mysql.exe;2900;FileSystemControl;D:\users;SUCCESS;Control: FSCTL_FILE_PREFETCH
16:32:36;3678749;mysql.exe;2900;CloseFile;D:\users;SUCCESS;
16:32:36;3679557;mysql.exe;2900;CreateFile;D:\users\Erwin;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Complete If Oplocked, Open For Backup, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3679848;mysql.exe;2900;SetBasicInformationFile;D:\users\Erwin;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3679966;mysql.exe;2900;QueryFileInternalInformationFile;D:\users\Erwin;SUCCESS;IndexNumber: 0x800000000002b
16:32:36;3680090;mysql.exe;2900;FileSystemControl;D:\users\Erwin;SUCCESS;Control: FSCTL_FILE_PREFETCH
16:32:36;3680239;mysql.exe;2900;CloseFile;D:\users\Erwin;SUCCESS;
16:32:36;3681085;mysql.exe;2900;CreateFile;D:\users\Erwin\Documents;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Complete If Oplocked, Open For Backup, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3681362;mysql.exe;2900;SetBasicInformationFile;D:\users\Erwin\Documents;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3681485;mysql.exe;2900;QueryFileInternalInformationFile;D:\users\Erwin\Documents;SUCCESS;IndexNumber: 0x800000000002c
16:32:36;3681616;mysql.exe;2900;FileSystemControl;D:\users\Erwin\Documents;END OF FILE;Control: FSCTL_FILE_PREFETCH
16:32:36;3681996;mysql.exe;2900;CloseFile;D:\users\Erwin\Documents;SUCCESS;
16:32:36;3682833;mysql.exe;2900;CreateFile;D:\users\Erwin\Documents\DUMP20100219;NAME NOT FOUND;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Complete If Oplocked, Open For Backup, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
16:32:36;3684079;mysql.exe;2900;CreateFile;C:\Windows\System32\ntdll.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3685546;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\ntdll.dll;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3685886;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\ntdll.dll;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3686023;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\ntdll.dll;SUCCESS;IndexNumber: 0x200000000d18f
16:32:36;3686236;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\ntdll.dll;SUCCESS;AllocationSize: 1.204.224, EndOfFile: 1.202.168, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3687680;mysql.exe;2900;CreateFile;C:\Windows\System32\kernel32.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3688905;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\kernel32.dll;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3689056;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\kernel32.dll;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3689182;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\kernel32.dll;SUCCESS;IndexNumber: 0x200000000c75f
16:32:36;3689385;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\kernel32.dll;SUCCESS;AllocationSize: 892.928, EndOfFile: 891.392, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3690833;mysql.exe;2900;CreateFile;C:\Windows\System32\locale.nls;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3692049;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\locale.nls;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3692186;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\locale.nls;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3692302;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\locale.nls;SUCCESS;IndexNumber: 0x300000000c72c
16:32:36;3692493;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\locale.nls;SUCCESS;AllocationSize: 3.665.920, EndOfFile: 3.662.128, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3693739;mysql.exe;2900;CreateFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\mysql.exe;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3694017;mysql.exe;2900;SetBasicInformationFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\mysql.exe;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3694145;mysql.exe;2900;QueryAttributeTagFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\mysql.exe;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3694263;mysql.exe;2900;QueryFileInternalInformationFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\mysql.exe;SUCCESS;IndexNumber: 0x900000000f159
16:32:36;3694456;mysql.exe;2900;QueryStandardInformationFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\mysql.exe;SUCCESS;AllocationSize: 2.351.104, EndOfFile: 2.347.648, NumberOfLinks: 1, DeletePending: False, Directory: False
16:32:36;3696792;mysql.exe;2900;CreateFile;C:\Windows\System32\wsock32.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3697987;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\wsock32.dll;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3698125;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\wsock32.dll;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3698241;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\wsock32.dll;SUCCESS;IndexNumber: 0x100000000aacd
16:32:36;3698435;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\wsock32.dll;SUCCESS;AllocationSize: 16.384, EndOfFile: 15.360, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3699695;mysql.exe;2900;CreateFile;C:\Windows\System32\ws2_32.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3700723;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\ws2_32.dll;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3700858;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\ws2_32.dll;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3700973;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\ws2_32.dll;SUCCESS;IndexNumber: 0x100000000ab09
16:32:36;3701164;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\ws2_32.dll;SUCCESS;AllocationSize: 180.224, EndOfFile: 179.200, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3702446;mysql.exe;2900;CreateFile;C:\Windows\System32\msvcrt.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3703541;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\msvcrt.dll;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3703676;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\msvcrt.dll;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3703791;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\msvcrt.dll;SUCCESS;IndexNumber: 0x200000000c912
16:32:36;3703981;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\msvcrt.dll;SUCCESS;AllocationSize: 679.936, EndOfFile: 679.936, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3705236;mysql.exe;2900;CreateFile;C:\Windows\System32\advapi32.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3706420;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\advapi32.dll;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3706564;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\advapi32.dll;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3706684;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\advapi32.dll;SUCCESS;IndexNumber: 0x200000000cb8e
16:32:36;3706890;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\advapi32.dll;SUCCESS;AllocationSize: 802.816, EndOfFile: 800.768, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3708264;mysql.exe;2900;CreateFile;C:\Windows\System32\rpcrt4.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3709297;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\rpcrt4.dll;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3709432;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\rpcrt4.dll;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3709571;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\rpcrt4.dll;SUCCESS;IndexNumber: 0x3000000010215
16:32:36;3709764;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\rpcrt4.dll;SUCCESS;AllocationSize: 786.432, EndOfFile: 784.896, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3710990;mysql.exe;2900;CreateFile;C:\Windows\System32\nsi.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3712007;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\nsi.dll;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3712140;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\nsi.dll;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3712256;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\nsi.dll;SUCCESS;IndexNumber: 0x100000000bd65
16:32:36;3712448;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\nsi.dll;SUCCESS;AllocationSize: 8.192, EndOfFile: 8.192, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3713724;mysql.exe;2900;CreateFile;C:\Windows\System32\tzres.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3714753;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\tzres.dll;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3714887;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\tzres.dll;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3715002;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\tzres.dll;SUCCESS;IndexNumber: 0x4000000012a2c
16:32:36;3715260;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\tzres.dll;SUCCESS;AllocationSize: 4.096, EndOfFile: 2.048, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3716830;mysql.exe;2900;CreateFile;C:\Windows\System32\nl-NL\tzres.dll.mui;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3717177;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\nl-NL\tzres.dll.mui;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3717325;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\nl-NL\tzres.dll.mui;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3717453;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\nl-NL\tzres.dll.mui;SUCCESS;IndexNumber: 0x50000000128c1
16:32:36;3717661;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\nl-NL\tzres.dll.mui;SUCCESS;AllocationSize: 24.576, EndOfFile: 23.040, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3719006;mysql.exe;2900;CreateFile;C:\Users\erwin\AppData\Local\Temp\TMP4DV3VI;NAME NOT FOUND;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a
16:32:36;3720146;mysql.exe;2900;CreateFile;C:\Windows\System32\nlaapi.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3721203;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\nlaapi.dll;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3721341;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\nlaapi.dll;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3721457;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\nlaapi.dll;SUCCESS;IndexNumber: 0x100000000bcec
16:32:36;3721650;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\nlaapi.dll;SUCCESS;AllocationSize: 49.152, EndOfFile: 48.128, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3722904;mysql.exe;2900;CreateFile;C:\Windows\System32\user32.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3723940;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\user32.dll;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3724076;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\user32.dll;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3724194;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\user32.dll;SUCCESS;IndexNumber: 0x300000000c678
16:32:36;3724411;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\user32.dll;SUCCESS;AllocationSize: 630.784, EndOfFile: 627.712, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3725727;mysql.exe;2900;CreateFile;C:\Windows\System32\gdi32.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3726866;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\gdi32.dll;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3727011;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\gdi32.dll;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3727134;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\gdi32.dll;SUCCESS;IndexNumber: 0x200000000cc8e
16:32:36;3727339;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\gdi32.dll;SUCCESS;AllocationSize: 299.008, EndOfFile: 297.472, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3728695;mysql.exe;2900;CreateFile;C:\Windows\System32\IPHLPAPI.DLL;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3729724;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\IPHLPAPI.DLL;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3729858;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\IPHLPAPI.DLL;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3729974;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\IPHLPAPI.DLL;SUCCESS;IndexNumber: 0x200000000c887
16:32:36;3730168;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\IPHLPAPI.DLL;SUCCESS;AllocationSize: 94.208, EndOfFile: 91.648, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3731416;mysql.exe;2900;CreateFile;C:\Windows\System32\dhcpcsvc.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3732474;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\dhcpcsvc.dll;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3732609;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\dhcpcsvc.dll;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3732723;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\dhcpcsvc.dll;SUCCESS;IndexNumber: 0x200000000cd5d
16:32:36;3732914;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\dhcpcsvc.dll;SUCCESS;AllocationSize: 204.800, EndOfFile: 204.288, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3734153;mysql.exe;2900;CreateFile;C:\Windows\System32\dnsapi.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3735189;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\dnsapi.dll;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3735345;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\dnsapi.dll;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3735458;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\dnsapi.dll;SUCCESS;IndexNumber: 0x200000000cd31
16:32:36;3735707;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\dnsapi.dll;SUCCESS;AllocationSize: 172.032, EndOfFile: 168.448, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3737378;mysql.exe;2900;CreateFile;C:\Windows\System32\secur32.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3738512;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\secur32.dll;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3738649;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\secur32.dll;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3738764;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\secur32.dll;SUCCESS;IndexNumber: 0x400000000f96f
16:32:36;3738958;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\secur32.dll;SUCCESS;AllocationSize: 73.728, EndOfFile: 72.704, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3740243;mysql.exe;2900;CreateFile;C:\Windows\System32\winnsi.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3741283;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\winnsi.dll;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3741418;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\winnsi.dll;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3741537;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\winnsi.dll;SUCCESS;IndexNumber: 0x100000000abec
16:32:36;3741732;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\winnsi.dll;SUCCESS;AllocationSize: 16.384, EndOfFile: 14.848, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3742988;mysql.exe;2900;CreateFile;C:\Windows\System32\dhcpcsvc6.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3743267;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\dhcpcsvc6.dll;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3743397;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\dhcpcsvc6.dll;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3743512;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\dhcpcsvc6.dll;SUCCESS;IndexNumber: 0x200000000cd82
16:32:36;3743703;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\dhcpcsvc6.dll;SUCCESS;AllocationSize: 131.072, EndOfFile: 130.560, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3744967;mysql.exe;2900;CreateFile;C:\Windows\System32\imm32.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3746101;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\imm32.dll;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3746247;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\imm32.dll;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3746372;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\imm32.dll;SUCCESS;IndexNumber: 0x200000000c8c4
16:32:36;3746602;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\imm32.dll;SUCCESS;AllocationSize: 114.688, EndOfFile: 114.688, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3748000;mysql.exe;2900;CreateFile;C:\Windows\System32\msctf.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3749378;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\msctf.dll;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3749526;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\msctf.dll;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3749652;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\msctf.dll;SUCCESS;IndexNumber: 0x200000000ca78
16:32:36;3749860;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\msctf.dll;SUCCESS;AllocationSize: 811.008, EndOfFile: 807.424, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3751246;mysql.exe;2900;CreateFile;C:\Windows\System32\lpk.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3752373;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\lpk.dll;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3752518;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\lpk.dll;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3752639;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\lpk.dll;SUCCESS;IndexNumber: 0x5000000010d70
16:32:36;3752846;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\lpk.dll;SUCCESS;AllocationSize: 24.576, EndOfFile: 23.552, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3756246;mysql.exe;2900;CreateFile;C:\Windows\System32\usp10.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3757444;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\usp10.dll;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3757598;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\usp10.dll;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3757727;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\usp10.dll;SUCCESS;IndexNumber: 0x300000000c660
16:32:36;3757947;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\usp10.dll;SUCCESS;AllocationSize: 503.808, EndOfFile: 502.272, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3759552;mysql.exe;2900;CreateFile;C:\Windows\System32\NapiNSP.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3760741;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\NapiNSP.dll;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3760950;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\NapiNSP.dll;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3761136;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\NapiNSP.dll;SUCCESS;IndexNumber: 0x100000000becf
16:32:36;3761350;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\NapiNSP.dll;SUCCESS;AllocationSize: 53.248, EndOfFile: 50.176, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3763428;mysql.exe;2900;CreateFile;C:\Windows\System32\pnrpnsp.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3765030;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\pnrpnsp.dll;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3765184;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\pnrpnsp.dll;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3765375;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\pnrpnsp.dll;SUCCESS;IndexNumber: 0x100000000b815
16:32:36;3765652;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\pnrpnsp.dll;SUCCESS;AllocationSize: 65.536, EndOfFile: 62.464, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3767198;mysql.exe;2900;CreateFile;C:\Windows\System32\mswsock.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3769022;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\mswsock.dll;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3769179;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\mswsock.dll;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3769310;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\mswsock.dll;SUCCESS;IndexNumber: 0x200000000c919
16:32:36;3769526;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\mswsock.dll;SUCCESS;AllocationSize: 225.280, EndOfFile: 223.232, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3770980;mysql.exe;2900;CreateFile;C:\Windows\System32\winrnr.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3772167;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\winrnr.dll;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3772328;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\winrnr.dll;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3772457;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\winrnr.dll;SUCCESS;IndexNumber: 0x400000000c58c
16:32:36;3772676;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\winrnr.dll;SUCCESS;AllocationSize: 20.480, EndOfFile: 19.968, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3774301;mysql.exe;2900;CreateFile;C:\Windows\System32\Wldap32.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3775483;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\Wldap32.dll;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3775656;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\Wldap32.dll;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3775787;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\Wldap32.dll;SUCCESS;IndexNumber: 0x300000000c59a
16:32:36;3776006;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\Wldap32.dll;SUCCESS;AllocationSize: 290.816, EndOfFile: 287.744, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3777583;mysql.exe;2900;CreateFile;C:\Windows\System32\psapi.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3779034;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\psapi.dll;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3779191;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\psapi.dll;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3779321;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\psapi.dll;SUCCESS;IndexNumber: 0x1000000003d5f
16:32:36;3779538;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\psapi.dll;SUCCESS;AllocationSize: 12.288, EndOfFile: 12.288, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3780933;mysql.exe;2900;CreateFile;C:\Windows\System32\drivers\etc\services;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3781281;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\drivers\etc\services;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3781427;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\drivers\etc\services;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3781555;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\drivers\etc\services;SUCCESS;IndexNumber: 0x1000000004307
16:32:36;3781771;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\drivers\etc\services;SUCCESS;AllocationSize: 20.480, EndOfFile: 17.244, NumberOfLinks: 1, DeletePending: False, Directory: False
16:32:36;3784034;mysql.exe;2900;CreateFile;C:\Windows\System32\rasadhlp.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3785343;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\rasadhlp.dll;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3785544;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\rasadhlp.dll;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3785836;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\rasadhlp.dll;SUCCESS;IndexNumber: 0x1000000003d90
16:32:36;3786130;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\rasadhlp.dll;SUCCESS;AllocationSize: 12.288, EndOfFile: 10.240, NumberOfLinks: 3, DeletePending: False, Directory: False
16:32:36;3787564;mysql.exe;2900;CreateFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3788722;mysql.exe;2900;SetBasicInformationFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;CreationTime: 01-01-1601 00:59:59, LastAccessTime: 01-01-1601 00:59:59, LastWriteTime: 01-01-1601 00:59:59, ChangeTime: 01-01-1601 00:59:59, FileAttributes: n/a
16:32:36;3788866;mysql.exe;2900;QueryAttributeTagFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;Attributes: A, ReparseTag: 0x0
16:32:36;3788991;mysql.exe;2900;QueryFileInternalInformationFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;IndexNumber: 0x100000000aac9
16:32:36;3789249;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;AllocationSize: 12.288, EndOfFile: 9.216, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3789920;mysql.exe;2900;CreateFile;D:\USERS\ERWIN\DOCUMENTS\DUMP20100219\DRUPAL_DSS_FLOOD.SQL;PATH NOT FOUND;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a
16:32:36;3790433;mysql.exe;2900;CreateFile;D:\USERS\ERWIN\DOCUMENTS\DUMP20100219\DRUPAL_DSS_LOCALES_TARGET.SQL;PATH NOT FOUND;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Disposition: Open, Options: Non-Directory File, Complete If Oplocked, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a
16:32:36;3791254;mysql.exe;2900;CloseFile;C:\Windows\System32\locale.nls;SUCCESS;
16:32:36;3791637;mysql.exe;2900;CloseFile;C:\Windows\System32\tzres.dll;SUCCESS;
16:32:36;3791945;mysql.exe;2900;CloseFile;C:\Windows\System32\nl-NL\tzres.dll.mui;SUCCESS;
16:32:36;3792351;mysql.exe;2900;CloseFile;C:\Windows\System32\drivers\etc\services;SUCCESS;
16:32:36;3811497;mysql.exe;2900;CloseFile;C:\Windows\System32\ntdll.dll;SUCCESS;
16:32:36;3811825;mysql.exe;2900;CloseFile;C:\Windows\System32\kernel32.dll;SUCCESS;
16:32:36;3812118;mysql.exe;2900;CloseFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\mysql.exe;SUCCESS;
16:32:36;3812412;mysql.exe;2900;CloseFile;C:\Windows\System32\wsock32.dll;SUCCESS;
16:32:36;3812709;mysql.exe;2900;CloseFile;C:\Windows\System32\ws2_32.dll;SUCCESS;
16:32:36;3812993;mysql.exe;2900;CloseFile;C:\Windows\System32\msvcrt.dll;SUCCESS;
16:32:36;3813308;mysql.exe;2900;CloseFile;C:\Windows\System32\advapi32.dll;SUCCESS;
16:32:36;3813597;mysql.exe;2900;CloseFile;C:\Windows\System32\rpcrt4.dll;SUCCESS;
16:32:36;3813951;mysql.exe;2900;CloseFile;C:\Windows\System32\nsi.dll;SUCCESS;
16:32:36;3814235;mysql.exe;2900;CloseFile;C:\Windows\System32\nlaapi.dll;SUCCESS;
16:32:36;3814522;mysql.exe;2900;CloseFile;C:\Windows\System32\user32.dll;SUCCESS;
16:32:36;3814804;mysql.exe;2900;CloseFile;C:\Windows\System32\gdi32.dll;SUCCESS;
16:32:36;3815081;mysql.exe;2900;CloseFile;C:\Windows\System32\IPHLPAPI.DLL;SUCCESS;
16:32:36;3815422;mysql.exe;2900;CloseFile;C:\Windows\System32\dhcpcsvc.dll;SUCCESS;
16:32:36;3815873;mysql.exe;2900;CloseFile;C:\Windows\System32\dnsapi.dll;SUCCESS;
16:32:36;3816197;mysql.exe;2900;CloseFile;C:\Windows\System32\secur32.dll;SUCCESS;
16:32:36;3816532;mysql.exe;2900;CloseFile;C:\Windows\System32\winnsi.dll;SUCCESS;
16:32:36;3816840;mysql.exe;2900;CloseFile;C:\Windows\System32\dhcpcsvc6.dll;SUCCESS;
16:32:36;3817143;mysql.exe;2900;CloseFile;C:\Windows\System32\imm32.dll;SUCCESS;
16:32:36;3817449;mysql.exe;2900;CloseFile;C:\Windows\System32\msctf.dll;SUCCESS;
16:32:36;3817750;mysql.exe;2900;CloseFile;C:\Windows\System32\lpk.dll;SUCCESS;
16:32:36;3818091;mysql.exe;2900;CloseFile;C:\Windows\System32\usp10.dll;SUCCESS;
16:32:36;3818375;mysql.exe;2900;CloseFile;C:\Windows\System32\NapiNSP.dll;SUCCESS;
16:32:36;3818654;mysql.exe;2900;CloseFile;C:\Windows\System32\pnrpnsp.dll;SUCCESS;
16:32:36;3818932;mysql.exe;2900;CloseFile;C:\Windows\System32\mswsock.dll;SUCCESS;
16:32:36;3819317;mysql.exe;2900;CloseFile;C:\Windows\System32\winrnr.dll;SUCCESS;
16:32:36;3820041;mysql.exe;2900;CloseFile;C:\Windows\System32\Wldap32.dll;SUCCESS;
16:32:36;3820350;mysql.exe;2900;CloseFile;C:\Windows\System32\psapi.dll;SUCCESS;
16:32:36;3820651;mysql.exe;2900;CloseFile;C:\Windows\System32\rasadhlp.dll;SUCCESS;
16:32:36;3820956;mysql.exe;2900;CloseFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;
16:32:36;3821267;mysql.exe;2900;CloseFile;C:;SUCCESS;
16:32:36;3821592;mysql.exe;2900;CloseFile;D:;SUCCESS;
16:32:36;3824521;mysql.exe;2900;CreateFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened
16:32:36;3826912;mysql.exe;2900;Load Image;C:\Windows\System32\kernel32.dll;SUCCESS;Image Base: 0x77180000, Image Size: 0xdc000
16:32:36;3835167;mysql.exe;2900;QueryOpen;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\WSOCK32.dll;FAST IO DISALLOWED;
16:32:36;3836168;mysql.exe;2900;CreateFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\WSOCK32.dll;NAME NOT FOUND;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
16:32:36;3837573;mysql.exe;2900;QueryOpen;C:\Windows\System32\wsock32.dll;FAST IO DISALLOWED;
16:32:36;3838580;mysql.exe;2900;CreateFile;C:\Windows\System32\wsock32.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3839949;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\wsock32.dll;SUCCESS;CreationTime: 25-01-2010 09:29:50, LastAccessTime: 25-01-2010 09:29:50, LastWriteTime: 18-01-2008 23:37:12, ChangeTime: 25-01-2010 09:58:48, FileAttributes: A
16:32:36;3840049;mysql.exe;2900;CloseFile;C:\Windows\System32\wsock32.dll;SUCCESS;
16:32:36;3841664;mysql.exe;2900;CreateFile;C:\Windows\System32\wsock32.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3843866;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Control\SafeBoot\Option;REPARSE;Desired Access: Query Value, Set Value
16:32:36;3844125;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Control\SafeBoot\Option;NAME NOT FOUND;Desired Access: Query Value, Set Value
16:32:36;3844290;mysql.exe;2900;RegOpenKey;HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers;SUCCESS;Desired Access: Query Value
16:32:36;3844556;mysql.exe;2900;RegQueryValue;HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\TransparentEnabled;NAME NOT FOUND;Length: 80
16:32:36;3844698;mysql.exe;2900;RegCloseKey;HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers;SUCCESS;
16:32:36;3844918;mysql.exe;2900;RegOpenKey;HKCU\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers;NAME NOT FOUND;Desired Access: Query Value
16:32:36;3845115;mysql.exe;2900;CloseFile;C:\Windows\System32\wsock32.dll;SUCCESS;
16:32:36;3846731;mysql.exe;2900;Load Image;C:\Windows\System32\wsock32.dll;SUCCESS;Image Base: 0x74320000, Image Size: 0x7000
16:32:36;3848281;mysql.exe;2900;Load Image;C:\Windows\System32\ws2_32.dll;SUCCESS;Image Base: 0x75e70000, Image Size: 0x2d000
16:32:36;3849650;mysql.exe;2900;Load Image;C:\Windows\System32\msvcrt.dll;SUCCESS;Image Base: 0x761f0000, Image Size: 0xaa000
16:32:36;3851778;mysql.exe;2900;Load Image;C:\Windows\System32\advapi32.dll;SUCCESS;Image Base: 0x776f0000, Image Size: 0xc6000
16:32:36;3853919;mysql.exe;2900;Load Image;C:\Windows\System32\rpcrt4.dll;SUCCESS;Image Base: 0x77020000, Image Size: 0xc3000
16:32:36;3859626;mysql.exe;2900;Load Image;C:\Windows\System32\nsi.dll;SUCCESS;Image Base: 0x77920000, Image Size: 0x6000
16:32:36;3863428;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Control\Terminal Server;REPARSE;Desired Access: Read
16:32:36;3863647;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Control\Terminal Server;SUCCESS;Desired Access: Read
16:32:36;3863860;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Control\Terminal Server\TSAppCompat;NAME NOT FOUND;Length: 548
16:32:36;3864008;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Control\Terminal Server\TSUserEnabled;SUCCESS;Type: REG_DWORD, Length: 4, Data: 0
16:32:36;3864133;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Control\Terminal Server;SUCCESS;
16:32:36;3864399;mysql.exe;2900;RegOpenKey;HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon;SUCCESS;Desired Access: Read
16:32:36;3864648;mysql.exe;2900;RegQueryValue;HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\LeakTrack;NAME NOT FOUND;Length: 144
16:32:36;3864790;mysql.exe;2900;RegCloseKey;HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon;SUCCESS;
16:32:36;3865054;mysql.exe;2900;RegOpenKey;HKLM\System\Setup;SUCCESS;Desired Access: Read
16:32:36;3865216;mysql.exe;2900;RegQueryValue;HKLM\SYSTEM\Setup\SystemSetupInProgress;SUCCESS;Type: REG_DWORD, Length: 4, Data: 0
16:32:36;3865338;mysql.exe;2900;RegCloseKey;HKLM\SYSTEM\Setup;SUCCESS;
16:32:36;3865463;mysql.exe;2900;RegOpenKey;HKLM;SUCCESS;Desired Access: Maximum Allowed, Granted Access: Read
16:32:36;3865714;mysql.exe;2900;RegOpenKey;HKLM\Software\Microsoft\Windows NT\CurrentVersion\Diagnostics;NAME NOT FOUND;Desired Access: Read
16:32:36;3868591;mysql.exe;2900;QueryNameInformationFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\mysql.exe;SUCCESS;Name: \Program Files\MySQL\MySQL Workbench 5.2 OSS\mysql.exe
16:32:36;3869514;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Control\Session Manager;REPARSE;Desired Access: Query Value
16:32:36;3869680;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Control\Session Manager;SUCCESS;Desired Access: Query Value
16:32:36;3869861;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Control\Session Manager\SafeDllSearchMode;NAME NOT FOUND;Length: 16
16:32:36;3871282;mysql.exe;2900;QueryOpen;C:\Windows\System32\tzres.dll;FAST IO DISALLOWED;
16:32:36;3872295;mysql.exe;2900;CreateFile;C:\Windows\System32\tzres.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3873766;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\tzres.dll;SUCCESS;CreationTime: 25-01-2010 16:21:20, LastAccessTime: 25-01-2010 16:21:20, LastWriteTime: 29-10-2009 10:17:42, ChangeTime: 25-01-2010 16:24:57, FileAttributes: A
16:32:36;3873866;mysql.exe;2900;CloseFile;C:\Windows\System32\tzres.dll;SUCCESS;
16:32:36;3875339;mysql.exe;2900;CreateFile;C:\Windows\System32\tzres.dll;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3877197;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\tzres.dll;SUCCESS;AllocationSize: 4.096, EndOfFile: 2.048, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3877741;mysql.exe;2900;CloseFile;C:\Windows\System32\tzres.dll;SUCCESS;
16:32:36;3879410;mysql.exe;2900;QueryOpen;C:\Windows\System32\tzres.dll;FAST IO DISALLOWED;
16:32:36;3880531;mysql.exe;2900;CreateFile;C:\Windows\System32\tzres.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3881814;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\tzres.dll;SUCCESS;CreationTime: 25-01-2010 16:21:20, LastAccessTime: 25-01-2010 16:21:20, LastWriteTime: 29-10-2009 10:17:42, ChangeTime: 25-01-2010 16:24:57, FileAttributes: A
16:32:36;3881913;mysql.exe;2900;CloseFile;C:\Windows\System32\tzres.dll;SUCCESS;
16:32:36;3884542;mysql.exe;2900;CreateFile;C:\Windows\System32\tzres.dll;SUCCESS;Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3886281;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\tzres.dll;SUCCESS;AllocationSize: 4.096, EndOfFile: 2.048, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3886749;mysql.exe;2900;CloseFile;C:\Windows\System32\tzres.dll;SUCCESS;
16:32:36;3887556;mysql.exe;2900;RegOpenKey;HKLM\Software\Policies\Microsoft\MUI\Settings;NAME NOT FOUND;Desired Access: Read
16:32:36;3887825;mysql.exe;2900;RegOpenKey;HKCU;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;3888061;mysql.exe;2900;RegOpenKey;HKCU\Software\Policies\Microsoft\Control Panel\Desktop;NAME NOT FOUND;Desired Access: Read
16:32:36;3888212;mysql.exe;2900;RegOpenKey;HKCU\Control Panel\Desktop;SUCCESS;Desired Access: Read
16:32:36;3888399;mysql.exe;2900;RegOpenKey;HKCU\Control Panel\Desktop\LanguageConfiguration;SUCCESS;Desired Access: Read
16:32:36;3888567;mysql.exe;2900;RegEnumValue;HKCU\Control Panel\Desktop\LanguageConfiguration;NO MORE ENTRIES;Index: 0, Length: 512
16:32:36;3888705;mysql.exe;2900;RegCloseKey;HKCU\Control Panel\Desktop\LanguageConfiguration;SUCCESS;
16:32:36;3888817;mysql.exe;2900;RegCloseKey;HKCU\Control Panel\Desktop;SUCCESS;
16:32:36;3888913;mysql.exe;2900;RegCloseKey;HKCU;SUCCESS;
16:32:36;3889025;mysql.exe;2900;RegOpenKey;HKLM\Software\Policies\Microsoft\MUI\Settings;NAME NOT FOUND;Desired Access: Read
16:32:36;3889220;mysql.exe;2900;RegOpenKey;HKCU;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;3889397;mysql.exe;2900;RegOpenKey;HKCU\Software\Policies\Microsoft\Control Panel\Desktop;NAME NOT FOUND;Desired Access: Read
16:32:36;3889623;mysql.exe;2900;RegOpenKey;HKCU\Control Panel\Desktop;SUCCESS;Desired Access: Read
16:32:36;3889878;mysql.exe;2900;RegCloseKey;HKCU;SUCCESS;
16:32:36;3890111;mysql.exe;2900;RegQueryValue;HKCU\Control Panel\Desktop\PreferredUILanguages;NAME NOT FOUND;Length: 12
16:32:36;3890292;mysql.exe;2900;RegCloseKey;HKCU\Control Panel\Desktop;SUCCESS;
16:32:36;3890414;mysql.exe;2900;RegOpenKey;HKLM\Software\Policies\Microsoft\MUI\Settings;NAME NOT FOUND;Desired Access: Read
16:32:36;3890637;mysql.exe;2900;RegOpenKey;HKCU;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;3890834;mysql.exe;2900;RegOpenKey;HKCU\Control Panel\Desktop;SUCCESS;Desired Access: Read
16:32:36;3890987;mysql.exe;2900;RegCloseKey;HKCU;SUCCESS;
16:32:36;3891111;mysql.exe;2900;RegQueryValue;HKCU\Control Panel\Desktop\CachedMachinePreferredUILanguages;NAME NOT FOUND;Length: 12
16:32:36;3891240;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Control\MUI\Settings;REPARSE;Desired Access: Read
16:32:36;3891405;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Control\MUI\Settings;SUCCESS;Desired Access: Read
16:32:36;3891587;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Control\MUI\Settings\PreferredUILanguages;NAME NOT FOUND;Length: 12
16:32:36;3891707;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Control\MUI\Settings;SUCCESS;
16:32:36;3891825;mysql.exe;2900;RegCloseKey;HKCU\Control Panel\Desktop;SUCCESS;
16:32:36;3892283;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Control\CMF\Config;REPARSE;Desired Access: Read
16:32:36;3892434;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Control\CMF\Config;SUCCESS;Desired Access: Read
16:32:36;3892624;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Control\CMF\Config\SYSTEM;SUCCESS;Type: REG_DWORD, Length: 4, Data: 3
16:32:36;3892758;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Control\CMF\Config;SUCCESS;
16:32:36;3893013;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Control\CMF\LatestIndex;REPARSE;Desired Access: Read
16:32:36;3893159;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Control\CMF\LatestIndex;SUCCESS;Desired Access: Read
16:32:36;3893332;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Control\CMF\LatestIndex\SYSTEM;SUCCESS;Type: REG_DWORD, Length: 4, Data: 4
16:32:36;3893465;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Control\CMF\LatestIndex;SUCCESS;
16:32:36;3896896;mysql.exe;2900;QueryOpen;C:\Windows\rescache\rc0005;FAST IO DISALLOWED;
16:32:36;3898663;mysql.exe;2900;CreateFile;C:\Windows\rescache\rc0005;NAME NOT FOUND;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
16:32:36;3900006;mysql.exe;2900;CreateFile;C:\Windows\System32\nl-NL\tzres.dll.mui;SUCCESS;Desired Access: Generic Read, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3901002;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\nl-NL\tzres.dll.mui;SUCCESS;AllocationSize: 24.576, EndOfFile: 23.040, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3901645;mysql.exe;2900;QueryNameInformationFile;C:\Windows\System32\tzres.dll;SUCCESS;Name: \Windows\System32\tzres.dll
16:32:36;3901903;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Control\Nls\CustomLocale;REPARSE;Desired Access: Read
16:32:36;3902087;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Control\Nls\CustomLocale;SUCCESS;Desired Access: Read
16:32:36;3902284;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Control\Nls\CustomLocale\nl-NL;NAME NOT FOUND;Length: 532
16:32:36;3902407;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Control\Nls\CustomLocale;SUCCESS;
16:32:36;3902525;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale;REPARSE;Desired Access: Read
16:32:36;3902666;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale;NAME NOT FOUND;Desired Access: Read
16:32:36;3903212;mysql.exe;2900;RegOpenKey;HKLM\System\Setup;SUCCESS;Desired Access: Query Value
16:32:36;3903379;mysql.exe;2900;RegQueryValue;HKLM\SYSTEM\Setup\SystemSetupInProgress;SUCCESS;Type: REG_DWORD, Length: 4, Data: 0
16:32:36;3903505;mysql.exe;2900;RegCloseKey;HKLM\SYSTEM\Setup;SUCCESS;
16:32:36;3903636;mysql.exe;2900;RegOpenKey;HKLM\Software\Microsoft\Windows\Windows Error Reporting\WMR;NAME NOT FOUND;Desired Access: Query Value
16:32:36;3903904;mysql.exe;2900;RegOpenKey;HKCU\Software\Microsoft\Windows\Windows Error Reporting\WMR;NAME NOT FOUND;Desired Access: Query Value
16:32:36;3904192;mysql.exe;2900;RegOpenKey;HKCU\Software\Microsoft\Windows\Windows Error Reporting\WMR;NAME NOT FOUND;Desired Access: Query Value
16:32:36;3904344;mysql.exe;2900;RegOpenKey;HKLM\Software\Microsoft\Windows\Windows Error Reporting\WMR;NAME NOT FOUND;Desired Access: Query Value
16:32:36;3904618;mysql.exe;2900;RegOpenKey;HKLM\Software\Microsoft\Windows\Windows Error Reporting\WMR;NAME NOT FOUND;Desired Access: Query Value
16:32:36;3904958;mysql.exe;2900;CloseFile;C:\Windows\System32\nl-NL\tzres.dll.mui;SUCCESS;
16:32:36;3906672;mysql.exe;2900;QueryOpen;C:\Windows\System32\tzres.dll;FAST IO DISALLOWED;
16:32:36;3907676;mysql.exe;2900;CreateFile;C:\Windows\System32\tzres.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3908839;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\tzres.dll;SUCCESS;CreationTime: 25-01-2010 16:21:20, LastAccessTime: 25-01-2010 16:21:20, LastWriteTime: 29-10-2009 10:17:42, ChangeTime: 25-01-2010 16:24:57, FileAttributes: A
16:32:36;3908936;mysql.exe;2900;CloseFile;C:\Windows\System32\tzres.dll;SUCCESS;
16:32:36;3910455;mysql.exe;2900;CreateFile;C:\Windows\System32\tzres.dll;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3912197;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\tzres.dll;SUCCESS;AllocationSize: 4.096, EndOfFile: 2.048, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3912782;mysql.exe;2900;CloseFile;C:\Windows\System32\tzres.dll;SUCCESS;
16:32:36;3914304;mysql.exe;2900;QueryOpen;C:\Windows\System32\tzres.dll;FAST IO DISALLOWED;
16:32:36;3915374;mysql.exe;2900;CreateFile;C:\Windows\System32\tzres.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3916890;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\tzres.dll;SUCCESS;CreationTime: 25-01-2010 16:21:20, LastAccessTime: 25-01-2010 16:21:20, LastWriteTime: 29-10-2009 10:17:42, ChangeTime: 25-01-2010 16:24:57, FileAttributes: A
16:32:36;3916991;mysql.exe;2900;CloseFile;C:\Windows\System32\tzres.dll;SUCCESS;
16:32:36;3918415;mysql.exe;2900;CreateFile;C:\Windows\System32\tzres.dll;SUCCESS;Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3920200;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\tzres.dll;SUCCESS;AllocationSize: 4.096, EndOfFile: 2.048, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3920723;mysql.exe;2900;CloseFile;C:\Windows\System32\tzres.dll;SUCCESS;
16:32:36;3922238;mysql.exe;2900;CreateFile;C:\Windows\System32\nl-NL\tzres.dll.mui;SUCCESS;Desired Access: Generic Read, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3923206;mysql.exe;2900;QueryStandardInformationFile;C:\Windows\System32\nl-NL\tzres.dll.mui;SUCCESS;AllocationSize: 24.576, EndOfFile: 23.040, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;3923849;mysql.exe;2900;QueryNameInformationFile;C:\Windows\System32\tzres.dll;SUCCESS;Name: \Windows\System32\tzres.dll
16:32:36;3924135;mysql.exe;2900;CloseFile;C:\Windows\System32\nl-NL\tzres.dll.mui;SUCCESS;
16:32:36;3924760;mysql.exe;2900;RegOpenKey;HKLM\SOFTWARE\MySQL;NAME NOT FOUND;Desired Access: Read
16:32:36;3925141;mysql.exe;2900;RegOpenKey;HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters;REPARSE;Desired Access: Read
16:32:36;3925330;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters;SUCCESS;Desired Access: Read
16:32:36;3925568;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters;SUCCESS;
16:32:36;3926550;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters;REPARSE;Desired Access: All Access
16:32:36;3926714;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters;ACCESS DENIED;Desired Access: All Access
16:32:36;3926972;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters;REPARSE;Desired Access: Read
16:32:36;3927132;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters;SUCCESS;Desired Access: Read
16:32:36;3927333;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\WinSock_Registry_Version;SUCCESS;Type: REG_SZ, Length: 8, Data: 2.0
16:32:36;3927495;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\WinSock_Registry_Version;SUCCESS;Type: REG_SZ, Length: 8, Data: 2.0
16:32:36;3928238;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\AppId_Catalog;SUCCESS;Desired Access: Read
16:32:36;3928697;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\AppId_Catalog\01AABEE9-0E9C38F8;NAME NOT FOUND;Desired Access: Read
16:32:36;3928880;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\AppId_Catalog\01AABEE9;NAME NOT FOUND;Desired Access: Read
16:32:36;3929020;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\AppId_Catalog;SUCCESS;
16:32:36;3929193;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9;SUCCESS;Desired Access: Maximum Allowed, Granted Access: Read
16:32:36;3929388;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Serial_Access_Num;SUCCESS;Type: REG_DWORD, Length: 4, Data: 591
16:32:36;3929827;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Serial_Access_Num;SUCCESS;Type: REG_DWORD, Length: 4, Data: 591
16:32:36;3929981;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\0000024F;NAME NOT FOUND;Desired Access: Read
16:32:36;3930125;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Next_Catalog_Entry_ID;SUCCESS;Type: REG_DWORD, Length: 4, Data: 4715
16:32:36;3930254;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Num_Catalog_Entries;SUCCESS;Type: REG_DWORD, Length: 4, Data: 24
16:32:36;3930385;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries;SUCCESS;Desired Access: Maximum Allowed, Granted Access: Read
16:32:36;3930587;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001;SUCCESS;Desired Access: Read
16:32:36;3930812;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;3931096;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;3931228;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001\PackedCatalogItem;SUCCESS;Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73
16:32:36;3931416;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001\ProtocolName;SUCCESS;Type: REG_SZ, Length: 86, Data: @%SystemRoot%\System32\wshtcpip.dll,-60100
16:32:36;3932747;mysql.exe;2900;QueryOpen;C:\Windows\System32\WSHTCPIP.DLL;FAST IO DISALLOWED;
16:32:36;3933935;mysql.exe;2900;CreateFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3935201;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;CreationTime: 25-01-2010 09:29:50, LastAccessTime: 25-01-2010 09:29:50, LastWriteTime: 18-01-2008 23:37:12, ChangeTime: 25-01-2010 09:58:51, FileAttributes: A
16:32:36;3935300;mysql.exe;2900;CloseFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;
16:32:36;3936170;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;3936430;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;3936704;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;3936828;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\LangID;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1043
16:32:36;3936980;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;3937270;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;3937573;mysql.exe;2900;RegOpenKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;3937741;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;3937872;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\60100,C:\Windows\System32\wshtcpip.dll;SUCCESS;Type: REG_SZ, Length: 42, Data: MSAFD Tcpip [TCP/IP]
16:32:36;3938020;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;3938201;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001\ProtocolName;SUCCESS;Type: REG_SZ, Length: 86, Data: @%SystemRoot%\System32\wshtcpip.dll,-60100
16:32:36;3939514;mysql.exe;2900;QueryOpen;C:\Windows\System32\WSHTCPIP.DLL;FAST IO DISALLOWED;
16:32:36;3940623;mysql.exe;2900;CreateFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3941857;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;CreationTime: 25-01-2010 09:29:50, LastAccessTime: 25-01-2010 09:29:50, LastWriteTime: 18-01-2008 23:37:12, ChangeTime: 25-01-2010 09:58:51, FileAttributes: A
16:32:36;3942010;mysql.exe;2900;CloseFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;
16:32:36;3942574;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;3942804;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;3942962;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;3943081;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\LangID;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1043
16:32:36;3943279;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;3943479;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;3943674;mysql.exe;2900;RegOpenKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;3943824;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;3943936;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\60100,C:\Windows\System32\wshtcpip.dll;SUCCESS;Type: REG_SZ, Length: 42, Data: MSAFD Tcpip [TCP/IP]
16:32:36;3944069;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;3944208;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000001;SUCCESS;
16:32:36;3944364;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002;SUCCESS;Desired Access: Read
16:32:36;3944592;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;3944764;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;3944943;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002\PackedCatalogItem;SUCCESS;Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73
16:32:36;3945097;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002\ProtocolName;SUCCESS;Type: REG_SZ, Length: 86, Data: @%SystemRoot%\System32\wshtcpip.dll,-60101
16:32:36;3946424;mysql.exe;2900;QueryOpen;C:\Windows\System32\WSHTCPIP.DLL;FAST IO DISALLOWED;
16:32:36;3947491;mysql.exe;2900;CreateFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3948657;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;CreationTime: 25-01-2010 09:29:50, LastAccessTime: 25-01-2010 09:29:50, LastWriteTime: 18-01-2008 23:37:12, ChangeTime: 25-01-2010 09:58:51, FileAttributes: A
16:32:36;3948766;mysql.exe;2900;CloseFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;
16:32:36;3949209;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;3949437;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;3949592;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;3949710;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\LangID;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1043
16:32:36;3949838;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;3950030;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;3950218;mysql.exe;2900;RegOpenKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;3950366;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;3950477;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\60101,C:\Windows\System32\wshtcpip.dll;SUCCESS;Type: REG_SZ, Length: 42, Data: MSAFD Tcpip [UDP/IP]
16:32:36;3950623;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;3950765;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002\ProtocolName;SUCCESS;Type: REG_SZ, Length: 86, Data: @%SystemRoot%\System32\wshtcpip.dll,-60101
16:32:36;3951921;mysql.exe;2900;QueryOpen;C:\Windows\System32\WSHTCPIP.DLL;FAST IO DISALLOWED;
16:32:36;3952899;mysql.exe;2900;CreateFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3954133;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;CreationTime: 25-01-2010 09:29:50, LastAccessTime: 25-01-2010 09:29:50, LastWriteTime: 18-01-2008 23:37:12, ChangeTime: 25-01-2010 09:58:51, FileAttributes: A
16:32:36;3954228;mysql.exe;2900;CloseFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;
16:32:36;3954652;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;3954904;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;3955062;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;3955182;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\LangID;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1043
16:32:36;3955315;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;3955506;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;3955703;mysql.exe;2900;RegOpenKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;3955849;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;3955959;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\60101,C:\Windows\System32\wshtcpip.dll;SUCCESS;Type: REG_SZ, Length: 42, Data: MSAFD Tcpip [UDP/IP]
16:32:36;3956090;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;3956227;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000002;SUCCESS;
16:32:36;3956377;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003;SUCCESS;Desired Access: Read
16:32:36;3956601;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;3956769;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;3956892;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003\PackedCatalogItem;SUCCESS;Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73
16:32:36;3957032;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003\ProtocolName;SUCCESS;Type: REG_SZ, Length: 86, Data: @%SystemRoot%\System32\wshtcpip.dll,-60102
16:32:36;3958218;mysql.exe;2900;QueryOpen;C:\Windows\System32\WSHTCPIP.DLL;FAST IO DISALLOWED;
16:32:36;3959193;mysql.exe;2900;CreateFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3960345;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;CreationTime: 25-01-2010 09:29:50, LastAccessTime: 25-01-2010 09:29:50, LastWriteTime: 18-01-2008 23:37:12, ChangeTime: 25-01-2010 09:58:51, FileAttributes: A
16:32:36;3960439;mysql.exe;2900;CloseFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;
16:32:36;3960864;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;3961085;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;3961241;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;3961358;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\LangID;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1043
16:32:36;3961486;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;3961676;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;3961864;mysql.exe;2900;RegOpenKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;3962008;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;3962120;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\60102,C:\Windows\System32\wshtcpip.dll;SUCCESS;Type: REG_SZ, Length: 42, Data: MSAFD Tcpip [RAW/IP]
16:32:36;3962264;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;3962405;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003\ProtocolName;SUCCESS;Type: REG_SZ, Length: 86, Data: @%SystemRoot%\System32\wshtcpip.dll,-60102
16:32:36;3963554;mysql.exe;2900;QueryOpen;C:\Windows\System32\WSHTCPIP.DLL;FAST IO DISALLOWED;
16:32:36;3964524;mysql.exe;2900;CreateFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3965652;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;CreationTime: 25-01-2010 09:29:50, LastAccessTime: 25-01-2010 09:29:50, LastWriteTime: 18-01-2008 23:37:12, ChangeTime: 25-01-2010 09:58:51, FileAttributes: A
16:32:36;3965749;mysql.exe;2900;CloseFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;
16:32:36;3966203;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;3966423;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;3966579;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;3966693;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\LangID;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1043
16:32:36;3966826;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;3967016;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;3967205;mysql.exe;2900;RegOpenKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;3967350;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;3967461;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\60102,C:\Windows\System32\wshtcpip.dll;SUCCESS;Type: REG_SZ, Length: 42, Data: MSAFD Tcpip [RAW/IP]
16:32:36;3967592;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;3967731;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000003;SUCCESS;
16:32:36;3967876;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004;SUCCESS;Desired Access: Read
16:32:36;3968100;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;3968261;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;3968386;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004\PackedCatalogItem;SUCCESS;Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73
16:32:36;3968529;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004\ProtocolName;SUCCESS;Type: REG_SZ, Length: 82, Data: @%SystemRoot%\System32\wship6.dll,-60100
16:32:36;3969691;mysql.exe;2900;QueryOpen;C:\Windows\System32\wship6.dll;FAST IO DISALLOWED;
16:32:36;3970660;mysql.exe;2900;CreateFile;C:\Windows\System32\wship6.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3971794;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\wship6.dll;SUCCESS;CreationTime: 25-01-2010 09:29:50, LastAccessTime: 25-01-2010 09:29:50, LastWriteTime: 18-01-2008 23:37:12, ChangeTime: 25-01-2010 09:58:47, FileAttributes: A
16:32:36;3971890;mysql.exe;2900;CloseFile;C:\Windows\System32\wship6.dll;SUCCESS;
16:32:36;3972319;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;3972541;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;3972695;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;3972810;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\LangID;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1043
16:32:36;3972936;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;3973125;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;3973313;mysql.exe;2900;RegOpenKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;3973458;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;3973572;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\60100,C:\Windows\System32\wship6.dll;SUCCESS;Type: REG_SZ, Length: 46, Data: MSAFD Tcpip [TCP/IPv6]
16:32:36;3973741;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;3973882;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004\ProtocolName;SUCCESS;Type: REG_SZ, Length: 82, Data: @%SystemRoot%\System32\wship6.dll,-60100
16:32:36;3975023;mysql.exe;2900;QueryOpen;C:\Windows\System32\wship6.dll;FAST IO DISALLOWED;
16:32:36;3975999;mysql.exe;2900;CreateFile;C:\Windows\System32\wship6.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3977108;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\wship6.dll;SUCCESS;CreationTime: 25-01-2010 09:29:50, LastAccessTime: 25-01-2010 09:29:50, LastWriteTime: 18-01-2008 23:37:12, ChangeTime: 25-01-2010 09:58:47, FileAttributes: A
16:32:36;3977204;mysql.exe;2900;CloseFile;C:\Windows\System32\wship6.dll;SUCCESS;
16:32:36;3977631;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;3977849;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;3978002;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;3978116;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\LangID;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1043
16:32:36;3978246;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;3978433;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;3978621;mysql.exe;2900;RegOpenKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;3978766;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;3978877;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\60100,C:\Windows\System32\wship6.dll;SUCCESS;Type: REG_SZ, Length: 46, Data: MSAFD Tcpip [TCP/IPv6]
16:32:36;3979008;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;3979144;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000004;SUCCESS;
16:32:36;3979341;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005;SUCCESS;Desired Access: Read
16:32:36;3979570;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;3979737;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;3979863;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005\PackedCatalogItem;SUCCESS;Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73
16:32:36;3980008;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005\ProtocolName;SUCCESS;Type: REG_SZ, Length: 82, Data: @%SystemRoot%\System32\wship6.dll,-60101
16:32:36;3981197;mysql.exe;2900;QueryOpen;C:\Windows\System32\wship6.dll;FAST IO DISALLOWED;
16:32:36;3982161;mysql.exe;2900;CreateFile;C:\Windows\System32\wship6.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3983271;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\wship6.dll;SUCCESS;CreationTime: 25-01-2010 09:29:50, LastAccessTime: 25-01-2010 09:29:50, LastWriteTime: 18-01-2008 23:37:12, ChangeTime: 25-01-2010 09:58:47, FileAttributes: A
16:32:36;3983363;mysql.exe;2900;CloseFile;C:\Windows\System32\wship6.dll;SUCCESS;
16:32:36;3983788;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;3984007;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;3984161;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;3984277;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\LangID;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1043
16:32:36;3984404;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;3984593;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;3984782;mysql.exe;2900;RegOpenKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;3984927;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;3985039;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\60101,C:\Windows\System32\wship6.dll;SUCCESS;Type: REG_SZ, Length: 46, Data: MSAFD Tcpip [UDP/IPv6]
16:32:36;3985182;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;3985326;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005\ProtocolName;SUCCESS;Type: REG_SZ, Length: 82, Data: @%SystemRoot%\System32\wship6.dll,-60101
16:32:36;3986511;mysql.exe;2900;QueryOpen;C:\Windows\System32\wship6.dll;FAST IO DISALLOWED;
16:32:36;3987476;mysql.exe;2900;CreateFile;C:\Windows\System32\wship6.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3988583;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\wship6.dll;SUCCESS;CreationTime: 25-01-2010 09:29:50, LastAccessTime: 25-01-2010 09:29:50, LastWriteTime: 18-01-2008 23:37:12, ChangeTime: 25-01-2010 09:58:47, FileAttributes: A
16:32:36;3988678;mysql.exe;2900;CloseFile;C:\Windows\System32\wship6.dll;SUCCESS;
16:32:36;3989104;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;3989323;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;3989477;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;3989591;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\LangID;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1043
16:32:36;3989719;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;3989907;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;3990095;mysql.exe;2900;RegOpenKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;3990239;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;3990351;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\60101,C:\Windows\System32\wship6.dll;SUCCESS;Type: REG_SZ, Length: 46, Data: MSAFD Tcpip [UDP/IPv6]
16:32:36;3990484;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;3990622;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000005;SUCCESS;
16:32:36;3990769;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006;SUCCESS;Desired Access: Read
16:32:36;3990992;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;3991156;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;3991278;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006\PackedCatalogItem;SUCCESS;Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73
16:32:36;3991420;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006\ProtocolName;SUCCESS;Type: REG_SZ, Length: 82, Data: @%SystemRoot%\System32\wship6.dll,-60102
16:32:36;3992612;mysql.exe;2900;QueryOpen;C:\Windows\System32\wship6.dll;FAST IO DISALLOWED;
16:32:36;3993584;mysql.exe;2900;CreateFile;C:\Windows\System32\wship6.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;3994685;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\wship6.dll;SUCCESS;CreationTime: 25-01-2010 09:29:50, LastAccessTime: 25-01-2010 09:29:50, LastWriteTime: 18-01-2008 23:37:12, ChangeTime: 25-01-2010 09:58:47, FileAttributes: A
16:32:36;3994778;mysql.exe;2900;CloseFile;C:\Windows\System32\wship6.dll;SUCCESS;
16:32:36;3995205;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;3995428;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;3995581;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;3995709;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\LangID;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1043
16:32:36;3995837;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;3996028;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;3996216;mysql.exe;2900;RegOpenKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;3996361;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;3996473;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\60102,C:\Windows\System32\wship6.dll;SUCCESS;Type: REG_SZ, Length: 46, Data: MSAFD Tcpip [RAW/IPv6]
16:32:36;3996617;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;3996759;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006\ProtocolName;SUCCESS;Type: REG_SZ, Length: 82, Data: @%SystemRoot%\System32\wship6.dll,-60102
16:32:36;3997908;mysql.exe;2900;QueryOpen;C:\Windows\System32\wship6.dll;FAST IO DISALLOWED;
16:32:36;3998904;mysql.exe;2900;CreateFile;C:\Windows\System32\wship6.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4000007;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\wship6.dll;SUCCESS;CreationTime: 25-01-2010 09:29:50, LastAccessTime: 25-01-2010 09:29:50, LastWriteTime: 18-01-2008 23:37:12, ChangeTime: 25-01-2010 09:58:47, FileAttributes: A
16:32:36;4000102;mysql.exe;2900;CloseFile;C:\Windows\System32\wship6.dll;SUCCESS;
16:32:36;4000526;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4000741;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4000894;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4001010;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\LangID;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1043
16:32:36;4001139;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4001328;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4001517;mysql.exe;2900;RegOpenKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4001661;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4001770;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\60102,C:\Windows\System32\wship6.dll;SUCCESS;Type: REG_SZ, Length: 46, Data: MSAFD Tcpip [RAW/IPv6]
16:32:36;4001903;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4002041;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000006;SUCCESS;
16:32:36;4002187;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007;SUCCESS;Desired Access: Read
16:32:36;4002415;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4002582;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4002734;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007\PackedCatalogItem;SUCCESS;Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73
16:32:36;4002889;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007\ProtocolName;SUCCESS;Type: REG_SZ, Length: 78, Data: @%SystemRoot%\System32\wshqos.dll,-100
16:32:36;4004066;mysql.exe;2900;QueryOpen;C:\Windows\System32\wshqos.dll;FAST IO DISALLOWED;
16:32:36;4005058;mysql.exe;2900;CreateFile;C:\Windows\System32\wshqos.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4006195;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\wshqos.dll;SUCCESS;CreationTime: 02-11-2006 09:57:33, LastAccessTime: 02-11-2006 11:43:10, LastWriteTime: 02-11-2006 10:46:14, ChangeTime: 25-01-2010 10:16:07, FileAttributes: A
16:32:36;4006289;mysql.exe;2900;CloseFile;C:\Windows\System32\wshqos.dll;SUCCESS;
16:32:36;4006714;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4006935;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4007091;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4007211;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\LangID;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1043
16:32:36;4007339;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4007524;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4007713;mysql.exe;2900;RegOpenKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4007858;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4007969;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\100,C:\Windows\System32\wshqos.dll;SUCCESS;Type: REG_SZ, Length: 54, Data: RSVP TCPv6-serviceprovider
16:32:36;4008117;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4008258;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007\ProtocolName;SUCCESS;Type: REG_SZ, Length: 78, Data: @%SystemRoot%\System32\wshqos.dll,-100
16:32:36;4011211;mysql.exe;2900;QueryOpen;C:\Windows\System32\wshqos.dll;FAST IO DISALLOWED;
16:32:36;4012244;mysql.exe;2900;CreateFile;C:\Windows\System32\wshqos.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4013386;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\wshqos.dll;SUCCESS;CreationTime: 02-11-2006 09:57:33, LastAccessTime: 02-11-2006 11:43:10, LastWriteTime: 02-11-2006 10:46:14, ChangeTime: 25-01-2010 10:16:07, FileAttributes: A
16:32:36;4013481;mysql.exe;2900;CloseFile;C:\Windows\System32\wshqos.dll;SUCCESS;
16:32:36;4013976;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4014215;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4014377;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4014499;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\LangID;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1043
16:32:36;4014635;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4014829;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4015020;mysql.exe;2900;RegOpenKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4015166;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4015277;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\100,C:\Windows\System32\wshqos.dll;SUCCESS;Type: REG_SZ, Length: 54, Data: RSVP TCPv6-serviceprovider
16:32:36;4015414;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4015567;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000007;SUCCESS;
16:32:36;4016193;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008;SUCCESS;Desired Access: Read
16:32:36;4016440;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4016620;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4016742;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008\PackedCatalogItem;SUCCESS;Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73
16:32:36;4016887;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008\ProtocolName;SUCCESS;Type: REG_SZ, Length: 78, Data: @%SystemRoot%\System32\wshqos.dll,-101
16:32:36;4018150;mysql.exe;2900;QueryOpen;C:\Windows\System32\wshqos.dll;FAST IO DISALLOWED;
16:32:36;4019725;mysql.exe;2900;CreateFile;C:\Windows\System32\wshqos.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4020896;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\wshqos.dll;SUCCESS;CreationTime: 02-11-2006 09:57:33, LastAccessTime: 02-11-2006 11:43:10, LastWriteTime: 02-11-2006 10:46:14, ChangeTime: 25-01-2010 10:16:07, FileAttributes: A
16:32:36;4020992;mysql.exe;2900;CloseFile;C:\Windows\System32\wshqos.dll;SUCCESS;
16:32:36;4021451;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4021687;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4021845;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4021964;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\LangID;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1043
16:32:36;4022094;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4022285;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4022477;mysql.exe;2900;RegOpenKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4022625;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4022736;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\101,C:\Windows\System32\wshqos.dll;SUCCESS;Type: REG_SZ, Length: 50, Data: RSVP TCP-serviceprovider
16:32:36;4022885;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4023034;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008\ProtocolName;SUCCESS;Type: REG_SZ, Length: 78, Data: @%SystemRoot%\System32\wshqos.dll,-101
16:32:36;4024198;mysql.exe;2900;QueryOpen;C:\Windows\System32\wshqos.dll;FAST IO DISALLOWED;
16:32:36;4025180;mysql.exe;2900;CreateFile;C:\Windows\System32\wshqos.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4026342;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\wshqos.dll;SUCCESS;CreationTime: 02-11-2006 09:57:33, LastAccessTime: 02-11-2006 11:43:10, LastWriteTime: 02-11-2006 10:46:14, ChangeTime: 25-01-2010 10:16:07, FileAttributes: A
16:32:36;4026436;mysql.exe;2900;CloseFile;C:\Windows\System32\wshqos.dll;SUCCESS;
16:32:36;4026878;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4027102;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4027259;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4027375;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\LangID;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1043
16:32:36;4027503;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4027691;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4027882;mysql.exe;2900;RegOpenKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4028032;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4028144;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\101,C:\Windows\System32\wshqos.dll;SUCCESS;Type: REG_SZ, Length: 50, Data: RSVP TCP-serviceprovider
16:32:36;4028279;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4028422;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000008;SUCCESS;
16:32:36;4028577;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009;SUCCESS;Desired Access: Read
16:32:36;4028806;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4028978;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4029102;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009\PackedCatalogItem;SUCCESS;Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73
16:32:36;4029245;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009\ProtocolName;SUCCESS;Type: REG_SZ, Length: 78, Data: @%SystemRoot%\System32\wshqos.dll,-102
16:32:36;4030424;mysql.exe;2900;QueryOpen;C:\Windows\System32\wshqos.dll;FAST IO DISALLOWED;
16:32:36;4031399;mysql.exe;2900;CreateFile;C:\Windows\System32\wshqos.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4032552;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\wshqos.dll;SUCCESS;CreationTime: 02-11-2006 09:57:33, LastAccessTime: 02-11-2006 11:43:10, LastWriteTime: 02-11-2006 10:46:14, ChangeTime: 25-01-2010 10:16:07, FileAttributes: A
16:32:36;4032646;mysql.exe;2900;CloseFile;C:\Windows\System32\wshqos.dll;SUCCESS;
16:32:36;4033072;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4033295;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4033453;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4033570;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\LangID;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1043
16:32:36;4033700;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4033887;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4034076;mysql.exe;2900;RegOpenKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4034224;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4034337;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\102,C:\Windows\System32\wshqos.dll;SUCCESS;Type: REG_SZ, Length: 54, Data: RSVP UDPv6-serviceprovider
16:32:36;4034488;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4034634;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009\ProtocolName;SUCCESS;Type: REG_SZ, Length: 78, Data: @%SystemRoot%\System32\wshqos.dll,-102
16:32:36;4035793;mysql.exe;2900;QueryOpen;C:\Windows\System32\wshqos.dll;FAST IO DISALLOWED;
16:32:36;4036773;mysql.exe;2900;CreateFile;C:\Windows\System32\wshqos.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4037919;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\wshqos.dll;SUCCESS;CreationTime: 02-11-2006 09:57:33, LastAccessTime: 02-11-2006 11:43:10, LastWriteTime: 02-11-2006 10:46:14, ChangeTime: 25-01-2010 10:16:07, FileAttributes: A
16:32:36;4038014;mysql.exe;2900;CloseFile;C:\Windows\System32\wshqos.dll;SUCCESS;
16:32:36;4038444;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4038666;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4038821;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4038935;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\LangID;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1043
16:32:36;4039064;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4039250;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4039442;mysql.exe;2900;RegOpenKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4039592;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4039705;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\102,C:\Windows\System32\wshqos.dll;SUCCESS;Type: REG_SZ, Length: 54, Data: RSVP UDPv6-serviceprovider
16:32:36;4039841;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4039983;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000009;SUCCESS;
16:32:36;4040135;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010;SUCCESS;Desired Access: Read
16:32:36;4040368;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4040554;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4040680;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010\PackedCatalogItem;SUCCESS;Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73
16:32:36;4040825;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010\ProtocolName;SUCCESS;Type: REG_SZ, Length: 78, Data: @%SystemRoot%\System32\wshqos.dll,-103
16:32:36;4042267;mysql.exe;2900;QueryOpen;C:\Windows\System32\wshqos.dll;FAST IO DISALLOWED;
16:32:36;4043324;mysql.exe;2900;CreateFile;C:\Windows\System32\wshqos.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4044484;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\wshqos.dll;SUCCESS;CreationTime: 02-11-2006 09:57:33, LastAccessTime: 02-11-2006 11:43:10, LastWriteTime: 02-11-2006 10:46:14, ChangeTime: 25-01-2010 10:16:07, FileAttributes: A
16:32:36;4044584;mysql.exe;2900;CloseFile;C:\Windows\System32\wshqos.dll;SUCCESS;
16:32:36;4045031;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4045257;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4045418;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4045614;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\LangID;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1043
16:32:36;4045841;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4046037;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4046234;mysql.exe;2900;RegOpenKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4046381;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4046496;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\103,C:\Windows\System32\wshqos.dll;SUCCESS;Type: REG_SZ, Length: 50, Data: RSVP UDP-serviceprovider
16:32:36;4046909;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4047063;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010\ProtocolName;SUCCESS;Type: REG_SZ, Length: 78, Data: @%SystemRoot%\System32\wshqos.dll,-103
16:32:36;4048426;mysql.exe;2900;QueryOpen;C:\Windows\System32\wshqos.dll;FAST IO DISALLOWED;
16:32:36;4049650;mysql.exe;2900;CreateFile;C:\Windows\System32\wshqos.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4062955;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\wshqos.dll;SUCCESS;CreationTime: 02-11-2006 09:57:33, LastAccessTime: 02-11-2006 11:43:10, LastWriteTime: 02-11-2006 10:46:14, ChangeTime: 25-01-2010 10:16:07, FileAttributes: A
16:32:36;4063122;mysql.exe;2900;CloseFile;C:\Windows\System32\wshqos.dll;SUCCESS;
16:32:36;4064025;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4064393;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4064578;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4064722;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\LangID;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1043
16:32:36;4064875;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4065079;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4065276;mysql.exe;2900;RegOpenKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4065426;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4065544;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\103,C:\Windows\System32\wshqos.dll;SUCCESS;Type: REG_SZ, Length: 50, Data: RSVP UDP-serviceprovider
16:32:36;4065707;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4065912;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000010;SUCCESS;
16:32:36;4066239;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011;SUCCESS;Desired Access: Read
16:32:36;4066513;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4066717;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4066849;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011\PackedCatalogItem;SUCCESS;Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73
16:32:36;4066998;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011\ProtocolName;BUFFER OVERFLOW;Length: 144
16:32:36;4067134;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011\ProtocolName;SUCCESS;Type: REG_SZ, Length: 174, Data: MSAFD NetBIOS [\Device\NetBT_Tcpip_{AADB4201-706C-46AA-8ED4-EF6457632BFA}] SEQPACKET 0
16:32:36;4067347;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011;SUCCESS;
16:32:36;4067494;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012;SUCCESS;Desired Access: Read
16:32:36;4067725;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4067975;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4068100;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012\PackedCatalogItem;SUCCESS;Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73
16:32:36;4068241;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012\ProtocolName;BUFFER OVERFLOW;Length: 144
16:32:36;4068376;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012\ProtocolName;SUCCESS;Type: REG_SZ, Length: 172, Data: MSAFD NetBIOS [\Device\NetBT_Tcpip_{AADB4201-706C-46AA-8ED4-EF6457632BFA}] DATAGRAM 0
16:32:36;4068548;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012;SUCCESS;
16:32:36;4068693;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013;SUCCESS;Desired Access: Read
16:32:36;4068914;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4069089;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4069213;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013\PackedCatalogItem;SUCCESS;Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73
16:32:36;4069355;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013\ProtocolName;BUFFER OVERFLOW;Length: 144
16:32:36;4070771;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013\ProtocolName;SUCCESS;Type: REG_SZ, Length: 174, Data: MSAFD NetBIOS [\Device\NetBT_Tcpip_{21E730DD-B174-4422-BAB4-2506F5680526}] SEQPACKET 4
16:32:36;4071034;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013;SUCCESS;
16:32:36;4071188;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000014;SUCCESS;Desired Access: Read
16:32:36;4071416;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000014\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4071585;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000014\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4071718;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000014\PackedCatalogItem;SUCCESS;Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73
16:32:36;4071859;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000014\ProtocolName;BUFFER OVERFLOW;Length: 144
16:32:36;4071995;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000014\ProtocolName;SUCCESS;Type: REG_SZ, Length: 172, Data: MSAFD NetBIOS [\Device\NetBT_Tcpip_{21E730DD-B174-4422-BAB4-2506F5680526}] DATAGRAM 4
16:32:36;4072164;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000014;SUCCESS;
16:32:36;4072309;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000015;SUCCESS;Desired Access: Read
16:32:36;4072547;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000015\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4072734;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000015\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4072860;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000015\PackedCatalogItem;SUCCESS;Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73
16:32:36;4073000;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000015\ProtocolName;BUFFER OVERFLOW;Length: 144
16:32:36;4073138;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000015\ProtocolName;SUCCESS;Type: REG_SZ, Length: 176, Data: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{60D6F047-397E-4110-A007-D2C69685146D}] SEQPACKET 2
16:32:36;4073306;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000015;SUCCESS;
16:32:36;4073491;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000016;SUCCESS;Desired Access: Read
16:32:36;4073723;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000016\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4073898;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000016\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4074022;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000016\PackedCatalogItem;SUCCESS;Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73
16:32:36;4074165;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000016\ProtocolName;BUFFER OVERFLOW;Length: 144
16:32:36;4074303;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000016\ProtocolName;SUCCESS;Type: REG_SZ, Length: 174, Data: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{60D6F047-397E-4110-A007-D2C69685146D}] DATAGRAM 2
16:32:36;4074478;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000016;SUCCESS;
16:32:36;4074617;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000017;SUCCESS;Desired Access: Read
16:32:36;4074836;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000017\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4075003;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000017\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4075129;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000017\PackedCatalogItem;SUCCESS;Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73
16:32:36;4075273;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000017\ProtocolName;BUFFER OVERFLOW;Length: 144
16:32:36;4075411;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000017\ProtocolName;SUCCESS;Type: REG_SZ, Length: 176, Data: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{D4DA38A2-1E95-4FD8-A7CB-2B89159AD921}] SEQPACKET 3
16:32:36;4075584;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000017;SUCCESS;
16:32:36;4075879;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000018;SUCCESS;Desired Access: Read
16:32:36;4076115;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000018\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4076297;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000018\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4076421;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000018\PackedCatalogItem;SUCCESS;Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73
16:32:36;4076611;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000018\ProtocolName;BUFFER OVERFLOW;Length: 144
16:32:36;4076748;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000018\ProtocolName;SUCCESS;Type: REG_SZ, Length: 174, Data: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{D4DA38A2-1E95-4FD8-A7CB-2B89159AD921}] DATAGRAM 3
16:32:36;4076965;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000018;SUCCESS;
16:32:36;4077111;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000019;SUCCESS;Desired Access: Read
16:32:36;4077345;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000019\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4077527;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000019\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4077651;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000019\PackedCatalogItem;SUCCESS;Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73
16:32:36;4077794;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000019\ProtocolName;BUFFER OVERFLOW;Length: 144
16:32:36;4077928;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000019\ProtocolName;SUCCESS;Type: REG_SZ, Length: 176, Data: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{024CFA64-4D79-4CBC-BDCE-5F10F831A2E1}] SEQPACKET 6
16:32:36;4078103;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000019;SUCCESS;
16:32:36;4078241;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000020;SUCCESS;Desired Access: Read
16:32:36;4078457;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000020\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4078637;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000020\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4078761;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000020\PackedCatalogItem;SUCCESS;Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73
16:32:36;4078904;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000020\ProtocolName;BUFFER OVERFLOW;Length: 144
16:32:36;4079044;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000020\ProtocolName;SUCCESS;Type: REG_SZ, Length: 174, Data: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{024CFA64-4D79-4CBC-BDCE-5F10F831A2E1}] DATAGRAM 6
16:32:36;4079214;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000020;SUCCESS;
16:32:36;4079395;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000021;SUCCESS;Desired Access: Read
16:32:36;4079610;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000021\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4079791;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000021\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4079916;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000021\PackedCatalogItem;SUCCESS;Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73
16:32:36;4080057;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000021\ProtocolName;BUFFER OVERFLOW;Length: 144
16:32:36;4080196;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000021\ProtocolName;SUCCESS;Type: REG_SZ, Length: 176, Data: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{AADB4201-706C-46AA-8ED4-EF6457632BFA}] SEQPACKET 1
16:32:36;4080370;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000021;SUCCESS;
16:32:36;4080509;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000022;SUCCESS;Desired Access: Read
16:32:36;4080731;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000022\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4080905;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000022\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4081030;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000022\PackedCatalogItem;SUCCESS;Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73
16:32:36;4081171;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000022\ProtocolName;BUFFER OVERFLOW;Length: 144
16:32:36;4081308;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000022\ProtocolName;SUCCESS;Type: REG_SZ, Length: 174, Data: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{AADB4201-706C-46AA-8ED4-EF6457632BFA}] DATAGRAM 1
16:32:36;4081481;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000022;SUCCESS;
16:32:36;4081657;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000023;SUCCESS;Desired Access: Read
16:32:36;4081893;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000023\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4082068;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000023\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4082192;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000023\PackedCatalogItem;SUCCESS;Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73
16:32:36;4082335;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000023\ProtocolName;BUFFER OVERFLOW;Length: 144
16:32:36;4082477;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000023\ProtocolName;SUCCESS;Type: REG_SZ, Length: 176, Data: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{21E730DD-B174-4422-BAB4-2506F5680526}] SEQPACKET 5
16:32:36;4082650;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000023;SUCCESS;
16:32:36;4082790;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000024;SUCCESS;Desired Access: Read
16:32:36;4083020;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000024\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4083202;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000024\PackedCatalogItem;BUFFER OVERFLOW;Length: 144
16:32:36;4083328;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000024\PackedCatalogItem;SUCCESS;Type: REG_BINARY, Length: 888, Data: 25 53 79 73 74 65 6D 52 6F 6F 74 25 5C 73 79 73
16:32:36;4083472;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000024\ProtocolName;BUFFER OVERFLOW;Length: 144
16:32:36;4083612;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000024\ProtocolName;SUCCESS;Type: REG_SZ, Length: 174, Data: MSAFD NetBIOS [\Device\NetBT_Tcpip6_{21E730DD-B174-4422-BAB4-2506F5680526}] DATAGRAM 5
16:32:36;4083828;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000024;SUCCESS;
16:32:36;4083952;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries;SUCCESS;
16:32:36;4084225;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5;SUCCESS;Desired Access: Maximum Allowed, Granted Access: Read
16:32:36;4084436;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Serial_Access_Num;SUCCESS;Type: REG_DWORD, Length: 4, Data: 16
16:32:36;4085032;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Serial_Access_Num;SUCCESS;Type: REG_DWORD, Length: 4, Data: 16
16:32:36;4085191;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\00000010;NAME NOT FOUND;Desired Access: Read
16:32:36;4085336;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Num_Catalog_Entries;SUCCESS;Type: REG_DWORD, Length: 4, Data: 6
16:32:36;4085471;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries;SUCCESS;Desired Access: Maximum Allowed, Granted Access: Read
16:32:36;4085685;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001;SUCCESS;Desired Access: Read
16:32:36;4085920;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\LibraryPath;SUCCESS;Type: REG_SZ, Length: 66, Data: %SystemRoot%\system32\NLAapi.dll
16:32:36;4086083;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\LibraryPath;SUCCESS;Type: REG_SZ, Length: 66, Data: %SystemRoot%\system32\NLAapi.dll
16:32:36;4086240;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\DisplayString;SUCCESS;Type: REG_SZ, Length: 80, Data: @%SystemRoot%\system32\nlasvc.dll,-1000
16:32:36;4088789;mysql.exe;2900;QueryOpen;C:\Windows\System32\nlasvc.dll;FAST IO DISALLOWED;
16:32:36;4089885;mysql.exe;2900;CreateFile;C:\Windows\System32\nlasvc.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4091196;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\nlasvc.dll;SUCCESS;CreationTime: 25-01-2010 09:30:19, LastAccessTime: 25-01-2010 09:30:19, LastWriteTime: 18-01-2008 23:35:40, ChangeTime: 25-01-2010 09:59:00, FileAttributes: A
16:32:36;4091307;mysql.exe;2900;CloseFile;C:\Windows\System32\nlasvc.dll;SUCCESS;
16:32:36;4091861;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4092185;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4092383;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4092532;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\LangID;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1043
16:32:36;4092692;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4093571;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4093808;mysql.exe;2900;RegOpenKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4093968;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4094084;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\1000,C:\Windows\system32\nlasvc.dll;SUCCESS;Type: REG_SZ, Length: 106, Data: NLAv1-naamruimte (Network Location Awareness Legacy)
16:32:36;4094280;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4094470;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\DisplayString;SUCCESS;Type: REG_SZ, Length: 80, Data: @%SystemRoot%\system32\nlasvc.dll,-1000
16:32:36;4096668;mysql.exe;2900;QueryOpen;C:\Windows\System32\nlasvc.dll;FAST IO DISALLOWED;
16:32:36;4098007;mysql.exe;2900;CreateFile;C:\Windows\System32\nlasvc.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4099338;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\nlasvc.dll;SUCCESS;CreationTime: 25-01-2010 09:30:19, LastAccessTime: 25-01-2010 09:30:19, LastWriteTime: 18-01-2008 23:35:40, ChangeTime: 25-01-2010 09:59:00, FileAttributes: A
16:32:36;4099434;mysql.exe;2900;CloseFile;C:\Windows\System32\nlasvc.dll;SUCCESS;
16:32:36;4099895;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4100136;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4100289;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4100406;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\LangID;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1043
16:32:36;4100536;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4100725;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4100918;mysql.exe;2900;RegOpenKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4101063;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4101176;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\1000,C:\Windows\system32\nlasvc.dll;SUCCESS;Type: REG_SZ, Length: 106, Data: NLAv1-naamruimte (Network Location Awareness Legacy)
16:32:36;4101311;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4101455;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\DisplayString;SUCCESS;Type: REG_SZ, Length: 80, Data: @%SystemRoot%\system32\nlasvc.dll,-1000
16:32:36;4101588;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\DisplayString;SUCCESS;Type: REG_SZ, Length: 80, Data: @%SystemRoot%\system32\nlasvc.dll,-1000
16:32:36;4101734;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\DisplayString;SUCCESS;Type: REG_SZ, Length: 80, Data: @%SystemRoot%\system32\nlasvc.dll,-1000
16:32:36;4101862;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\DisplayString;SUCCESS;Type: REG_SZ, Length: 80, Data: @%SystemRoot%\system32\nlasvc.dll,-1000
16:32:36;4102018;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\ProviderId;SUCCESS;Type: REG_BINARY, Length: 16, Data: 3A 24 42 66 A8 3B A6 4A BA A5 2E 0B D7 1F DD 83
16:32:36;4102161;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\AddressFamily;NAME NOT FOUND;Length: 144
16:32:36;4102312;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\SupportedNameSpace;SUCCESS;Type: REG_DWORD, Length: 4, Data: 15
16:32:36;4102449;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\Enabled;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1
16:32:36;4102578;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\Version;SUCCESS;Type: REG_DWORD, Length: 4, Data: 0
16:32:36;4102710;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\StoresServiceClassInfo;SUCCESS;Type: REG_DWORD, Length: 4, Data: 0
16:32:36;4102844;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\ProviderInfo;SUCCESS;Type: REG_BINARY, Length: 0
16:32:36;4102979;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001\ProviderInfo;SUCCESS;Type: REG_BINARY, Length: 0
16:32:36;4103110;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000001;SUCCESS;
16:32:36;4103275;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002;SUCCESS;Desired Access: Read
16:32:36;4103510;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\LibraryPath;SUCCESS;Type: REG_SZ, Length: 68, Data: %SystemRoot%\system32\napinsp.dll
16:32:36;4103669;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\LibraryPath;SUCCESS;Type: REG_SZ, Length: 68, Data: %SystemRoot%\system32\napinsp.dll
16:32:36;4103816;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\DisplayString;SUCCESS;Type: REG_SZ, Length: 82, Data: @%SystemRoot%\system32\napinsp.dll,-1000
16:32:36;4105028;mysql.exe;2900;QueryOpen;C:\Windows\System32\NapiNSP.dll;FAST IO DISALLOWED;
16:32:36;4106191;mysql.exe;2900;CreateFile;C:\Windows\System32\NapiNSP.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4107575;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\NapiNSP.dll;SUCCESS;CreationTime: 25-01-2010 09:30:29, LastAccessTime: 25-01-2010 09:30:29, LastWriteTime: 18-01-2008 23:35:36, ChangeTime: 25-01-2010 09:58:48, FileAttributes: A
16:32:36;4107775;mysql.exe;2900;CloseFile;C:\Windows\System32\NapiNSP.dll;SUCCESS;
16:32:36;4108305;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4108594;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4108756;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4108877;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\LangID;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1043
16:32:36;4109011;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4109206;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4109405;mysql.exe;2900;RegOpenKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4109556;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4109674;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\1000,C:\Windows\system32\napinsp.dll;SUCCESS;Type: REG_SZ, Length: 60, Data: Shim-provider van e-mailnamen
16:32:36;4109892;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4110045;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\DisplayString;SUCCESS;Type: REG_SZ, Length: 82, Data: @%SystemRoot%\system32\napinsp.dll,-1000
16:32:36;4111565;mysql.exe;2900;QueryOpen;C:\Windows\System32\NapiNSP.dll;FAST IO DISALLOWED;
16:32:36;4112639;mysql.exe;2900;CreateFile;C:\Windows\System32\NapiNSP.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4114087;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\NapiNSP.dll;SUCCESS;CreationTime: 25-01-2010 09:30:29, LastAccessTime: 25-01-2010 09:30:29, LastWriteTime: 18-01-2008 23:35:36, ChangeTime: 25-01-2010 09:58:48, FileAttributes: A
16:32:36;4114187;mysql.exe;2900;CloseFile;C:\Windows\System32\NapiNSP.dll;SUCCESS;
16:32:36;4114629;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4114856;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4115013;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4115127;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\LangID;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1043
16:32:36;4115310;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4115512;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4115736;mysql.exe;2900;RegOpenKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4115983;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4116148;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\1000,C:\Windows\system32\napinsp.dll;SUCCESS;Type: REG_SZ, Length: 60, Data: Shim-provider van e-mailnamen
16:32:36;4116321;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4116513;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\DisplayString;SUCCESS;Type: REG_SZ, Length: 82, Data: @%SystemRoot%\system32\napinsp.dll,-1000
16:32:36;4116657;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\DisplayString;SUCCESS;Type: REG_SZ, Length: 82, Data: @%SystemRoot%\system32\napinsp.dll,-1000
16:32:36;4116802;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\DisplayString;SUCCESS;Type: REG_SZ, Length: 82, Data: @%SystemRoot%\system32\napinsp.dll,-1000
16:32:36;4116933;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\DisplayString;SUCCESS;Type: REG_SZ, Length: 82, Data: @%SystemRoot%\system32\napinsp.dll,-1000
16:32:36;4117082;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\ProviderId;SUCCESS;Type: REG_BINARY, Length: 16, Data: A2 CB 4A 96 BC B2 EB 40 8C 6A A6 DB 40 16 1C AE
16:32:36;4117228;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\AddressFamily;NAME NOT FOUND;Length: 144
16:32:36;4117381;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\SupportedNameSpace;SUCCESS;Type: REG_DWORD, Length: 4, Data: 37
16:32:36;4117521;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\Enabled;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1
16:32:36;4117707;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\Version;SUCCESS;Type: REG_DWORD, Length: 4, Data: 0
16:32:36;4117846;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\StoresServiceClassInfo;SUCCESS;Type: REG_DWORD, Length: 4, Data: 0
16:32:36;4117979;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\ProviderInfo;SUCCESS;Type: REG_BINARY, Length: 0
16:32:36;4118115;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002\ProviderInfo;SUCCESS;Type: REG_BINARY, Length: 0
16:32:36;4118243;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000002;SUCCESS;
16:32:36;4118398;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003;SUCCESS;Desired Access: Read
16:32:36;4118737;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\LibraryPath;SUCCESS;Type: REG_SZ, Length: 68, Data: %SystemRoot%\system32\pnrpnsp.dll
16:32:36;4118949;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\LibraryPath;SUCCESS;Type: REG_SZ, Length: 68, Data: %SystemRoot%\system32\pnrpnsp.dll
16:32:36;4119103;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\DisplayString;SUCCESS;Type: REG_SZ, Length: 82, Data: @%SystemRoot%\system32\pnrpnsp.dll,-1000
16:32:36;4120368;mysql.exe;2900;QueryOpen;C:\Windows\System32\pnrpnsp.dll;FAST IO DISALLOWED;
16:32:36;4121358;mysql.exe;2900;CreateFile;C:\Windows\System32\pnrpnsp.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4122542;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\pnrpnsp.dll;SUCCESS;CreationTime: 25-01-2010 09:30:12, LastAccessTime: 25-01-2010 09:30:12, LastWriteTime: 18-01-2008 23:36:08, ChangeTime: 25-01-2010 09:58:59, FileAttributes: A
16:32:36;4122641;mysql.exe;2900;CloseFile;C:\Windows\System32\pnrpnsp.dll;SUCCESS;
16:32:36;4123080;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4123304;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4123462;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4123583;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\LangID;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1043
16:32:36;4123713;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4123901;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4124087;mysql.exe;2900;RegOpenKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4124233;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4124346;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\1000,C:\Windows\system32\pnrpnsp.dll;SUCCESS;Type: REG_SZ, Length: 68, Data: Provider van PNRP-wolknaamruimten
16:32:36;4124501;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4124706;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\DisplayString;SUCCESS;Type: REG_SZ, Length: 82, Data: @%SystemRoot%\system32\pnrpnsp.dll,-1000
16:32:36;4125882;mysql.exe;2900;QueryOpen;C:\Windows\System32\pnrpnsp.dll;FAST IO DISALLOWED;
16:32:36;4126866;mysql.exe;2900;CreateFile;C:\Windows\System32\pnrpnsp.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4128018;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\pnrpnsp.dll;SUCCESS;CreationTime: 25-01-2010 09:30:12, LastAccessTime: 25-01-2010 09:30:12, LastWriteTime: 18-01-2008 23:36:08, ChangeTime: 25-01-2010 09:58:59, FileAttributes: A
16:32:36;4128113;mysql.exe;2900;CloseFile;C:\Windows\System32\pnrpnsp.dll;SUCCESS;
16:32:36;4128546;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4128764;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4128918;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4129037;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\LangID;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1043
16:32:36;4129166;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4129358;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4129548;mysql.exe;2900;RegOpenKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4129695;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4129808;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\1000,C:\Windows\system32\pnrpnsp.dll;SUCCESS;Type: REG_SZ, Length: 68, Data: Provider van PNRP-wolknaamruimten
16:32:36;4129945;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4130083;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\DisplayString;SUCCESS;Type: REG_SZ, Length: 82, Data: @%SystemRoot%\system32\pnrpnsp.dll,-1000
16:32:36;4130219;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\DisplayString;SUCCESS;Type: REG_SZ, Length: 82, Data: @%SystemRoot%\system32\pnrpnsp.dll,-1000
16:32:36;4130362;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\DisplayString;SUCCESS;Type: REG_SZ, Length: 82, Data: @%SystemRoot%\system32\pnrpnsp.dll,-1000
16:32:36;4130493;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\DisplayString;SUCCESS;Type: REG_SZ, Length: 82, Data: @%SystemRoot%\system32\pnrpnsp.dll,-1000
16:32:36;4130639;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\ProviderId;SUCCESS;Type: REG_BINARY, Length: 16, Data: CE 89 FE 03 6D 76 76 49 B9 C1 BB 9B C4 2C 7B 4D
16:32:36;4130782;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\AddressFamily;NAME NOT FOUND;Length: 144
16:32:36;4130939;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\SupportedNameSpace;SUCCESS;Type: REG_DWORD, Length: 4, Data: 39
16:32:36;4131073;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\Enabled;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1
16:32:36;4131201;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\Version;SUCCESS;Type: REG_DWORD, Length: 4, Data: 0
16:32:36;4131335;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\StoresServiceClassInfo;SUCCESS;Type: REG_DWORD, Length: 4, Data: 0
16:32:36;4131465;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\ProviderInfo;SUCCESS;Type: REG_BINARY, Length: 0
16:32:36;4131625;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003\ProviderInfo;SUCCESS;Type: REG_BINARY, Length: 0
16:32:36;4131769;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000003;SUCCESS;
16:32:36;4131926;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004;SUCCESS;Desired Access: Read
16:32:36;4132165;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004\LibraryPath;SUCCESS;Type: REG_SZ, Length: 68, Data: %SystemRoot%\system32\pnrpnsp.dll
16:32:36;4132326;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004\LibraryPath;SUCCESS;Type: REG_SZ, Length: 68, Data: %SystemRoot%\system32\pnrpnsp.dll
16:32:36;4132475;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004\DisplayString;SUCCESS;Type: REG_SZ, Length: 82, Data: @%SystemRoot%\system32\pnrpnsp.dll,-1001
16:32:36;4133706;mysql.exe;2900;QueryOpen;C:\Windows\System32\pnrpnsp.dll;FAST IO DISALLOWED;
16:32:36;4140336;mysql.exe;2900;CreateFile;C:\Windows\System32\pnrpnsp.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4141627;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\pnrpnsp.dll;SUCCESS;CreationTime: 25-01-2010 09:30:12, LastAccessTime: 25-01-2010 09:30:12, LastWriteTime: 18-01-2008 23:36:08, ChangeTime: 25-01-2010 09:58:59, FileAttributes: A
16:32:36;4141732;mysql.exe;2900;CloseFile;C:\Windows\System32\pnrpnsp.dll;SUCCESS;
16:32:36;4142204;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4142453;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4142616;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4142734;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\LangID;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1043
16:32:36;4142874;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4143130;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4143432;mysql.exe;2900;RegOpenKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4143639;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4143766;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\1001,C:\Windows\system32\pnrpnsp.dll;SUCCESS;Type: REG_SZ, Length: 60, Data: Provider van PNRP-naamruimten
16:32:36;4143929;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4144576;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004\DisplayString;SUCCESS;Type: REG_SZ, Length: 82, Data: @%SystemRoot%\system32\pnrpnsp.dll,-1001
16:32:36;4146040;mysql.exe;2900;QueryOpen;C:\Windows\System32\pnrpnsp.dll;FAST IO DISALLOWED;
16:32:36;4147248;mysql.exe;2900;CreateFile;C:\Windows\System32\pnrpnsp.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4148435;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\pnrpnsp.dll;SUCCESS;CreationTime: 25-01-2010 09:30:12, LastAccessTime: 25-01-2010 09:30:12, LastWriteTime: 18-01-2008 23:36:08, ChangeTime: 25-01-2010 09:58:59, FileAttributes: A
16:32:36;4148533;mysql.exe;2900;CloseFile;C:\Windows\System32\pnrpnsp.dll;SUCCESS;
16:32:36;4149021;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4149255;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4149415;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4149533;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\LangID;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1043
16:32:36;4149666;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4149864;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4150058;mysql.exe;2900;RegOpenKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4150207;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4150323;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\1001,C:\Windows\system32\pnrpnsp.dll;SUCCESS;Type: REG_SZ, Length: 60, Data: Provider van PNRP-naamruimten
16:32:36;4150462;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4150608;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004\DisplayString;SUCCESS;Type: REG_SZ, Length: 82, Data: @%SystemRoot%\system32\pnrpnsp.dll,-1001
16:32:36;4150746;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004\DisplayString;SUCCESS;Type: REG_SZ, Length: 82, Data: @%SystemRoot%\system32\pnrpnsp.dll,-1001
16:32:36;4150926;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004\DisplayString;SUCCESS;Type: REG_SZ, Length: 82, Data: @%SystemRoot%\system32\pnrpnsp.dll,-1001
16:32:36;4151061;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004\DisplayString;SUCCESS;Type: REG_SZ, Length: 82, Data: @%SystemRoot%\system32\pnrpnsp.dll,-1001
16:32:36;4151210;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004\ProviderId;SUCCESS;Type: REG_BINARY, Length: 16, Data: CD 89 FE 03 6D 76 76 49 B9 C1 BB 9B C4 2C 7B 4D
16:32:36;4151358;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004\AddressFamily;NAME NOT FOUND;Length: 144
16:32:36;4151513;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004\SupportedNameSpace;SUCCESS;Type: REG_DWORD, Length: 4, Data: 38
16:32:36;4151651;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004\Enabled;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1
16:32:36;4151777;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004\Version;SUCCESS;Type: REG_DWORD, Length: 4, Data: 0
16:32:36;4151960;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004\StoresServiceClassInfo;SUCCESS;Type: REG_DWORD, Length: 4, Data: 0
16:32:36;4152115;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004\ProviderInfo;SUCCESS;Type: REG_BINARY, Length: 0
16:32:36;4152314;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004\ProviderInfo;SUCCESS;Type: REG_BINARY, Length: 0
16:32:36;4152543;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000004;SUCCESS;
16:32:36;4152721;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000005;SUCCESS;Desired Access: Read
16:32:36;4153007;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000005\LibraryPath;SUCCESS;Type: REG_SZ, Length: 68, Data: %SystemRoot%\System32\mswsock.dll
16:32:36;4153167;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000005\LibraryPath;SUCCESS;Type: REG_SZ, Length: 68, Data: %SystemRoot%\System32\mswsock.dll
16:32:36;4153364;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000005\DisplayString;SUCCESS;Type: REG_SZ, Length: 86, Data: @%SystemRoot%\system32\wshtcpip.dll,-60103
16:32:36;4154956;mysql.exe;2900;QueryOpen;C:\Windows\System32\WSHTCPIP.DLL;FAST IO DISALLOWED;
16:32:36;4156206;mysql.exe;2900;CreateFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4157404;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;CreationTime: 25-01-2010 09:29:50, LastAccessTime: 25-01-2010 09:29:50, LastWriteTime: 18-01-2008 23:37:12, ChangeTime: 25-01-2010 09:58:51, FileAttributes: A
16:32:36;4157501;mysql.exe;2900;CloseFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;
16:32:36;4157938;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4158171;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4158330;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4158451;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\LangID;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1043
16:32:36;4158586;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4158784;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4158980;mysql.exe;2900;RegOpenKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4159127;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4159243;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\60103,C:\Windows\system32\wshtcpip.dll;SUCCESS;Type: REG_SZ, Length: 12, Data: Tcpip
16:32:36;4159402;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4159549;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000005\DisplayString;SUCCESS;Type: REG_SZ, Length: 86, Data: @%SystemRoot%\system32\wshtcpip.dll,-60103
16:32:36;4160911;mysql.exe;2900;QueryOpen;C:\Windows\System32\WSHTCPIP.DLL;FAST IO DISALLOWED;
16:32:36;4161939;mysql.exe;2900;CreateFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4163134;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;CreationTime: 25-01-2010 09:29:50, LastAccessTime: 25-01-2010 09:29:50, LastWriteTime: 18-01-2008 23:37:12, ChangeTime: 25-01-2010 09:58:51, FileAttributes: A
16:32:36;4163233;mysql.exe;2900;CloseFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;
16:32:36;4163678;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4163905;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4164113;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4164240;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\LangID;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1043
16:32:36;4164375;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4164572;mysql.exe;2900;RegCreateKey;HKCU\Software\Classes\Local Settings;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;4164766;mysql.exe;2900;RegOpenKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;Desired Access: Query Value
16:32:36;4164915;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings;SUCCESS;
16:32:36;4165030;mysql.exe;2900;RegQueryValue;HKCU\Software\Classes\Local Settings\RegMuiCache\60103,C:\Windows\system32\wshtcpip.dll;SUCCESS;Type: REG_SZ, Length: 12, Data: Tcpip
16:32:36;4165173;mysql.exe;2900;RegCloseKey;HKCU\Software\Classes\Local Settings\RegMuiCache;SUCCESS;
16:32:36;4165311;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000005\DisplayString;SUCCESS;Type: REG_SZ, Length: 86, Data: @%SystemRoot%\system32\wshtcpip.dll,-60103
16:32:36;4165482;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000005\DisplayString;SUCCESS;Type: REG_SZ, Length: 86, Data: @%SystemRoot%\system32\wshtcpip.dll,-60103
16:32:36;4165709;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000005\DisplayString;SUCCESS;Type: REG_SZ, Length: 86, Data: @%SystemRoot%\system32\wshtcpip.dll,-60103
16:32:36;4165842;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000005\DisplayString;SUCCESS;Type: REG_SZ, Length: 86, Data: @%SystemRoot%\system32\wshtcpip.dll,-60103
16:32:36;4165993;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000005\ProviderId;SUCCESS;Type: REG_BINARY, Length: 16, Data: 40 9D 05 22 9E 7E CF 11 AE 5A 00 AA 00 A7 11 2B
16:32:36;4166198;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000005\AddressFamily;NAME NOT FOUND;Length: 144
16:32:36;4166365;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000005\SupportedNameSpace;SUCCESS;Type: REG_DWORD, Length: 4, Data: 12
16:32:36;4166569;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000005\Enabled;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1
16:32:36;4166762;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000005\Version;SUCCESS;Type: REG_DWORD, Length: 4, Data: 0
16:32:36;4166899;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000005\StoresServiceClassInfo;SUCCESS;Type: REG_DWORD, Length: 4, Data: 0
16:32:36;4167034;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000005\ProviderInfo;SUCCESS;Type: REG_BINARY, Length: 0
16:32:36;4167169;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000005\ProviderInfo;SUCCESS;Type: REG_BINARY, Length: 0
16:32:36;4167354;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000005;SUCCESS;
16:32:36;4167553;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000006;SUCCESS;Desired Access: Read
16:32:36;4167783;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000006\LibraryPath;SUCCESS;Type: REG_SZ, Length: 66, Data: %SystemRoot%\System32\winrnr.dll
16:32:36;4167949;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000006\LibraryPath;SUCCESS;Type: REG_SZ, Length: 66, Data: %SystemRoot%\System32\winrnr.dll
16:32:36;4168099;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000006\DisplayString;SUCCESS;Type: REG_SZ, Length: 10, Data: NTDS
16:32:36;4168265;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000006\DisplayString;SUCCESS;Type: REG_SZ, Length: 10, Data: NTDS
16:32:36;4168395;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000006\DisplayString;SUCCESS;Type: REG_SZ, Length: 10, Data: NTDS
16:32:36;4168533;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000006\DisplayString;SUCCESS;Type: REG_SZ, Length: 10, Data: NTDS
16:32:36;4168660;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000006\DisplayString;SUCCESS;Type: REG_SZ, Length: 10, Data: NTDS
16:32:36;4168830;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000006\ProviderId;SUCCESS;Type: REG_BINARY, Length: 16, Data: EE 37 26 3B 80 E5 CF 11 A5 55 00 C0 4F D8 D4 AC
16:32:36;4169105;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000006\AddressFamily;NAME NOT FOUND;Length: 144
16:32:36;4169276;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000006\SupportedNameSpace;SUCCESS;Type: REG_DWORD, Length: 4, Data: 32
16:32:36;4169413;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000006\Enabled;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1
16:32:36;4169543;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000006\Version;SUCCESS;Type: REG_DWORD, Length: 4, Data: 0
16:32:36;4169684;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000006\StoresServiceClassInfo;SUCCESS;Type: REG_DWORD, Length: 4, Data: 0
16:32:36;4169817;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000006\ProviderInfo;SUCCESS;Type: REG_BINARY, Length: 0
16:32:36;4169955;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000006\ProviderInfo;SUCCESS;Type: REG_BINARY, Length: 0
16:32:36;4170086;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000006;SUCCESS;
16:32:36;4170205;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries;SUCCESS;
16:32:36;4170336;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters;SUCCESS;
16:32:36;4170493;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\Winsock2\Parameters;REPARSE;Desired Access: Query Value
16:32:36;4170688;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\Winsock2\Parameters;SUCCESS;Desired Access: Query Value
16:32:36;4170880;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Ws2_32NumHandleBuckets;NAME NOT FOUND;Length: 144
16:32:36;4171022;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Ws2_32SpinCount;NAME NOT FOUND;Length: 144
16:32:36;4171188;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters;SUCCESS;
16:32:36;4173751;mysql.exe;2900;CreateFile;C:\Windows\my.ini;NAME NOT FOUND;Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a
16:32:36;4175051;mysql.exe;2900;CreateFile;C:\Windows\my.cnf;NAME NOT FOUND;Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a
16:32:36;4176491;mysql.exe;2900;CreateFile;C:\my.ini;NAME NOT FOUND;Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a
16:32:36;4177743;mysql.exe;2900;CreateFile;C:\my.cnf;NAME NOT FOUND;Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a
16:32:36;4179035;mysql.exe;2900;CreateFile;C:\Program Files\MySQL\my.ini;NAME NOT FOUND;Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a
16:32:36;4180360;mysql.exe;2900;CreateFile;C:\Program Files\MySQL\my.cnf;NAME NOT FOUND;Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a
16:32:36;4181735;mysql.exe;2900;CreateFile;C:\Users\erwin\AppData\Local\Temp\tmpystmgt;SUCCESS;Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened
16:32:36;4182727;mysql.exe;2900;ReadFile;C:\Users\erwin\AppData\Local\Temp\tmpystmgt;SUCCESS;Offset: 0, Length: 27
16:32:36;4182972;mysql.exe;2900;ReadFile;C:\Users\erwin\AppData\Local\Temp\tmpystmgt;END OF FILE;Offset: 27, Length: 4.096
16:32:36;4183179;mysql.exe;2900;ReadFile;C:\Users\erwin\AppData\Local\Temp\tmpystmgt;END OF FILE;Offset: 27, Length: 4.096
16:32:36;4183369;mysql.exe;2900;CloseFile;C:\Users\erwin\AppData\Local\Temp\tmpystmgt;SUCCESS;
16:32:36;4185607;mysql.exe;2900;QueryOpen;C:\Windows\System32\nlaapi.dll;FAST IO DISALLOWED;
16:32:36;4186612;mysql.exe;2900;CreateFile;C:\Windows\System32\nlaapi.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4187988;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\nlaapi.dll;SUCCESS;CreationTime: 25-01-2010 09:30:19, LastAccessTime: 25-01-2010 09:30:19, LastWriteTime: 18-01-2008 23:35:40, ChangeTime: 25-01-2010 09:59:06, FileAttributes: A
16:32:36;4188086;mysql.exe;2900;CloseFile;C:\Windows\System32\nlaapi.dll;SUCCESS;
16:32:36;4189581;mysql.exe;2900;CreateFile;C:\Windows\System32\nlaapi.dll;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4194173;mysql.exe;2900;Load Image;C:\Windows\System32\nlaapi.dll;SUCCESS;Image Base: 0x74d20000, Image Size: 0xf000
16:32:36;4194350;mysql.exe;2900;CloseFile;C:\Windows\System32\nlaapi.dll;SUCCESS;
16:32:36;4195787;mysql.exe;2900;QueryOpen;C:\Windows\System32\nlaapi.dll;FAST IO DISALLOWED;
16:32:36;4196784;mysql.exe;2900;CreateFile;C:\Windows\System32\nlaapi.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4198095;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\nlaapi.dll;SUCCESS;CreationTime: 25-01-2010 09:30:19, LastAccessTime: 25-01-2010 09:30:19, LastWriteTime: 18-01-2008 23:35:40, ChangeTime: 25-01-2010 09:59:06, FileAttributes: A
16:32:36;4198197;mysql.exe;2900;CloseFile;C:\Windows\System32\nlaapi.dll;SUCCESS;
16:32:36;4199724;mysql.exe;2900;CreateFile;C:\Windows\System32\nlaapi.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4201721;mysql.exe;2900;CloseFile;C:\Windows\System32\nlaapi.dll;SUCCESS;
16:32:36;4203229;mysql.exe;2900;Load Image;C:\Windows\System32\nlaapi.dll;SUCCESS;Image Base: 0x74d20000, Image Size: 0xf000
16:32:36;4205382;mysql.exe;2900;Load Image;C:\Windows\System32\user32.dll;SUCCESS;Image Base: 0x77480000, Image Size: 0x9d000
16:32:36;4207289;mysql.exe;2900;Load Image;C:\Windows\System32\gdi32.dll;SUCCESS;Image Base: 0x76e80000, Image Size: 0x4b000
16:32:36;4209744;mysql.exe;2900;QueryOpen;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\IPHLPAPI.DLL;FAST IO DISALLOWED;
16:32:36;4210774;mysql.exe;2900;CreateFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\IPHLPAPI.DLL;NAME NOT FOUND;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
16:32:36;4212255;mysql.exe;2900;QueryOpen;C:\Windows\System32\IPHLPAPI.DLL;FAST IO DISALLOWED;
16:32:36;4217537;mysql.exe;2900;CreateFile;C:\Windows\System32\IPHLPAPI.DLL;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4218725;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\IPHLPAPI.DLL;SUCCESS;CreationTime: 25-01-2010 10:11:37, LastAccessTime: 25-01-2010 10:11:37, LastWriteTime: 10-04-2009 23:28:22, ChangeTime: 25-01-2010 10:24:10, FileAttributes: A
16:32:36;4218827;mysql.exe;2900;CloseFile;C:\Windows\System32\IPHLPAPI.DLL;SUCCESS;
16:32:36;4220264;mysql.exe;2900;CreateFile;C:\Windows\System32\IPHLPAPI.DLL;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4222378;mysql.exe;2900;CloseFile;C:\Windows\System32\IPHLPAPI.DLL;SUCCESS;
16:32:36;4224600;mysql.exe;2900;Load Image;C:\Windows\System32\IPHLPAPI.DLL;SUCCESS;Image Base: 0x75710000, Image Size: 0x19000
16:32:36;4230823;mysql.exe;2900;QueryOpen;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\dhcpcsvc.DLL;FAST IO DISALLOWED;
16:32:36;4232494;mysql.exe;2900;CreateFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\dhcpcsvc.DLL;NAME NOT FOUND;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
16:32:36;4234159;mysql.exe;2900;QueryOpen;C:\Windows\System32\dhcpcsvc.dll;FAST IO DISALLOWED;
16:32:36;4235154;mysql.exe;2900;CreateFile;C:\Windows\System32\dhcpcsvc.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4236586;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\dhcpcsvc.dll;SUCCESS;CreationTime: 25-01-2010 10:11:46, LastAccessTime: 25-01-2010 10:11:46, LastWriteTime: 10-04-2009 23:28:20, ChangeTime: 25-01-2010 10:24:17, FileAttributes: A
16:32:36;4236687;mysql.exe;2900;CloseFile;C:\Windows\System32\dhcpcsvc.dll;SUCCESS;
16:32:36;4238110;mysql.exe;2900;CreateFile;C:\Windows\System32\dhcpcsvc.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4240154;mysql.exe;2900;CloseFile;C:\Windows\System32\dhcpcsvc.dll;SUCCESS;
16:32:36;4241804;mysql.exe;2900;Load Image;C:\Windows\System32\dhcpcsvc.dll;SUCCESS;Image Base: 0x756d0000, Image Size: 0x35000
16:32:36;4243945;mysql.exe;2900;QueryOpen;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\DNSAPI.dll;FAST IO DISALLOWED;
16:32:36;4244911;mysql.exe;2900;CreateFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\DNSAPI.dll;NAME NOT FOUND;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
16:32:36;4250424;mysql.exe;2900;QueryOpen;C:\Windows\System32\dnsapi.dll;FAST IO DISALLOWED;
16:32:36;4254859;mysql.exe;2900;CreateFile;C:\Windows\System32\dnsapi.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4256652;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\dnsapi.dll;SUCCESS;CreationTime: 25-01-2010 10:11:46, LastAccessTime: 25-01-2010 10:11:46, LastWriteTime: 10-04-2009 23:28:20, ChangeTime: 25-01-2010 10:24:08, FileAttributes: A
16:32:36;4256767;mysql.exe;2900;CloseFile;C:\Windows\System32\dnsapi.dll;SUCCESS;
16:32:36;4258177;mysql.exe;2900;CreateFile;C:\Windows\System32\dnsapi.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4260374;mysql.exe;2900;CloseFile;C:\Windows\System32\dnsapi.dll;SUCCESS;
16:32:36;4262011;mysql.exe;2900;Load Image;C:\Windows\System32\dnsapi.dll;SUCCESS;Image Base: 0x75950000, Image Size: 0x2c000
16:32:36;4265104;mysql.exe;2900;QueryOpen;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\Secur32.dll;FAST IO DISALLOWED;
16:32:36;4266152;mysql.exe;2900;CreateFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\Secur32.dll;NAME NOT FOUND;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
16:32:36;4267516;mysql.exe;2900;QueryOpen;C:\Windows\System32\secur32.dll;FAST IO DISALLOWED;
16:32:36;4268505;mysql.exe;2900;CreateFile;C:\Windows\System32\secur32.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4269655;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\secur32.dll;SUCCESS;CreationTime: 25-01-2010 15:46:13, LastAccessTime: 25-01-2010 15:46:13, LastWriteTime: 15-06-2009 15:53:43, ChangeTime: 25-01-2010 16:24:57, FileAttributes: A
16:32:36;4269757;mysql.exe;2900;CloseFile;C:\Windows\System32\secur32.dll;SUCCESS;
16:32:36;4271110;mysql.exe;2900;CreateFile;C:\Windows\System32\secur32.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4273109;mysql.exe;2900;CloseFile;C:\Windows\System32\secur32.dll;SUCCESS;
16:32:36;4274667;mysql.exe;2900;Load Image;C:\Windows\System32\secur32.dll;SUCCESS;Image Base: 0x75d00000, Image Size: 0x14000
16:32:36;4277121;mysql.exe;2900;QueryOpen;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\WINNSI.DLL;FAST IO DISALLOWED;
16:32:36;4278117;mysql.exe;2900;CreateFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\WINNSI.DLL;NAME NOT FOUND;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
16:32:36;4279435;mysql.exe;2900;QueryOpen;C:\Windows\System32\winnsi.dll;FAST IO DISALLOWED;
16:32:36;4280610;mysql.exe;2900;CreateFile;C:\Windows\System32\winnsi.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4281875;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\winnsi.dll;SUCCESS;CreationTime: 25-01-2010 09:29:51, LastAccessTime: 25-01-2010 09:29:51, LastWriteTime: 18-01-2008 23:36:56, ChangeTime: 25-01-2010 09:58:40, FileAttributes: A
16:32:36;4281975;mysql.exe;2900;CloseFile;C:\Windows\System32\winnsi.dll;SUCCESS;
16:32:36;4283335;mysql.exe;2900;CreateFile;C:\Windows\System32\winnsi.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4285307;mysql.exe;2900;CloseFile;C:\Windows\System32\winnsi.dll;SUCCESS;
16:32:36;4286788;mysql.exe;2900;Load Image;C:\Windows\System32\winnsi.dll;SUCCESS;Image Base: 0x756c0000, Image Size: 0x7000
16:32:36;4288742;mysql.exe;2900;QueryOpen;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\dhcpcsvc6.DLL;FAST IO DISALLOWED;
16:32:36;4289806;mysql.exe;2900;CreateFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\dhcpcsvc6.DLL;NAME NOT FOUND;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
16:32:36;4291134;mysql.exe;2900;QueryOpen;C:\Windows\System32\dhcpcsvc6.dll;FAST IO DISALLOWED;
16:32:36;4292188;mysql.exe;2900;CreateFile;C:\Windows\System32\dhcpcsvc6.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4292496;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\dhcpcsvc6.dll;SUCCESS;CreationTime: 25-01-2010 10:11:46, LastAccessTime: 25-01-2010 10:11:46, LastWriteTime: 10-04-2009 23:28:20, ChangeTime: 25-01-2010 10:24:08, FileAttributes: A
16:32:36;4292598;mysql.exe;2900;CloseFile;C:\Windows\System32\dhcpcsvc6.dll;SUCCESS;
16:32:36;4293980;mysql.exe;2900;CreateFile;C:\Windows\System32\dhcpcsvc6.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4295161;mysql.exe;2900;CloseFile;C:\Windows\System32\dhcpcsvc6.dll;SUCCESS;
16:32:36;4297413;mysql.exe;2900;Load Image;C:\Windows\System32\dhcpcsvc6.dll;SUCCESS;Image Base: 0x75690000, Image Size: 0x22000
16:32:36;4301631;mysql.exe;2900;QueryOpen;C:\Windows\System32\imm32.dll;FAST IO DISALLOWED;
16:32:36;4302630;mysql.exe;2900;CreateFile;C:\Windows\System32\imm32.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4303788;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\imm32.dll;SUCCESS;CreationTime: 25-01-2010 10:11:37, LastAccessTime: 25-01-2010 10:11:37, LastWriteTime: 10-04-2009 23:28:22, ChangeTime: 25-01-2010 10:24:09, FileAttributes: A
16:32:36;4303892;mysql.exe;2900;CloseFile;C:\Windows\System32\imm32.dll;SUCCESS;
16:32:36;4305323;mysql.exe;2900;CreateFile;C:\Windows\System32\imm32.dll;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4309056;mysql.exe;2900;Load Image;C:\Windows\System32\imm32.dll;SUCCESS;Image Base: 0x77930000, Image Size: 0x1e000
16:32:36;4309244;mysql.exe;2900;CloseFile;C:\Windows\System32\imm32.dll;SUCCESS;
16:32:36;4310962;mysql.exe;2900;QueryOpen;C:\Windows\System32\imm32.dll;FAST IO DISALLOWED;
16:32:36;4311977;mysql.exe;2900;CreateFile;C:\Windows\System32\imm32.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4313111;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\imm32.dll;SUCCESS;CreationTime: 25-01-2010 10:11:37, LastAccessTime: 25-01-2010 10:11:37, LastWriteTime: 10-04-2009 23:28:22, ChangeTime: 25-01-2010 10:24:09, FileAttributes: A
16:32:36;4313208;mysql.exe;2900;CloseFile;C:\Windows\System32\imm32.dll;SUCCESS;
16:32:36;4314520;mysql.exe;2900;CreateFile;C:\Windows\System32\imm32.dll;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4317672;mysql.exe;2900;Load Image;C:\Windows\System32\imm32.dll;SUCCESS;Image Base: 0x77930000, Image Size: 0x1e000
16:32:36;4317842;mysql.exe;2900;CloseFile;C:\Windows\System32\imm32.dll;SUCCESS;
16:32:36;4319301;mysql.exe;2900;QueryOpen;C:\Windows\System32\imm32.dll;FAST IO DISALLOWED;
16:32:36;4320381;mysql.exe;2900;CreateFile;C:\Windows\System32\imm32.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4321547;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\imm32.dll;SUCCESS;CreationTime: 25-01-2010 10:11:37, LastAccessTime: 25-01-2010 10:11:37, LastWriteTime: 10-04-2009 23:28:22, ChangeTime: 25-01-2010 10:24:09, FileAttributes: A
16:32:36;4321647;mysql.exe;2900;CloseFile;C:\Windows\System32\imm32.dll;SUCCESS;
16:32:36;4323022;mysql.exe;2900;CreateFile;C:\Windows\System32\imm32.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4324996;mysql.exe;2900;CloseFile;C:\Windows\System32\imm32.dll;SUCCESS;
16:32:36;4326470;mysql.exe;2900;Load Image;C:\Windows\System32\imm32.dll;SUCCESS;Image Base: 0x77930000, Image Size: 0x1e000
16:32:36;4329021;mysql.exe;2900;Load Image;C:\Windows\System32\msctf.dll;SUCCESS;Image Base: 0x762a0000, Image Size: 0xc8000
16:32:36;4331816;mysql.exe;2900;QueryOpen;C:\Windows\System32\imm32.dll;FAST IO DISALLOWED;
16:32:36;4333090;mysql.exe;2900;CreateFile;C:\Windows\System32\imm32.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4334338;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\imm32.dll;SUCCESS;CreationTime: 25-01-2010 10:11:37, LastAccessTime: 25-01-2010 10:11:37, LastWriteTime: 10-04-2009 23:28:22, ChangeTime: 25-01-2010 10:24:09, FileAttributes: A
16:32:36;4334442;mysql.exe;2900;CloseFile;C:\Windows\System32\imm32.dll;SUCCESS;
16:32:36;4336325;mysql.exe;2900;QueryOpen;C:\Windows\System32\imm32.dll;FAST IO DISALLOWED;
16:32:36;4337325;mysql.exe;2900;CreateFile;C:\Windows\System32\imm32.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4338462;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\imm32.dll;SUCCESS;CreationTime: 25-01-2010 10:11:37, LastAccessTime: 25-01-2010 10:11:37, LastWriteTime: 10-04-2009 23:28:22, ChangeTime: 25-01-2010 10:24:09, FileAttributes: A
16:32:36;4338562;mysql.exe;2900;CloseFile;C:\Windows\System32\imm32.dll;SUCCESS;
16:32:36;4339039;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Control\Error Message Instrument;REPARSE;Desired Access: Read
16:32:36;4339292;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Control\Error Message Instrument;NAME NOT FOUND;Desired Access: Read
16:32:36;4339460;mysql.exe;2900;RegOpenKey;HKLM\Software\Microsoft\Windows NT\CurrentVersion\GRE_Initialize;SUCCESS;Desired Access: Read
16:32:36;4339751;mysql.exe;2900;RegQueryValue;HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize\DisableMetaFiles;NAME NOT FOUND;Length: 20
16:32:36;4339902;mysql.exe;2900;RegCloseKey;HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize;SUCCESS;
16:32:36;4340404;mysql.exe;2900;RegOpenKey;HKLM\Software\Microsoft\Windows NT\CurrentVersion\Compatibility32;SUCCESS;Desired Access: Read
16:32:36;4340623;mysql.exe;2900;RegQueryValue;HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Compatibility32\mysql;NAME NOT FOUND;Length: 172
16:32:36;4340864;mysql.exe;2900;RegCloseKey;HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Compatibility32;SUCCESS;
16:32:36;4341012;mysql.exe;2900;RegOpenKey;HKLM\Software\Microsoft\Windows NT\CurrentVersion\IME Compatibility;NAME NOT FOUND;Desired Access: Read
16:32:36;4343379;mysql.exe;2900;Load Image;C:\Windows\System32\lpk.dll;SUCCESS;Image Base: 0x760a0000, Image Size: 0x9000
16:32:36;4345220;mysql.exe;2900;Load Image;C:\Windows\System32\usp10.dll;SUCCESS;Image Base: 0x779a0000, Image Size: 0x7d000
16:32:36;4348047;mysql.exe;2900;RegOpenKey;HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows;SUCCESS;Desired Access: Read
16:32:36;4348317;mysql.exe;2900;RegQueryValue;HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\LoadAppInit_DLLs;SUCCESS;Type: REG_DWORD, Length: 4, Data: 0
16:32:36;4348492;mysql.exe;2900;RegCloseKey;HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows;SUCCESS;
16:32:36;4349068;mysql.exe;2900;RegCreateKey;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters;REPARSE;Desired Access: Read
16:32:36;4349272;mysql.exe;2900;RegCreateKey;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters;SUCCESS;Desired Access: Read
16:32:36;4349473;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\DnsCache\Parameters;REPARSE;Desired Access: Read
16:32:36;4349623;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\DnsCache\Parameters;SUCCESS;Desired Access: Read
16:32:36;4349800;mysql.exe;2900;RegOpenKey;HKLM\Software\Policies\Microsoft\Windows NT\DnsClient;NAME NOT FOUND;Desired Access: Read
16:32:36;4349970;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\DNS;REPARSE;Desired Access: Query Value
16:32:36;4350109;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\DNS;NAME NOT FOUND;Desired Access: Query Value
16:32:36;4350276;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\QueryAdapterName;NAME NOT FOUND;Length: 144
16:32:36;4350412;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\DisableAdapterDomainName;NAME NOT FOUND;Length: 144
16:32:36;4350564;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\UseDomainNameDevolution;NAME NOT FOUND;Length: 144
16:32:36;4350675;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\UseDomainNameDevolution;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1
16:32:36;4350799;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\DomainNameDevolutionLevel;NAME NOT FOUND;Length: 144
16:32:36;4350910;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\PrioritizeRecordData;NAME NOT FOUND;Length: 144
16:32:36;4351020;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\PrioritizeRecordData;NAME NOT FOUND;Length: 144
16:32:36;4351133;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\AllowUnqualifiedQuery;NAME NOT FOUND;Length: 144
16:32:36;4351241;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\AllowUnqualifiedQuery;NAME NOT FOUND;Length: 144
16:32:36;4351352;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\AppendToMultiLabelName;NAME NOT FOUND;Length: 144
16:32:36;4351461;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\ScreenBadTlds;NAME NOT FOUND;Length: 144
16:32:36;4351571;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\ScreenUnreachableServers;NAME NOT FOUND;Length: 144
16:32:36;4351684;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\ScreenDefaultServers;NAME NOT FOUND;Length: 144
16:32:36;4351794;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\DynamicServerQueryOrder;NAME NOT FOUND;Length: 144
16:32:36;4351903;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\FilterClusterIp;NAME NOT FOUND;Length: 144
16:32:36;4352016;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\WaitForNameErrorOnAll;NAME NOT FOUND;Length: 144
16:32:36;4352130;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\UseEdns;NAME NOT FOUND;Length: 144
16:32:36;4352243;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\QueryIpMatching;NAME NOT FOUND;Length: 144
16:32:36;4352355;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\UseHostsFile;NAME NOT FOUND;Length: 144
16:32:36;4352467;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\AddrConfigControl;NAME NOT FOUND;Length: 144
16:32:36;4352580;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\RegistrationEnabled;NAME NOT FOUND;Length: 144
16:32:36;4352697;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\DisableDynamicUpdate;NAME NOT FOUND;Length: 144
16:32:36;4352814;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\RegisterPrimaryName;NAME NOT FOUND;Length: 144
16:32:36;4352924;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\RegisterAdapterName;NAME NOT FOUND;Length: 144
16:32:36;4353089;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\EnableAdapterDomainNameRegistration;NAME NOT FOUND;Length: 144
16:32:36;4353217;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\RegisterReverseLookup;NAME NOT FOUND;Length: 144
16:32:36;4353334;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\DisableReverseAddressRegistrations;NAME NOT FOUND;Length: 144
16:32:36;4353454;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\RegisterWanAdapters;NAME NOT FOUND;Length: 144
16:32:36;4353567;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\DisableWanDynamicUpdate;NAME NOT FOUND;Length: 144
16:32:36;4353681;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\RegistrationTtl;NAME NOT FOUND;Length: 144
16:32:36;4353795;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\DefaultRegistrationTTL;NAME NOT FOUND;Length: 144
16:32:36;4353915;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\RegistrationRefreshInterval;NAME NOT FOUND;Length: 144
16:32:36;4354022;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\DefaultRegistrationRefreshInterval;NAME NOT FOUND;Length: 144
16:32:36;4354140;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\RegistrationMaxAddressCount;NAME NOT FOUND;Length: 144
16:32:36;4354249;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\MaxNumberOfAddressesToRegister;NAME NOT FOUND;Length: 144
16:32:36;4354366;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\UpdateSecurityLevel;NAME NOT FOUND;Length: 144
16:32:36;4354527;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\UpdateSecurityLevel;NAME NOT FOUND;Length: 144
16:32:36;4354644;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\UpdateTopLevelDomainZones;NAME NOT FOUND;Length: 144
16:32:36;4354802;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\DowncaseSpnCauseApiOwnerIsTooLazy;NAME NOT FOUND;Length: 144
16:32:36;4355059;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\RegistrationOverwrite;NAME NOT FOUND;Length: 144
16:32:36;4355233;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\MaxCacheSize;NAME NOT FOUND;Length: 144
16:32:36;4355349;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\MaxCacheTtl;NAME NOT FOUND;Length: 144
16:32:36;4355460;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\MaxNegativeCacheTtl;NAME NOT FOUND;Length: 144
16:32:36;4355570;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\AdapterTimeoutLimit;NAME NOT FOUND;Length: 144
16:32:36;4355781;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\ServerPriorityTimeLimit;NAME NOT FOUND;Length: 144
16:32:36;4355953;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\MaxCachedSockets;NAME NOT FOUND;Length: 144
16:32:36;4356064;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\EnableMulticast;NAME NOT FOUND;Length: 144
16:32:36;4356175;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\MulticastResponderFlags;NAME NOT FOUND;Length: 144
16:32:36;4356286;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\MulticastSenderFlags;NAME NOT FOUND;Length: 144
16:32:36;4356396;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\MulticastSenderMaxTimeout;NAME NOT FOUND;Length: 144
16:32:36;4356507;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\DnsTest;NAME NOT FOUND;Length: 144
16:32:36;4356615;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\UseCompartments;NAME NOT FOUND;Length: 144
16:32:36;4356722;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\CacheAllCompartments;NAME NOT FOUND;Length: 144
16:32:36;4356832;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\UseNewRegistration;NAME NOT FOUND;Length: 144
16:32:36;4356939;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\ResolverRegistration;NAME NOT FOUND;Length: 144
16:32:36;4357047;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\ResolverRegistrationOnly;NAME NOT FOUND;Length: 144
16:32:36;4357157;mysql.exe;2900;RegOpenKey;HKLM\System\Setup;SUCCESS;Desired Access: Query Value
16:32:36;4357328;mysql.exe;2900;RegQueryValue;HKLM\SYSTEM\Setup\SystemSetupInProgress;SUCCESS;Type: REG_DWORD, Length: 4, Data: 0
16:32:36;4357452;mysql.exe;2900;RegCloseKey;HKLM\SYSTEM\Setup;SUCCESS;
16:32:36;4357565;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\DnsQueryTimeouts;NAME NOT FOUND;Length: 144
16:32:36;4357679;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\DnsQueryTimeouts;NAME NOT FOUND;Length: 144
16:32:36;4357793;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters\DnsQuickQueryTimeouts;NAME NOT FOUND;Length: 144
16:32:36;4357901;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\DnsQuickQueryTimeouts;NAME NOT FOUND;Length: 144
16:32:36;4358017;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters;SUCCESS;
16:32:36;4358121;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters;SUCCESS;
16:32:36;4361022;mysql.exe;2900;QueryOpen;C:\Windows\System32\NapiNSP.dll;FAST IO DISALLOWED;
16:32:36;4362016;mysql.exe;2900;CreateFile;C:\Windows\System32\NapiNSP.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4363172;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\NapiNSP.dll;SUCCESS;CreationTime: 25-01-2010 09:30:29, LastAccessTime: 25-01-2010 09:30:29, LastWriteTime: 18-01-2008 23:35:36, ChangeTime: 25-01-2010 09:58:48, FileAttributes: A
16:32:36;4363273;mysql.exe;2900;CloseFile;C:\Windows\System32\NapiNSP.dll;SUCCESS;
16:32:36;4364566;mysql.exe;2900;CreateFile;C:\Windows\System32\NapiNSP.dll;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4368021;mysql.exe;2900;Load Image;C:\Windows\System32\NapiNSP.dll;SUCCESS;Image Base: 0x74140000, Image Size: 0xf000
16:32:36;4368213;mysql.exe;2900;CloseFile;C:\Windows\System32\NapiNSP.dll;SUCCESS;
16:32:36;4369893;mysql.exe;2900;QueryOpen;C:\Windows\System32\NapiNSP.dll;FAST IO DISALLOWED;
16:32:36;4371154;mysql.exe;2900;CreateFile;C:\Windows\System32\NapiNSP.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4372309;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\NapiNSP.dll;SUCCESS;CreationTime: 25-01-2010 09:30:29, LastAccessTime: 25-01-2010 09:30:29, LastWriteTime: 18-01-2008 23:35:36, ChangeTime: 25-01-2010 09:58:48, FileAttributes: A
16:32:36;4372407;mysql.exe;2900;CloseFile;C:\Windows\System32\NapiNSP.dll;SUCCESS;
16:32:36;4373782;mysql.exe;2900;CreateFile;C:\Windows\System32\NapiNSP.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4375948;mysql.exe;2900;CloseFile;C:\Windows\System32\NapiNSP.dll;SUCCESS;
16:32:36;4377448;mysql.exe;2900;Load Image;C:\Windows\System32\NapiNSP.dll;SUCCESS;Image Base: 0x74140000, Image Size: 0xf000
16:32:36;4379178;mysql.exe;2900;RegOpenKey;HKLM\Software\Microsoft\Rpc;SUCCESS;Desired Access: Read
16:32:36;4379449;mysql.exe;2900;RegQueryValue;HKLM\SOFTWARE\Microsoft\Rpc\MaxRpcSize;NAME NOT FOUND;Length: 144
16:32:36;4381481;mysql.exe;2900;RegCloseKey;HKLM\SOFTWARE\Microsoft\Rpc;SUCCESS;
16:32:36;4381842;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Control\ComputerName;REPARSE;Desired Access: Read
16:32:36;4382015;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Control\ComputerName;SUCCESS;Desired Access: Read
16:32:36;4382209;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Control\ComputerName\ActiveComputerName;SUCCESS;Desired Access: Read
16:32:36;4382378;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Control\ComputerName\ActiveComputerName\ComputerName;SUCCESS;Type: REG_SZ, Length: 26, Data: ERWINSLAPTOP
16:32:36;4382578;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Control\ComputerName\ActiveComputerName;SUCCESS;
16:32:36;4382696;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Control\ComputerName;SUCCESS;
16:32:36;4382816;mysql.exe;2900;RegOpenKey;HKLM\Software\Policies\Microsoft\Windows NT\Rpc;NAME NOT FOUND;Desired Access: Read
16:32:36;4383111;mysql.exe;2900;RegOpenKey;HKLM\Software\Policies\Microsoft\SQMClient\Windows;NAME NOT FOUND;Desired Access: Read
16:32:36;4383259;mysql.exe;2900;RegOpenKey;HKLM\Software\Microsoft\SQMClient\Windows;SUCCESS;Desired Access: Read
16:32:36;4383490;mysql.exe;2900;RegQueryValue;HKLM\SOFTWARE\Microsoft\SQMClient\Windows\CEIPEnable;SUCCESS;Type: REG_DWORD, Length: 4, Data: 0
16:32:36;4383630;mysql.exe;2900;RegCloseKey;HKLM\SOFTWARE\Microsoft\SQMClient\Windows;SUCCESS;
16:32:36;4384176;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Control\ComputerName;REPARSE;Desired Access: Read
16:32:36;4384322;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Control\ComputerName;SUCCESS;Desired Access: Read
16:32:36;4384487;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Control\ComputerName\ActiveComputerName;SUCCESS;Desired Access: Read
16:32:36;4384637;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Control\ComputerName\ActiveComputerName\ComputerName;SUCCESS;Type: REG_SZ, Length: 26, Data: ERWINSLAPTOP
16:32:36;4384769;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Control\ComputerName\ActiveComputerName;SUCCESS;
16:32:36;4384888;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Control\ComputerName;SUCCESS;
16:32:36;4385873;mysql.exe;2900;RegOpenKey;HKLM\Software\Policies\Microsoft\Windows NT\Rpc;NAME NOT FOUND;Desired Access: Read
16:32:36;4392970;mysql.exe;2900;QueryOpen;C:\Windows\System32\pnrpnsp.dll;FAST IO DISALLOWED;
16:32:36;4394070;mysql.exe;2900;CreateFile;C:\Windows\System32\pnrpnsp.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4395383;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\pnrpnsp.dll;SUCCESS;CreationTime: 25-01-2010 09:30:12, LastAccessTime: 25-01-2010 09:30:12, LastWriteTime: 18-01-2008 23:36:08, ChangeTime: 25-01-2010 09:58:59, FileAttributes: A
16:32:36;4395487;mysql.exe;2900;CloseFile;C:\Windows\System32\pnrpnsp.dll;SUCCESS;
16:32:36;4397038;mysql.exe;2900;CreateFile;C:\Windows\System32\pnrpnsp.dll;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4400542;mysql.exe;2900;Load Image;C:\Windows\System32\pnrpnsp.dll;SUCCESS;Image Base: 0x74100000, Image Size: 0x12000
16:32:36;4400722;mysql.exe;2900;CloseFile;C:\Windows\System32\pnrpnsp.dll;SUCCESS;
16:32:36;4402518;mysql.exe;2900;QueryOpen;C:\Windows\System32\pnrpnsp.dll;FAST IO DISALLOWED;
16:32:36;4403563;mysql.exe;2900;CreateFile;C:\Windows\System32\pnrpnsp.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4404728;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\pnrpnsp.dll;SUCCESS;CreationTime: 25-01-2010 09:30:12, LastAccessTime: 25-01-2010 09:30:12, LastWriteTime: 18-01-2008 23:36:08, ChangeTime: 25-01-2010 09:58:59, FileAttributes: A
16:32:36;4404830;mysql.exe;2900;CloseFile;C:\Windows\System32\pnrpnsp.dll;SUCCESS;
16:32:36;4413105;mysql.exe;2900;CreateFile;C:\Windows\System32\pnrpnsp.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4415705;mysql.exe;2900;CloseFile;C:\Windows\System32\pnrpnsp.dll;SUCCESS;
16:32:36;4417750;mysql.exe;2900;Load Image;C:\Windows\System32\pnrpnsp.dll;SUCCESS;Image Base: 0x74100000, Image Size: 0x12000
16:32:36;4422071;mysql.exe;2900;QueryOpen;C:\Windows\System32\pnrpnsp.dll;FAST IO DISALLOWED;
16:32:36;4423387;mysql.exe;2900;CreateFile;C:\Windows\System32\pnrpnsp.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4424620;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\pnrpnsp.dll;SUCCESS;CreationTime: 25-01-2010 09:30:12, LastAccessTime: 25-01-2010 09:30:12, LastWriteTime: 18-01-2008 23:36:08, ChangeTime: 25-01-2010 09:58:59, FileAttributes: A
16:32:36;4424785;mysql.exe;2900;CloseFile;C:\Windows\System32\pnrpnsp.dll;SUCCESS;
16:32:36;4426617;mysql.exe;2900;QueryOpen;C:\Windows\System32\mswsock.dll;FAST IO DISALLOWED;
16:32:36;4427796;mysql.exe;2900;CreateFile;C:\Windows\System32\mswsock.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4428975;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\mswsock.dll;SUCCESS;CreationTime: 25-01-2010 10:11:39, LastAccessTime: 25-01-2010 10:11:39, LastWriteTime: 10-04-2009 23:28:24, ChangeTime: 25-01-2010 10:24:16, FileAttributes: A
16:32:36;4429072;mysql.exe;2900;CloseFile;C:\Windows\System32\mswsock.dll;SUCCESS;
16:32:36;4430357;mysql.exe;2900;CreateFile;C:\Windows\System32\mswsock.dll;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4433563;mysql.exe;2900;Load Image;C:\Windows\System32\mswsock.dll;SUCCESS;Image Base: 0x75450000, Image Size: 0x3b000
16:32:36;4433734;mysql.exe;2900;CloseFile;C:\Windows\System32\mswsock.dll;SUCCESS;
16:32:36;4435075;mysql.exe;2900;QueryOpen;C:\Windows\System32\mswsock.dll;FAST IO DISALLOWED;
16:32:36;4436075;mysql.exe;2900;CreateFile;C:\Windows\System32\mswsock.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4437189;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\mswsock.dll;SUCCESS;CreationTime: 25-01-2010 10:11:39, LastAccessTime: 25-01-2010 10:11:39, LastWriteTime: 10-04-2009 23:28:24, ChangeTime: 25-01-2010 10:24:16, FileAttributes: A
16:32:36;4437284;mysql.exe;2900;CloseFile;C:\Windows\System32\mswsock.dll;SUCCESS;
16:32:36;4438560;mysql.exe;2900;CreateFile;C:\Windows\System32\mswsock.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4440499;mysql.exe;2900;CloseFile;C:\Windows\System32\mswsock.dll;SUCCESS;
16:32:36;4441920;mysql.exe;2900;Load Image;C:\Windows\System32\mswsock.dll;SUCCESS;Image Base: 0x75450000, Image Size: 0x3b000
16:32:36;4443574;mysql.exe;2900;RegCreateKey;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters;REPARSE;Desired Access: Read
16:32:36;4443848;mysql.exe;2900;RegCreateKey;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters;SUCCESS;Desired Access: Read
16:32:36;4444058;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\DnsCache\Parameters;REPARSE;Desired Access: Read
16:32:36;4444222;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\DnsCache\Parameters;SUCCESS;Desired Access: Read
16:32:36;4444396;mysql.exe;2900;RegOpenKey;HKLM\Software\Policies\Microsoft\Windows NT\DnsClient;NAME NOT FOUND;Desired Access: Read
16:32:36;4444576;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Hostname;SUCCESS;Type: REG_SZ, Length: 26, Data: erwinslaptop
16:32:36;4444773;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Hostname;SUCCESS;Type: REG_SZ, Length: 26, Data: erwinslaptop
16:32:36;4444907;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters;SUCCESS;
16:32:36;4445025;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters;SUCCESS;
16:32:36;4445257;mysql.exe;2900;RegCreateKey;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters;REPARSE;Desired Access: Read
16:32:36;4445413;mysql.exe;2900;RegCreateKey;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters;SUCCESS;Desired Access: Read
16:32:36;4445591;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\DnsCache\Parameters;REPARSE;Desired Access: Read
16:32:36;4445742;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\DnsCache\Parameters;SUCCESS;Desired Access: Read
16:32:36;4445906;mysql.exe;2900;RegOpenKey;HKLM\Software\Policies\Microsoft\Windows NT\DnsClient;NAME NOT FOUND;Desired Access: Read
16:32:36;4446050;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Hostname;SUCCESS;Type: REG_SZ, Length: 26, Data: erwinslaptop
16:32:36;4446185;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Hostname;SUCCESS;Type: REG_SZ, Length: 26, Data: erwinslaptop
16:32:36;4446312;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters;SUCCESS;
16:32:36;4446422;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters;SUCCESS;
16:32:36;4446581;mysql.exe;2900;RegCreateKey;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters;REPARSE;Desired Access: Read
16:32:36;4446728;mysql.exe;2900;RegCreateKey;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters;SUCCESS;Desired Access: Read
16:32:36;4446881;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\DnsCache\Parameters;REPARSE;Desired Access: Read
16:32:36;4447015;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\DnsCache\Parameters;SUCCESS;Desired Access: Read
16:32:36;4447165;mysql.exe;2900;RegOpenKey;HKLM\Software\Policies\Microsoft\Windows NT\DnsClient;NAME NOT FOUND;Desired Access: Read
16:32:36;4447293;mysql.exe;2900;RegOpenKey;HKLM\Software\Policies\Microsoft\System\DNSClient;NAME NOT FOUND;Desired Access: Query Value
16:32:36;4447443;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Domain;SUCCESS;Type: REG_SZ, Length: 2, Data: 
16:32:36;4447598;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Domain;SUCCESS;Type: REG_SZ, Length: 2, Data: 
16:32:36;4447816;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters;SUCCESS;
16:32:36;4447923;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\Dnscache\Parameters;SUCCESS;
16:32:36;4449635;mysql.exe;2900;QueryOpen;C:\Windows\System32\winrnr.dll;FAST IO DISALLOWED;
16:32:36;4450850;mysql.exe;2900;CreateFile;C:\Windows\System32\winrnr.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4452066;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\winrnr.dll;SUCCESS;CreationTime: 25-01-2010 10:11:27, LastAccessTime: 25-01-2010 10:11:27, LastWriteTime: 10-04-2009 23:28:26, ChangeTime: 25-01-2010 10:24:18, FileAttributes: A
16:32:36;4452164;mysql.exe;2900;CloseFile;C:\Windows\System32\winrnr.dll;SUCCESS;
16:32:36;4453487;mysql.exe;2900;CreateFile;C:\Windows\System32\winrnr.dll;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4456715;mysql.exe;2900;Load Image;C:\Windows\System32\winrnr.dll;SUCCESS;Image Base: 0x74130000, Image Size: 0x8000
16:32:36;4456899;mysql.exe;2900;CloseFile;C:\Windows\System32\winrnr.dll;SUCCESS;
16:32:36;4458296;mysql.exe;2900;QueryOpen;C:\Windows\System32\winrnr.dll;FAST IO DISALLOWED;
16:32:36;4459302;mysql.exe;2900;CreateFile;C:\Windows\System32\winrnr.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4460421;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\winrnr.dll;SUCCESS;CreationTime: 25-01-2010 10:11:27, LastAccessTime: 25-01-2010 10:11:27, LastWriteTime: 10-04-2009 23:28:26, ChangeTime: 25-01-2010 10:24:18, FileAttributes: A
16:32:36;4460518;mysql.exe;2900;CloseFile;C:\Windows\System32\winrnr.dll;SUCCESS;
16:32:36;4461800;mysql.exe;2900;CreateFile;C:\Windows\System32\winrnr.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4463721;mysql.exe;2900;CloseFile;C:\Windows\System32\winrnr.dll;SUCCESS;
16:32:36;4465147;mysql.exe;2900;Load Image;C:\Windows\System32\winrnr.dll;SUCCESS;Image Base: 0x74130000, Image Size: 0x8000
16:32:36;4470894;mysql.exe;2900;Load Image;C:\Windows\System32\Wldap32.dll;SUCCESS;Image Base: 0x77950000, Image Size: 0x49000
16:32:36;4472846;mysql.exe;2900;Load Image;C:\Windows\System32\psapi.dll;SUCCESS;Image Base: 0x75e60000, Image Size: 0x7000
16:32:36;4474446;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\LDAP;REPARSE;Desired Access: Read
16:32:36;4474684;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\LDAP;SUCCESS;Desired Access: Read
16:32:36;4474904;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\ldap\LdapClientIntegrity;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1
16:32:36;4475052;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\ldap;SUCCESS;
16:32:36;4475612;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\Tcp\VParameters;REPARSE;Desired Access: Read
16:32:36;4475778;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\Tcp\VParameters;NAME NOT FOUND;Desired Access: Read
16:32:36;4475945;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\Tcp\Parameters;REPARSE;Desired Access: Read
16:32:36;4476081;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\Tcp\Parameters;NAME NOT FOUND;Desired Access: Read
16:32:36;4476226;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters;REPARSE;Desired Access: Read
16:32:36;4476365;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters;SUCCESS;Desired Access: Read
16:32:36;4476572;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\DatabasePath;SUCCESS;Type: REG_EXPAND_SZ, Length: 68, Data: %SystemRoot%\System32\drivers\etc
16:32:36;4476753;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters;SUCCESS;
16:32:36;4478269;mysql.exe;2900;CreateFile;C:\Windows\System32\drivers\etc\services;SUCCESS;Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened
16:32:36;4479343;mysql.exe;2900;ReadFile;C:\Windows\System32\drivers\etc\services;SUCCESS;Offset: 0, Length: 4.096
16:32:36;4482284;mysql.exe;2900;ReadFile;C:\Windows\System32\drivers\etc\services;SUCCESS;Offset: 4.096, Length: 4.096
16:32:36;4483331;mysql.exe;2900;ReadFile;C:\Windows\System32\drivers\etc\services;SUCCESS;Offset: 8.192, Length: 4.096
16:32:36;4484269;mysql.exe;2900;ReadFile;C:\Windows\System32\drivers\etc\services;SUCCESS;Offset: 12.288, Length: 4.096
16:32:36;4485137;mysql.exe;2900;ReadFile;C:\Windows\System32\drivers\etc\services;SUCCESS;Offset: 16.384, Length: 860
16:32:36;4485486;mysql.exe;2900;ReadFile;C:\Windows\System32\drivers\etc\services;END OF FILE;Offset: 17.244, Length: 4.096
16:32:36;4485689;mysql.exe;2900;CloseFile;C:\Windows\System32\drivers\etc\services;SUCCESS;
16:32:36;4485957;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters;REPARSE;Desired Access: All Access
16:32:36;4486152;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters;ACCESS DENIED;Desired Access: All Access
16:32:36;4486562;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters;REPARSE;Desired Access: Read
16:32:36;4486713;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters;SUCCESS;Desired Access: Read
16:32:36;4486904;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\WinSock_Registry_Version;SUCCESS;Type: REG_SZ, Length: 8, Data: 2.0
16:32:36;4487052;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\WinSock_Registry_Version;SUCCESS;Type: REG_SZ, Length: 8, Data: 2.0
16:32:36;4487224;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\AutodialDLL;NAME NOT FOUND;Length: 144
16:32:36;4488812;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters;SUCCESS;
16:32:36;4490216;mysql.exe;2900;QueryOpen;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\rasadhlp.dll;FAST IO DISALLOWED;
16:32:36;4491219;mysql.exe;2900;CreateFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\rasadhlp.dll;NAME NOT FOUND;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
16:32:36;4492573;mysql.exe;2900;QueryOpen;C:\Windows\System32\rasadhlp.dll;FAST IO DISALLOWED;
16:32:36;4493666;mysql.exe;2900;CreateFile;C:\Windows\System32\rasadhlp.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4495014;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\rasadhlp.dll;SUCCESS;CreationTime: 02-11-2006 09:58:15, LastAccessTime: 02-11-2006 11:43:10, LastWriteTime: 02-11-2006 10:46:12, ChangeTime: 25-01-2010 09:35:50, FileAttributes: A
16:32:36;4495116;mysql.exe;2900;CloseFile;C:\Windows\System32\rasadhlp.dll;SUCCESS;
16:32:36;4496575;mysql.exe;2900;CreateFile;C:\Windows\System32\rasadhlp.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4498607;mysql.exe;2900;CloseFile;C:\Windows\System32\rasadhlp.dll;SUCCESS;
16:32:36;4500286;mysql.exe;2900;Load Image;C:\Windows\System32\rasadhlp.dll;SUCCESS;Image Base: 0x74150000, Image Size: 0x6000
16:32:36;4506012;mysql.exe;2900;QueryOpen;C:\Windows\System32\mswsock.dll;FAST IO DISALLOWED;
16:32:36;4507426;mysql.exe;2900;CreateFile;C:\Windows\System32\mswsock.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4508616;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\mswsock.dll;SUCCESS;CreationTime: 25-01-2010 10:11:39, LastAccessTime: 25-01-2010 10:11:39, LastWriteTime: 10-04-2009 23:28:24, ChangeTime: 25-01-2010 10:24:16, FileAttributes: A
16:32:36;4508714;mysql.exe;2900;CloseFile;C:\Windows\System32\mswsock.dll;SUCCESS;
16:32:36;4509330;mysql.exe;2900;RegOpenKey;HKLM\SYSTEM\CurrentControlSet\Services\Winsock\Parameters;REPARSE;Desired Access: Read
16:32:36;4509541;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\Winsock\Parameters;SUCCESS;Desired Access: Read
16:32:36;4509753;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Winsock\Parameters\Transports;SUCCESS;Type: REG_MULTI_SZ, Length: 58, Data: Tcpip6, Tcpip, Psched, NetBIOS
16:32:36;4510052;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Winsock\Parameters\Transports;SUCCESS;Type: REG_MULTI_SZ, Length: 58, Data: Tcpip6, Tcpip, Psched, NetBIOS
16:32:36;4510179;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\Winsock\Parameters;SUCCESS;
16:32:36;4510306;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\Tcpip6\Parameters\Winsock;REPARSE;Desired Access: Read
16:32:36;4510483;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\Tcpip6\Parameters\Winsock;SUCCESS;Desired Access: Read
16:32:36;4510680;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Tcpip6\Parameters\Winsock\Mapping;SUCCESS;Type: REG_BINARY, Length: 104, Data: 08 00 00 00 03 00 00 00 17 00 00 00 01 00 00 00
16:32:36;4510817;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Tcpip6\Parameters\Winsock\Mapping;SUCCESS;Type: REG_BINARY, Length: 104, Data: 08 00 00 00 03 00 00 00 17 00 00 00 01 00 00 00
16:32:36;4510939;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\Tcpip6\Parameters\Winsock;SUCCESS;
16:32:36;4511058;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Winsock;REPARSE;Desired Access: Read
16:32:36;4511215;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Winsock;SUCCESS;Desired Access: Read
16:32:36;4511401;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Winsock\Mapping;SUCCESS;Type: REG_BINARY, Length: 104, Data: 08 00 00 00 03 00 00 00 02 00 00 00 01 00 00 00
16:32:36;4511535;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Winsock\Mapping;SUCCESS;Type: REG_BINARY, Length: 104, Data: 08 00 00 00 03 00 00 00 02 00 00 00 01 00 00 00
16:32:36;4511655;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Winsock;SUCCESS;
16:32:36;4511762;mysql.exe;2900;RegOpenKey;HKLM\SYSTEM\CurrentControlSet\Services\Winsock\Setup Migration\Providers;REPARSE;Desired Access: Read
16:32:36;4511912;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\Winsock\Setup Migration\Providers;SUCCESS;Desired Access: Read
16:32:36;4512100;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\Winsock\Setup Migration\Providers\Tcpip;SUCCESS;Desired Access: Read
16:32:36;4512260;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Winsock\Setup Migration\Providers\Tcpip\WinSock 2.0 Provider ID;SUCCESS;Type: REG_BINARY, Length: 16, Data: A0 1A 0F E7 8B AB CF 11 8C A3 00 80 5F 48 A1 92
16:32:36;4512398;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\Winsock\Setup Migration\Providers\Tcpip;SUCCESS;
16:32:36;4512512;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\Winsock\Setup Migration\Providers;SUCCESS;
16:32:36;4512636;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Winsock;REPARSE;Desired Access: Read
16:32:36;4512786;mysql.exe;2900;RegOpenKey;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Winsock;SUCCESS;Desired Access: Read
16:32:36;4512955;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Winsock\MinSockaddrLength;SUCCESS;Type: REG_DWORD, Length: 4, Data: 16
16:32:36;4513082;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Winsock\MaxSockaddrLength;SUCCESS;Type: REG_DWORD, Length: 4, Data: 16
16:32:36;4513202;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Winsock\UseDelayedAcceptance;SUCCESS;Type: REG_DWORD, Length: 4, Data: 0
16:32:36;4513323;mysql.exe;2900;RegQueryValue;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Winsock\HelperDllName;SUCCESS;Type: REG_EXPAND_SZ, Length: 70, Data: %SystemRoot%\System32\wshtcpip.dll
16:32:36;4514877;mysql.exe;2900;QueryOpen;C:\Windows\System32\WSHTCPIP.DLL;FAST IO DISALLOWED;
16:32:36;4516058;mysql.exe;2900;CreateFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4517371;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;CreationTime: 25-01-2010 09:29:50, LastAccessTime: 25-01-2010 09:29:50, LastWriteTime: 18-01-2008 23:37:12, ChangeTime: 25-01-2010 09:58:51, FileAttributes: A
16:32:36;4517470;mysql.exe;2900;CloseFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;
16:32:36;4518958;mysql.exe;2900;CreateFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4522664;mysql.exe;2900;Load Image;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;Image Base: 0x75150000, Image Size: 0x5000
16:32:36;4522882;mysql.exe;2900;CloseFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;
16:32:36;4524425;mysql.exe;2900;QueryOpen;C:\Windows\System32\WSHTCPIP.DLL;FAST IO DISALLOWED;
16:32:36;4525492;mysql.exe;2900;CreateFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4526989;mysql.exe;2900;QueryBasicInformationFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;CreationTime: 25-01-2010 09:29:50, LastAccessTime: 25-01-2010 09:29:50, LastWriteTime: 18-01-2008 23:37:12, ChangeTime: 25-01-2010 09:58:51, FileAttributes: A
16:32:36;4527155;mysql.exe;2900;CloseFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;
16:32:36;4528731;mysql.exe;2900;CreateFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;4530831;mysql.exe;2900;CloseFile;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;
16:32:36;4532236;mysql.exe;2900;Load Image;C:\Windows\System32\WSHTCPIP.DLL;SUCCESS;Image Base: 0x75150000, Image Size: 0x5000
16:32:36;4532833;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Winsock;SUCCESS;
16:32:36;4533290;mysql.exe;2900;RegOpenKey;HKLM\Software\Microsoft\Windows\Windows Error Reporting\Escalation;NAME NOT FOUND;Desired Access: Read
16:32:36;4534350;mysql.exe;2900;RegOpenKey;HKLM\Software\Microsoft\SQMClient\Windows\DisabledSessions;SUCCESS;Desired Access: Read
16:32:36;4534690;mysql.exe;2900;RegQueryValue;HKLM\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions\GlobalSession;NAME NOT FOUND;Length: 20
16:32:36;4534816;mysql.exe;2900;RegCloseKey;HKLM\SOFTWARE\Microsoft\SQMClient\Windows\DisabledSessions;SUCCESS;
16:32:36;4541312;mysql.exe;2900;TCP Connect;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 0, mss: 1460, sackopt: 1, tsopt: 0, wsopt: 1, rcvwin: 8192, rcvwinscale: 2, sndwinscale: 8, seqnum: 0, connid: 0
16:32:36;4546171;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 70, seqnum: 0, connid: 0
16:32:36;4551318;mysql.exe;2900;CreateFile;C:\Program Files\MySQL\MySQL Server 5.1\share\charsets\;PATH NOT FOUND;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
16:32:36;4553759;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 62, startime: 10327214, endtime: 10327214, seqnum: 0, connid: 0
16:32:36;4555128;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;4556984;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 37, startime: 10327214, endtime: 10327214, seqnum: 0, connid: 0
16:32:36;4558779;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 99, seqnum: 0, connid: 0
16:32:36;4559646;mysql.exe;2900;ReadFile;D:\Dump20100219\drupal_dss_access.sql;SUCCESS;Offset: 0, Length: 2.104
16:32:36;4561192;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 82, startime: 10327214, endtime: 10327214, seqnum: 0, connid: 0
16:32:36;4568463;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;4570000;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 22, startime: 10327214, endtime: 10327214, seqnum: 0, connid: 0
16:32:36;4571250;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 64, seqnum: 0, connid: 0
16:32:36;4572697;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, startime: 10327214, endtime: 10327214, seqnum: 0, connid: 0
16:32:36;4581848;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;4583334;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 58, startime: 10327214, endtime: 10327214, seqnum: 0, connid: 0
16:32:36;4584330;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;4585724;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 7, startime: 10327214, endtime: 10327214, seqnum: 0, connid: 0
16:32:36;4586680;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;4588091;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 43, startime: 10327214, endtime: 10327214, seqnum: 0, connid: 0
16:32:36;4589040;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;4590457;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 62, startime: 10327214, endtime: 10327214, seqnum: 0, connid: 0
16:32:36;4591435;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;4592824;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 39, startime: 10327214, endtime: 10327214, seqnum: 0, connid: 0
16:32:36;4593772;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;4595218;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 69, startime: 10327214, endtime: 10327214, seqnum: 0, connid: 0
16:32:36;4596578;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;4598056;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 71, startime: 10327214, endtime: 10327214, seqnum: 0, connid: 0
16:32:36;4599009;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;4600334;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 69, startime: 10327214, endtime: 10327214, seqnum: 0, connid: 0
16:32:36;4601284;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;4602590;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 31, startime: 10327214, endtime: 10327214, seqnum: 0, connid: 0
16:32:36;4603463;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;4604773;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 47, startime: 10327214, endtime: 10327214, seqnum: 0, connid: 0
16:32:36;4605655;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;4608088;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 39, startime: 10327214, endtime: 10327214, seqnum: 0, connid: 0
16:32:36;4609019;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;4610329;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 72, startime: 10327214, endtime: 10327214, seqnum: 0, connid: 0
16:32:36;4611293;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;4612609;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 87, startime: 10327214, endtime: 10327214, seqnum: 0, connid: 0
16:32:36;4613521;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;4614858;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 79, startime: 10327214, endtime: 10327214, seqnum: 0, connid: 0
16:32:36;4615888;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;4617327;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 60, startime: 10327214, endtime: 10327214, seqnum: 0, connid: 0
16:32:36;4618254;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;4619560;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 7, startime: 10327214, endtime: 10327214, seqnum: 0, connid: 0
16:32:36;4620323;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;4621615;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 46, startime: 10327214, endtime: 10327214, seqnum: 0, connid: 0
16:32:36;4622376;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;4623662;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 7, startime: 10327214, endtime: 10327214, seqnum: 0, connid: 0
16:32:36;4624416;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;4625721;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 38, startime: 10327214, endtime: 10327214, seqnum: 0, connid: 0
16:32:36;4661022;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;4662509;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 66, startime: 10327214, endtime: 10327214, seqnum: 0, connid: 0
16:32:36;4663565;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;4664886;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 48, startime: 10327214, endtime: 10327214, seqnum: 0, connid: 0
16:32:36;4665834;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;4667308;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 262, startime: 10327214, endtime: 10327214, seqnum: 0, connid: 0
16:32:36;5226645;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;5228582;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 60, startime: 10327215, endtime: 10327215, seqnum: 0, connid: 0
16:32:36;5229944;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;5231297;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 7, startime: 10327215, endtime: 10327215, seqnum: 0, connid: 0
16:32:36;5232089;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;5233387;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 43, startime: 10327215, endtime: 10327215, seqnum: 0, connid: 0
16:32:36;5234147;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;5235433;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 7, startime: 10327215, endtime: 10327215, seqnum: 0, connid: 0
16:32:36;5236213;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;5237526;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 35, startime: 10327215, endtime: 10327215, seqnum: 0, connid: 0
16:32:36;5272673;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;5274143;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 54, startime: 10327215, endtime: 10327215, seqnum: 0, connid: 0
16:32:36;5293751;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;5295326;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 53, startime: 10327215, endtime: 10327215, seqnum: 0, connid: 0
16:32:36;5307464;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;5308954;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 18, startime: 10327215, endtime: 10327215, seqnum: 0, connid: 0
16:32:36;5312197;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;5313637;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 45, startime: 10327215, endtime: 10327215, seqnum: 0, connid: 0
16:32:36;5314832;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;5316279;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 43, startime: 10327215, endtime: 10327215, seqnum: 0, connid: 0
16:32:36;5317621;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;5319082;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 63, startime: 10327215, endtime: 10327215, seqnum: 0, connid: 0
16:32:36;5320143;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;5321553;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 53, startime: 10327215, endtime: 10327215, seqnum: 0, connid: 0
16:32:36;5322645;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;5324894;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 67, startime: 10327215, endtime: 10327215, seqnum: 0, connid: 0
16:32:36;5326399;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;5327742;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 69, startime: 10327215, endtime: 10327215, seqnum: 0, connid: 0
16:32:36;5328669;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;5329986;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 67, startime: 10327215, endtime: 10327215, seqnum: 0, connid: 0
16:32:36;5330870;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;5332176;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 45, startime: 10327215, endtime: 10327215, seqnum: 0, connid: 0
16:32:36;5333033;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;5334338;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 45, startime: 10327215, endtime: 10327215, seqnum: 0, connid: 0
16:32:36;5335133;mysql.exe;2900;TCP Receive;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 11, seqnum: 0, connid: 0
16:32:36;5335486;mysql.exe;2900;ReadFile;D:\Dump20100219\drupal_dss_access.sql;END OF FILE;Offset: 2.104, Length: 4.096
16:32:36;5336727;mysql.exe;2900;TCP Send;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 5, startime: 10327215, endtime: 10327215, seqnum: 0, connid: 0
16:32:36;5337503;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9;SUCCESS;
16:32:36;5337748;mysql.exe;2900;TCP Disconnect;erwinslaptop:49409 -> erwinslaptop:3306;SUCCESS;Length: 0, seqnum: 0, connid: 0
16:32:36;5340476;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5;SUCCESS;
16:32:36;5341658;mysql.exe;2900;RegOpenKey;HKLM\Software\Microsoft\Windows NT\CurrentVersion\GRE_Initialize;SUCCESS;Desired Access: Read
16:32:36;5342012;mysql.exe;2900;RegQueryValue;HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize\DisableMetaFiles;NAME NOT FOUND;Length: 20
16:32:36;5342158;mysql.exe;2900;RegCloseKey;HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize;SUCCESS;
16:32:36;5342670;mysql.exe;2900;Thread Exit;;SUCCESS;User Time: 0.0000000, Kernel Time: 0.0936006
16:32:36;5353549;mysql.exe;2900;QueryNameInformationFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\mysql.exe;SUCCESS;Name: \Program Files\MySQL\MySQL Workbench 5.2 OSS\mysql.exe
16:32:36;5354024;mysql.exe;2900;QueryNameInformationFile;C:\Windows\System32\rasadhlp.dll;SUCCESS;Name: \Windows\System32\rasadhlp.dll
16:32:36;5354429;mysql.exe;2900;QueryNameInformationFile;C:\Windows\System32\wsock32.dll;SUCCESS;Name: \Windows\System32\wsock32.dll
16:32:36;5354784;mysql.exe;2900;QueryNameInformationFile;C:\Windows\System32\mswsock.dll;SUCCESS;Name: \Windows\System32\mswsock.dll
16:32:36;5355105;mysql.exe;2900;QueryNameInformationFile;C:\Windows\System32\dnsapi.dll;SUCCESS;Name: \Windows\System32\dnsapi.dll
16:32:36;5355393;mysql.exe;2900;QueryNameInformationFile;C:\Windows\System32\ws2_32.dll;SUCCESS;Name: \Windows\System32\ws2_32.dll
16:32:36;5355686;mysql.exe;2900;QueryNameInformationFile;C:\Windows\System32\lpk.dll;SUCCESS;Name: \Windows\System32\lpk.dll
16:32:36;5355987;mysql.exe;2900;QueryNameInformationFile;C:\Windows\System32\msvcrt.dll;SUCCESS;Name: \Windows\System32\msvcrt.dll
16:32:36;5356276;mysql.exe;2900;QueryNameInformationFile;C:\Windows\System32\msctf.dll;SUCCESS;Name: \Windows\System32\msctf.dll
16:32:36;5356589;mysql.exe;2900;QueryNameInformationFile;C:\Windows\System32\gdi32.dll;SUCCESS;Name: \Windows\System32\gdi32.dll
16:32:36;5356909;mysql.exe;2900;QueryNameInformationFile;C:\Windows\System32\rpcrt4.dll;SUCCESS;Name: \Windows\System32\rpcrt4.dll
16:32:36;5357204;mysql.exe;2900;QueryNameInformationFile;C:\Windows\System32\kernel32.dll;SUCCESS;Name: \Windows\System32\kernel32.dll
16:32:36;5357493;mysql.exe;2900;QueryNameInformationFile;C:\Windows\System32\user32.dll;SUCCESS;Name: \Windows\System32\user32.dll
16:32:36;5357785;mysql.exe;2900;QueryNameInformationFile;C:\Windows\System32\advapi32.dll;SUCCESS;Name: \Windows\System32\advapi32.dll
16:32:36;5358095;mysql.exe;2900;QueryNameInformationFile;C:\Windows\System32\ntdll.dll;SUCCESS;Name: \Windows\System32\ntdll.dll
16:32:36;5358387;mysql.exe;2900;QueryNameInformationFile;C:\Windows\System32\nsi.dll;SUCCESS;Name: \Windows\System32\nsi.dll
16:32:36;5358677;mysql.exe;2900;QueryNameInformationFile;C:\Windows\System32\imm32.dll;SUCCESS;Name: \Windows\System32\imm32.dll
16:32:36;5358975;mysql.exe;2900;QueryNameInformationFile;C:\Windows\System32\usp10.dll;SUCCESS;Name: \Windows\System32\usp10.dll
16:32:36;5360159;mysql.exe;2900;Process Exit;;SUCCESS;Exit Status: 0, User Time: 0.0000000, Kernel Time: 0.0936006, Private Bytes: 2.351.104, Peak Private Bytes: 2.531.328, Working Set: 3.514.368, Peak Working Set: 3.870.720
16:32:36;5360299;mysql.exe;2900;CloseFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;
16:32:36;5361505;mysql.exe;2900;RegCloseKey;HKLM;SUCCESS;
16:32:36;5361663;mysql.exe;2900;RegCloseKey;HKLM\System\CurrentControlSet\Control\Session Manager;SUCCESS;
16:32:36;5366606;cmd.exe;6104;CloseFile;D:\Dump20100219\drupal_dss_access.sql;SUCCESS;
16:32:36;5368658;cmd.exe;6104;Thread Exit;;SUCCESS;User Time: 0.0000000, Kernel Time: 0.0000000
16:32:36;5377322;cmd.exe;6104;QueryNameInformationFile;C:\Windows\System32\cmd.exe;SUCCESS;Name: \Windows\System32\cmd.exe
16:32:36;5377726;cmd.exe;6104;QueryNameInformationFile;C:\Windows\System32\apphelp.dll;SUCCESS;Name: \Windows\System32\apphelp.dll
16:32:36;5378042;cmd.exe;6104;QueryNameInformationFile;C:\Windows\System32\msvcrt.dll;SUCCESS;Name: \Windows\System32\msvcrt.dll
16:32:36;5378336;cmd.exe;6104;QueryNameInformationFile;C:\Windows\System32\rpcrt4.dll;SUCCESS;Name: \Windows\System32\rpcrt4.dll
16:32:36;5378631;cmd.exe;6104;QueryNameInformationFile;C:\Windows\System32\kernel32.dll;SUCCESS;Name: \Windows\System32\kernel32.dll
16:32:36;5378926;cmd.exe;6104;QueryNameInformationFile;C:\Windows\System32\advapi32.dll;SUCCESS;Name: \Windows\System32\advapi32.dll
16:32:36;5379239;cmd.exe;6104;QueryNameInformationFile;C:\Windows\System32\ntdll.dll;SUCCESS;Name: \Windows\System32\ntdll.dll
16:32:36;5381149;cmd.exe;6104;Process Exit;;SUCCESS;Exit Status: 0, User Time: 0.0000000, Kernel Time: 0.0000000, Private Bytes: 1.671.168, Peak Private Bytes: 1.679.360, Working Set: 1.921.024, Peak Working Set: 1.970.176
16:32:36;5381340;cmd.exe;6104;CloseFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;
16:32:36;5381951;cmd.exe;6104;RegCloseKey;HKLM;SUCCESS;
16:32:36;5382133;cmd.exe;6104;RegCloseKey;HKLM\System\CurrentControlSet\Control\Nls\Locale;SUCCESS;
16:32:36;5382492;cmd.exe;6104;RegCloseKey;HKCU;SUCCESS;
16:32:36;5382622;cmd.exe;6104;RegCloseKey;HKLM\System\CurrentControlSet\Control\Nls\Locale\Alternate Sorts;SUCCESS;
16:32:36;5382740;cmd.exe;6104;RegCloseKey;HKLM\System\CurrentControlSet\Control\Nls\Language Groups;SUCCESS;
16:32:36;5382847;cmd.exe;6104;RegCloseKey;HKLM\System\CurrentControlSet\Control\Session Manager;SUCCESS;
16:32:36;5382999;cmd.exe;6104;RegCloseKey;HKCU\Software\Microsoft\Windows NT\CurrentVersion;SUCCESS;
16:32:36;5383161;cmd.exe;6104;RegCloseKey;HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags;SUCCESS;
16:32:36;5383291;cmd.exe;6104;RegCloseKey;HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options;SUCCESS;
16:32:36;5398306;MySQLWorkbench.exe;3404;CreateFile;C:\Users\erwin\AppData\Local\Temp\tmpystmgt;SUCCESS;Desired Access: Read Attributes, Delete, Disposition: Open, Options: Non-Directory File, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;5398682;MySQLWorkbench.exe;3404;QueryAttributeTagFile;C:\Users\erwin\AppData\Local\Temp\tmpystmgt;SUCCESS;Attributes: ANCI, ReparseTag: 0x0
16:32:36;5398851;MySQLWorkbench.exe;3404;SetDispositionInformationFile;C:\Users\erwin\AppData\Local\Temp\tmpystmgt;SUCCESS;Delete: True
16:32:36;5399201;MySQLWorkbench.exe;3404;CloseFile;C:\Users\erwin\AppData\Local\Temp\tmpystmgt;SUCCESS;
16:32:36;5402806;MySQLWorkbench.exe;3404;Thread Exit;;SUCCESS;User Time: 0.0156001, Kernel Time: 0.0000000
16:32:36;6920108;MySQLWorkbench.exe;3404;QueryOpen;C:\Windows\System32\cmd.exe;FAST IO DISALLOWED;
16:32:36;6921103;MySQLWorkbench.exe;3404;CreateFile;C:\Windows\System32\cmd.exe;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;6922250;MySQLWorkbench.exe;3404;QueryBasicInformationFile;C:\Windows\System32\cmd.exe;SUCCESS;CreationTime: 25-01-2010 09:30:05, LastAccessTime: 25-01-2010 09:30:05, LastWriteTime: 18-01-2008 23:33:06, ChangeTime: 25-01-2010 09:58:58, FileAttributes: A
16:32:36;6922349;MySQLWorkbench.exe;3404;CloseFile;C:\Windows\System32\cmd.exe;SUCCESS;
16:32:36;6923635;MySQLWorkbench.exe;3404;QueryOpen;C:\Windows\System32\cmd.exe;FAST IO DISALLOWED;
16:32:36;6924582;MySQLWorkbench.exe;3404;CreateFile;C:\Windows\System32\cmd.exe;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;6925675;MySQLWorkbench.exe;3404;QueryBasicInformationFile;C:\Windows\System32\cmd.exe;SUCCESS;CreationTime: 25-01-2010 09:30:05, LastAccessTime: 25-01-2010 09:30:05, LastWriteTime: 18-01-2008 23:33:06, ChangeTime: 25-01-2010 09:58:58, FileAttributes: A
16:32:36;6925767;MySQLWorkbench.exe;3404;CloseFile;C:\Windows\System32\cmd.exe;SUCCESS;
16:32:36;6927232;MySQLWorkbench.exe;3404;CreateFile;C:\Windows\System32\cmd.exe;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;6929529;MySQLWorkbench.exe;3404;RegOpenKey;HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmd.exe;NAME NOT FOUND;Desired Access: Query Value, Enumerate Sub Keys
16:32:36;6929913;MySQLWorkbench.exe;3404;QuerySecurityFile;C:\Windows\System32\cmd.exe;SUCCESS;Information: 0x10
16:32:36;6931098;MySQLWorkbench.exe;3404;QueryNameInformationFile;C:\Windows\System32\cmd.exe;SUCCESS;Name: \Windows\System32\cmd.exe
16:32:36;6932255;MySQLWorkbench.exe;3404;Process Create;C:\Windows\system32\cmd.exe;SUCCESS;PID: 5892, Command line: C:\Windows\system32\cmd.exe /c sc query mysql 
16:32:36;6932280;cmd.exe;5892;Process Start;;SUCCESS;Parent PID: 3404
16:32:36;6932308;cmd.exe;5892;Thread Create;;SUCCESS;Thread ID: 5232
16:32:36;6932619;MySQLWorkbench.exe;3404;QuerySecurityFile;C:\Windows\System32\cmd.exe;SUCCESS;Information: Owner, Group, DACL, SACL, 0x10
16:32:36;6932760;MySQLWorkbench.exe;3404;QueryBasicInformationFile;C:\Windows\System32\cmd.exe;SUCCESS;CreationTime: 25-01-2010 09:30:05, LastAccessTime: 25-01-2010 09:30:05, LastWriteTime: 18-01-2008 23:33:06, ChangeTime: 25-01-2010 09:58:58, FileAttributes: A
16:32:36;6932980;MySQLWorkbench.exe;3404;RegOpenKey;HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers;SUCCESS;Desired Access: Query Value
16:32:36;6933254;MySQLWorkbench.exe;3404;RegQueryValue;HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\C:\Windows\system32\cmd.exe;NAME NOT FOUND;Length: 16
16:32:36;6933414;MySQLWorkbench.exe;3404;RegCloseKey;HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers;SUCCESS;
16:32:36;6933569;MySQLWorkbench.exe;3404;RegOpenKey;HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\cmd.exe;NAME NOT FOUND;Desired Access: Query Value
16:32:36;6933757;MySQLWorkbench.exe;3404;RegOpenKey;HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide;SUCCESS;Desired Access: Read
16:32:36;6933954;MySQLWorkbench.exe;3404;RegQueryValue;HKLM\COMPONENTS\PreferExternalManifest;NAME NOT FOUND;Length: 20
16:32:36;6934063;MySQLWorkbench.exe;3404;RegCloseKey;HKLM\COMPONENTS;SUCCESS;
16:32:36;6938981;MySQLWorkbench.exe;3404;CreateFile;C:\Windows\AppPatch\sysmain.sdb;SUCCESS;Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened
16:32:36;6940595;MySQLWorkbench.exe;3404;QueryStandardInformationFile;C:\Windows\AppPatch\sysmain.sdb;SUCCESS;AllocationSize: 3.293.184, EndOfFile: 3.289.592, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;6940802;MySQLWorkbench.exe;3404;QueryStandardInformationFile;C:\Windows\AppPatch\sysmain.sdb;SUCCESS;AllocationSize: 3.293.184, EndOfFile: 3.289.592, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;6941217;MySQLWorkbench.exe;3404;QueryStandardInformationFile;C:\Windows\AppPatch\sysmain.sdb;SUCCESS;AllocationSize: 3.293.184, EndOfFile: 3.289.592, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;6941815;MySQLWorkbench.exe;3404;CloseFile;C:\Windows\AppPatch\sysmain.sdb;SUCCESS;
16:32:36;6942185;MySQLWorkbench.exe;3404;CloseFile;C:\Windows\System32\cmd.exe;SUCCESS;
16:32:36;6943921;cmd.exe;5892;Load Image;C:\Windows\System32\cmd.exe;SUCCESS;Image Base: 0x4ab10000, Image Size: 0x50000
16:32:36;6945386;cmd.exe;5892;Load Image;C:\Windows\System32\ntdll.dll;SUCCESS;Image Base: 0x777c0000, Image Size: 0x127000
16:32:36;6947749;cmd.exe;5892;CreateFile;C:\Windows\Prefetch\CMD.EXE-0BD30981.pf;SUCCESS;Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: None, AllocationSize: n/a, OpenResult: Opened
16:32:36;6948055;cmd.exe;5892;QueryStandardInformationFile;C:\Windows\Prefetch\CMD.EXE-0BD30981.pf;SUCCESS;AllocationSize: 8.192, EndOfFile: 6.410, NumberOfLinks: 1, DeletePending: False, Directory: False
16:32:36;6948243;cmd.exe;5892;ReadFile;C:\Windows\Prefetch\CMD.EXE-0BD30981.pf;SUCCESS;Offset: 0, Length: 6.410, Priority: Normal
16:32:36;6948525;cmd.exe;5892;CloseFile;C:\Windows\Prefetch\CMD.EXE-0BD30981.pf;SUCCESS;
16:32:36;6951454;cmd.exe;5892;CreateFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened
16:32:36;6953466;cmd.exe;5892;Load Image;C:\Windows\System32\kernel32.dll;SUCCESS;Image Base: 0x77180000, Image Size: 0xdc000
16:32:36;7004429;cmd.exe;5892;Load Image;C:\Windows\System32\advapi32.dll;SUCCESS;Image Base: 0x776f0000, Image Size: 0xc6000
16:32:36;7008189;cmd.exe;5892;Load Image;C:\Windows\System32\rpcrt4.dll;SUCCESS;Image Base: 0x77020000, Image Size: 0xc3000
16:32:36;7011499;cmd.exe;5892;Load Image;C:\Windows\System32\msvcrt.dll;SUCCESS;Image Base: 0x761f0000, Image Size: 0xaa000
16:32:36;7013056;cmd.exe;5892;RegOpenKey;HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon;SUCCESS;Desired Access: Read
16:32:36;7013381;cmd.exe;5892;RegQueryValue;HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\LeakTrack;NAME NOT FOUND;Length: 144
16:32:36;7013532;cmd.exe;5892;RegCloseKey;HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon;SUCCESS;
16:32:36;7013810;cmd.exe;5892;RegOpenKey;HKLM\System\Setup;SUCCESS;Desired Access: Read
16:32:36;7013989;cmd.exe;5892;RegQueryValue;HKLM\SYSTEM\Setup\SystemSetupInProgress;SUCCESS;Type: REG_DWORD, Length: 4, Data: 0
16:32:36;7014111;cmd.exe;5892;RegCloseKey;HKLM\SYSTEM\Setup;SUCCESS;
16:32:36;7014232;cmd.exe;5892;RegOpenKey;HKLM;SUCCESS;Desired Access: Maximum Allowed, Granted Access: Read
16:32:36;7014445;cmd.exe;5892;RegOpenKey;HKLM\Software\Microsoft\Windows NT\CurrentVersion\Diagnostics;NAME NOT FOUND;Desired Access: Read
16:32:36;7015945;cmd.exe;5892;QueryNameInformationFile;C:\Windows\System32\cmd.exe;SUCCESS;Name: \Windows\System32\cmd.exe
16:32:36;7016745;cmd.exe;5892;RegOpenKey;HKLM\Software\Policies\Microsoft\MUI\Settings;NAME NOT FOUND;Desired Access: Read
16:32:36;7017582;cmd.exe;5892;RegOpenKey;HKCU;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;7018317;cmd.exe;5892;RegOpenKey;HKCU\Software\Policies\Microsoft\Control Panel\Desktop;NAME NOT FOUND;Desired Access: Read
16:32:36;7018473;cmd.exe;5892;RegOpenKey;HKCU\Control Panel\Desktop;SUCCESS;Desired Access: Read
16:32:36;7018662;cmd.exe;5892;RegOpenKey;HKCU\Control Panel\Desktop\LanguageConfiguration;SUCCESS;Desired Access: Read
16:32:36;7018834;cmd.exe;5892;RegEnumValue;HKCU\Control Panel\Desktop\LanguageConfiguration;NO MORE ENTRIES;Index: 0, Length: 512
16:32:36;7018975;cmd.exe;5892;RegCloseKey;HKCU\Control Panel\Desktop\LanguageConfiguration;SUCCESS;
16:32:36;7019085;cmd.exe;5892;RegCloseKey;HKCU\Control Panel\Desktop;SUCCESS;
16:32:36;7019179;cmd.exe;5892;RegCloseKey;HKCU;SUCCESS;
16:32:36;7019292;cmd.exe;5892;RegOpenKey;HKLM\Software\Policies\Microsoft\MUI\Settings;NAME NOT FOUND;Desired Access: Read
16:32:36;7019490;cmd.exe;5892;RegOpenKey;HKCU;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;7019671;cmd.exe;5892;RegOpenKey;HKCU\Software\Policies\Microsoft\Control Panel\Desktop;NAME NOT FOUND;Desired Access: Read
16:32:36;7019804;cmd.exe;5892;RegOpenKey;HKCU\Control Panel\Desktop;SUCCESS;Desired Access: Read
16:32:36;7020005;cmd.exe;5892;RegCloseKey;HKCU;SUCCESS;
16:32:36;7020127;cmd.exe;5892;RegQueryValue;HKCU\Control Panel\Desktop\PreferredUILanguages;NAME NOT FOUND;Length: 12
16:32:36;7020290;cmd.exe;5892;RegCloseKey;HKCU\Control Panel\Desktop;SUCCESS;
16:32:36;7020402;cmd.exe;5892;RegOpenKey;HKLM\Software\Policies\Microsoft\MUI\Settings;NAME NOT FOUND;Desired Access: Read
16:32:36;7020594;cmd.exe;5892;RegOpenKey;HKCU;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;7020768;cmd.exe;5892;RegOpenKey;HKCU\Control Panel\Desktop;SUCCESS;Desired Access: Read
16:32:36;7020907;cmd.exe;5892;RegCloseKey;HKCU;SUCCESS;
16:32:36;7021074;cmd.exe;5892;RegQueryValue;HKCU\Control Panel\Desktop\CachedMachinePreferredUILanguages;NAME NOT FOUND;Length: 12
16:32:36;7021206;cmd.exe;5892;RegOpenKey;HKLM\System\CurrentControlSet\Control\MUI\Settings;REPARSE;Desired Access: Read
16:32:36;7021378;cmd.exe;5892;RegOpenKey;HKLM\System\CurrentControlSet\Control\MUI\Settings;SUCCESS;Desired Access: Read
16:32:36;7021560;cmd.exe;5892;RegQueryValue;HKLM\System\CurrentControlSet\Control\MUI\Settings\PreferredUILanguages;NAME NOT FOUND;Length: 12
16:32:36;7021684;cmd.exe;5892;RegCloseKey;HKLM\System\CurrentControlSet\Control\MUI\Settings;SUCCESS;
16:32:36;7021796;cmd.exe;5892;RegCloseKey;HKCU\Control Panel\Desktop;SUCCESS;
16:32:36;7022159;cmd.exe;5892;RegOpenKey;HKLM\Software\Policies\Microsoft\MUI\Settings;NAME NOT FOUND;Desired Access: Read
16:32:36;7022362;cmd.exe;5892;RegOpenKey;HKCU;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;7022542;cmd.exe;5892;RegOpenKey;HKCU\Software\Policies\Microsoft\Control Panel\Desktop;NAME NOT FOUND;Desired Access: Read
16:32:36;7022671;cmd.exe;5892;RegOpenKey;HKCU\Control Panel\Desktop;SUCCESS;Desired Access: Read
16:32:36;7022815;cmd.exe;5892;RegCloseKey;HKCU;SUCCESS;
16:32:36;7022928;cmd.exe;5892;RegQueryValue;HKCU\Control Panel\Desktop\PreferredUILanguages;NAME NOT FOUND;Length: 12
16:32:36;7023060;cmd.exe;5892;RegCloseKey;HKCU\Control Panel\Desktop;SUCCESS;
16:32:36;7023487;cmd.exe;5892;RegOpenKey;HKCU;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;7023679;cmd.exe;5892;RegOpenKey;HKCU\Software\Policies\Microsoft\Windows\System;NAME NOT FOUND;Desired Access: Read
16:32:36;7025345;cmd.exe;5892;RegOpenKey;HKLM\Software\Microsoft\Command Processor;SUCCESS;Desired Access: Maximum Allowed, Granted Access: Read
16:32:36;7025564;cmd.exe;5892;RegQueryValue;HKLM\SOFTWARE\Microsoft\Command Processor\DisableUNCCheck;NAME NOT FOUND;Length: 144
16:32:36;7025693;cmd.exe;5892;RegQueryValue;HKLM\SOFTWARE\Microsoft\Command Processor\EnableExtensions;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1
16:32:36;7025829;cmd.exe;5892;RegQueryValue;HKLM\SOFTWARE\Microsoft\Command Processor\DelayedExpansion;NAME NOT FOUND;Length: 144
16:32:36;7025942;cmd.exe;5892;RegQueryValue;HKLM\SOFTWARE\Microsoft\Command Processor\DefaultColor;SUCCESS;Type: REG_DWORD, Length: 4, Data: 0
16:32:36;7026058;cmd.exe;5892;RegQueryValue;HKLM\SOFTWARE\Microsoft\Command Processor\CompletionChar;SUCCESS;Type: REG_DWORD, Length: 4, Data: 64
16:32:36;7026173;cmd.exe;5892;RegQueryValue;HKLM\SOFTWARE\Microsoft\Command Processor\PathCompletionChar;SUCCESS;Type: REG_DWORD, Length: 4, Data: 64
16:32:36;7026291;cmd.exe;5892;RegQueryValue;HKLM\SOFTWARE\Microsoft\Command Processor\AutoRun;NAME NOT FOUND;Length: 144
16:32:36;7026429;cmd.exe;5892;RegCloseKey;HKLM\SOFTWARE\Microsoft\Command Processor;SUCCESS;
16:32:36;7026544;cmd.exe;5892;RegOpenKey;HKCU\Software\Microsoft\Command Processor;SUCCESS;Desired Access: Maximum Allowed, Granted Access: All Access
16:32:36;7026750;cmd.exe;5892;RegQueryValue;HKCU\Software\Microsoft\Command Processor\DisableUNCCheck;NAME NOT FOUND;Length: 144
16:32:36;7026937;cmd.exe;5892;RegQueryValue;HKCU\Software\Microsoft\Command Processor\EnableExtensions;SUCCESS;Type: REG_DWORD, Length: 4, Data: 1
16:32:36;7038976;cmd.exe;5892;RegQueryValue;HKCU\Software\Microsoft\Command Processor\DelayedExpansion;NAME NOT FOUND;Length: 144
16:32:36;7039162;cmd.exe;5892;RegQueryValue;HKCU\Software\Microsoft\Command Processor\DefaultColor;SUCCESS;Type: REG_DWORD, Length: 4, Data: 0
16:32:36;7039286;cmd.exe;5892;RegQueryValue;HKCU\Software\Microsoft\Command Processor\CompletionChar;SUCCESS;Type: REG_DWORD, Length: 4, Data: 9
16:32:36;7039409;cmd.exe;5892;RegQueryValue;HKCU\Software\Microsoft\Command Processor\PathCompletionChar;SUCCESS;Type: REG_DWORD, Length: 4, Data: 9
16:32:36;7039533;cmd.exe;5892;RegQueryValue;HKCU\Software\Microsoft\Command Processor\AutoRun;NAME NOT FOUND;Length: 144
16:32:36;7039659;cmd.exe;5892;RegCloseKey;HKCU\Software\Microsoft\Command Processor;SUCCESS;
16:32:36;7041499;cmd.exe;5892;QueryOpen;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;FAST IO DISALLOWED;
16:32:36;7042473;cmd.exe;5892;CreateFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;7042798;cmd.exe;5892;QueryBasicInformationFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;CreationTime: 22-02-2010 11:56:27, LastAccessTime: 22-02-2010 11:56:33, LastWriteTime: 22-02-2010 11:56:33, ChangeTime: 22-02-2010 11:56:33, FileAttributes: D
16:32:36;7042900;cmd.exe;5892;CloseFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;
16:32:36;7043334;cmd.exe;5892;CreateFile;C:\;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;7043694;cmd.exe;5892;QueryDirectory;C:\Program Files;SUCCESS;Filter: Program Files, 1: Program Files
16:32:36;7043970;cmd.exe;5892;CloseFile;C:\;SUCCESS;
16:32:36;7045295;cmd.exe;5892;CreateFile;C:\Program Files;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;7045647;cmd.exe;5892;QueryDirectory;C:\Program Files\MySQL;SUCCESS;Filter: MySQL, 1: MySQL
16:32:36;7045912;cmd.exe;5892;CloseFile;C:\Program Files;SUCCESS;
16:32:36;7047363;cmd.exe;5892;CreateFile;C:\Program Files\MySQL;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;7047708;cmd.exe;5892;QueryDirectory;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;Filter: MySQL Workbench 5.2 OSS, 1: MySQL Workbench 5.2 OSS
16:32:36;7048017;cmd.exe;5892;CloseFile;C:\Program Files\MySQL;SUCCESS;
16:32:36;7049277;cmd.exe;5892;QueryOpen;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;FAST IO DISALLOWED;
16:32:36;7050313;cmd.exe;5892;CreateFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;7050592;cmd.exe;5892;QueryBasicInformationFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;CreationTime: 22-02-2010 11:56:27, LastAccessTime: 22-02-2010 11:56:33, LastWriteTime: 22-02-2010 11:56:33, ChangeTime: 22-02-2010 11:56:33, FileAttributes: D
16:32:36;7050693;cmd.exe;5892;CloseFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;
16:32:36;7052077;cmd.exe;5892;RegOpenKey;HKLM\System\CurrentControlSet\Control\Nls\CustomLocale;REPARSE;Desired Access: Read
16:32:36;7052270;cmd.exe;5892;RegOpenKey;HKLM\System\CurrentControlSet\Control\Nls\CustomLocale;SUCCESS;Desired Access: Read
16:32:36;7052471;cmd.exe;5892;RegQueryValue;HKLM\System\CurrentControlSet\Control\Nls\CustomLocale\nl-NL;NAME NOT FOUND;Length: 532
16:32:36;7052589;cmd.exe;5892;RegCloseKey;HKLM\System\CurrentControlSet\Control\Nls\CustomLocale;SUCCESS;
16:32:36;7052706;cmd.exe;5892;RegOpenKey;HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale;REPARSE;Desired Access: Read
16:32:36;7052846;cmd.exe;5892;RegOpenKey;HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale;NAME NOT FOUND;Desired Access: Read
16:32:36;7053360;cmd.exe;5892;RegOpenKey;HKLM\System\CurrentControlSet\Control\Nls\Locale;REPARSE;Desired Access: Read
16:32:36;7053506;cmd.exe;5892;RegOpenKey;HKLM\System\CurrentControlSet\Control\Nls\Locale;SUCCESS;Desired Access: Read
16:32:36;7053682;cmd.exe;5892;RegOpenKey;HKLM\System\CurrentControlSet\Control\Nls\Locale\Alternate Sorts;REPARSE;Desired Access: Read
16:32:36;7053824;cmd.exe;5892;RegOpenKey;HKLM\System\CurrentControlSet\Control\Nls\Locale\Alternate Sorts;SUCCESS;Desired Access: Read
16:32:36;7053990;cmd.exe;5892;RegOpenKey;HKLM\System\CurrentControlSet\Control\Nls\Language Groups;REPARSE;Desired Access: Read
16:32:36;7054122;cmd.exe;5892;RegOpenKey;HKLM\System\CurrentControlSet\Control\Nls\Language Groups;SUCCESS;Desired Access: Read
16:32:36;7054302;cmd.exe;5892;RegQueryValue;HKLM\System\CurrentControlSet\Control\Nls\Locale\00000413;SUCCESS;Type: REG_SZ, Length: 4, Data: 1
16:32:36;7054440;cmd.exe;5892;RegQueryValue;HKLM\System\CurrentControlSet\Control\Nls\Language Groups\1;SUCCESS;Type: REG_SZ, Length: 4, Data: 1
16:32:36;7059383;cmd.exe;5892;CreateFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;7059773;cmd.exe;5892;QueryDirectory;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\sc.*;NO SUCH FILE;Filter: sc.*
16:32:36;7060042;cmd.exe;5892;CloseFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;
16:32:36;7061366;cmd.exe;5892;CreateFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;7061719;cmd.exe;5892;QueryDirectory;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS\sc;NO SUCH FILE;Filter: sc
16:32:36;7061953;cmd.exe;5892;CloseFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;
16:32:36;7062889;cmd.exe;5892;CreateFile;D:\Program Files\PHP;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;7063232;cmd.exe;5892;QueryDirectory;D:\Program Files\PHP\sc.*;NO SUCH FILE;Filter: sc.*
16:32:36;7063428;cmd.exe;5892;CloseFile;D:\Program Files\PHP;SUCCESS;
16:32:36;7064270;cmd.exe;5892;CreateFile;D:\Program Files\PHP;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;7064586;cmd.exe;5892;QueryDirectory;D:\Program Files\PHP\sc;NO SUCH FILE;Filter: sc
16:32:36;7064763;cmd.exe;5892;CloseFile;D:\Program Files\PHP;SUCCESS;
16:32:36;7066152;cmd.exe;5892;CreateFile;C:\Windows\System32;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;7066503;cmd.exe;5892;QueryDirectory;C:\Windows\System32\sc.*;SUCCESS;Filter: sc.*, 1: sc.exe
16:32:36;7066845;cmd.exe;5892;CloseFile;C:\Windows\System32;SUCCESS;
16:32:36;7069034;cmd.exe;5892;CreateFile;C:\Windows\System32;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;7069384;cmd.exe;5892;QueryDirectory;C:\Windows\System32\sc.COM;NO SUCH FILE;Filter: sc.COM
16:32:36;7069683;cmd.exe;5892;CloseFile;C:\Windows\System32;SUCCESS;
16:32:36;7071004;cmd.exe;5892;CreateFile;C:\Windows\System32;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;7071340;cmd.exe;5892;QueryDirectory;C:\Windows\System32\sc.EXE;SUCCESS;Filter: sc.EXE, 1: sc.exe
16:32:36;7071614;cmd.exe;5892;CloseFile;C:\Windows\System32;SUCCESS;
16:32:36;7073337;cmd.exe;5892;QueryOpen;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;FAST IO DISALLOWED;
16:32:36;7074294;cmd.exe;5892;CreateFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;7074582;cmd.exe;5892;QueryBasicInformationFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;CreationTime: 22-02-2010 11:56:27, LastAccessTime: 22-02-2010 11:56:33, LastWriteTime: 22-02-2010 11:56:33, ChangeTime: 22-02-2010 11:56:33, FileAttributes: D
16:32:36;7074680;cmd.exe;5892;CloseFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;
16:32:36;7075129;cmd.exe;5892;RegOpenKey;HKLM\System\CurrentControlSet\Control\Session Manager;REPARSE;Desired Access: Query Value
16:32:36;7075367;cmd.exe;5892;RegOpenKey;HKLM\System\CurrentControlSet\Control\Session Manager;SUCCESS;Desired Access: Query Value
16:32:36;7075559;cmd.exe;5892;RegQueryValue;HKLM\System\CurrentControlSet\Control\Session Manager\SafeDllSearchMode;NAME NOT FOUND;Length: 16
16:32:36;7076962;cmd.exe;5892;CreateFile;C:\Windows\System32\sc.exe;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;7089500;cmd.exe;5892;RegOpenKey;HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sc.exe;NAME NOT FOUND;Desired Access: Query Value, Enumerate Sub Keys
16:32:36;7089836;cmd.exe;5892;QuerySecurityFile;C:\Windows\System32\sc.exe;SUCCESS;Information: 0x10
16:32:36;7091001;cmd.exe;5892;QueryNameInformationFile;C:\Windows\System32\sc.exe;SUCCESS;Name: \Windows\System32\sc.exe
16:32:36;7092170;cmd.exe;5892;Process Create;C:\Windows\system32\sc.exe;SUCCESS;PID: 5452, Command line: sc  query mysql 
16:32:36;7092476;cmd.exe;5892;RegOpenKey;HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls;REPARSE;Desired Access: Query Value
16:32:36;7092655;cmd.exe;5892;RegOpenKey;HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls;NAME NOT FOUND;Desired Access: Query Value
16:32:36;7092897;cmd.exe;5892;RegOpenKey;HKLM\System\CurrentControlSet\Control\SafeBoot\Option;REPARSE;Desired Access: Query Value, Set Value
16:32:36;7093044;cmd.exe;5892;RegOpenKey;HKLM\System\CurrentControlSet\Control\SafeBoot\Option;NAME NOT FOUND;Desired Access: Query Value, Set Value
16:32:36;7093192;cmd.exe;5892;RegOpenKey;HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers;SUCCESS;Desired Access: Query Value
16:32:36;7093423;cmd.exe;5892;RegQueryValue;HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\TransparentEnabled;NAME NOT FOUND;Length: 80
16:32:36;7093558;cmd.exe;5892;RegQueryValue;HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\AuthenticodeEnabled;SUCCESS;Type: REG_DWORD, Length: 4, Data: 0
16:32:36;7093697;cmd.exe;5892;RegCloseKey;HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers;SUCCESS;
16:32:36;7093985;cmd.exe;5892;RegOpenKey;HKCU\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers;NAME NOT FOUND;Desired Access: Query Value
16:32:36;7094176;cmd.exe;5892;RegOpenKey;HKLM\System\CurrentControlSet\Control\SafeBoot\Option;REPARSE;Desired Access: Query Value
16:32:36;7094312;cmd.exe;5892;RegOpenKey;HKLM\System\CurrentControlSet\Control\SafeBoot\Option;NAME NOT FOUND;Desired Access: Query Value
16:32:36;7094443;cmd.exe;5892;RegOpenKey;HKLM\System\CurrentControlSet\Control\Session Manager\AppCompatibility;REPARSE;Desired Access: Query Value
16:32:36;7094577;cmd.exe;5892;RegOpenKey;HKLM\System\CurrentControlSet\Control\Session Manager\AppCompatibility;NAME NOT FOUND;Desired Access: Query Value
16:32:36;7094715;cmd.exe;5892;RegOpenKey;HKLM\Software\Policies\Microsoft\Windows\AppCompat;NAME NOT FOUND;Desired Access: Query Value
16:32:36;7094955;cmd.exe;5892;QuerySecurityFile;C:\Windows\System32\sc.exe;SUCCESS;Information: Owner, Group, DACL, SACL, 0x10
16:32:36;7095111;cmd.exe;5892;QueryBasicInformationFile;C:\Windows\System32\sc.exe;SUCCESS;CreationTime: 02-11-2006 09:35:13, LastAccessTime: 02-11-2006 11:40:28, LastWriteTime: 02-11-2006 10:45:39, ChangeTime: 25-01-2010 09:07:40, FileAttributes: A
16:32:36;7095349;cmd.exe;5892;RegOpenKey;HKCU\Software\Microsoft\Windows NT\CurrentVersion;SUCCESS;Desired Access: Enumerate Sub Keys
16:32:36;7095579;cmd.exe;5892;RegOpenKey;HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers;SUCCESS;Desired Access: Query Value
16:32:36;7095855;cmd.exe;5892;RegQueryValue;HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\C:\Windows\system32\sc.exe;NAME NOT FOUND;Length: 16
16:32:36;7096010;cmd.exe;5892;RegCloseKey;HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers;SUCCESS;
16:32:36;7096137;cmd.exe;5892;RegOpenKey;HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags;SUCCESS;Desired Access: Enumerate Sub Keys
16:32:36;7096395;cmd.exe;5892;RegOpenKey;HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\sc.exe;NAME NOT FOUND;Desired Access: Query Value
16:32:36;7096554;cmd.exe;5892;RegOpenKey;HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options;SUCCESS;Desired Access: Query Value, Enumerate Sub Keys
16:32:36;7096756;cmd.exe;5892;RegQueryValue;HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DisableLocalOverride;NAME NOT FOUND;Length: 1.024
16:32:36;7096874;cmd.exe;5892;RegOpenKey;HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide;SUCCESS;Desired Access: Read
16:32:36;7097064;cmd.exe;5892;RegQueryValue;HKLM\COMPONENTS\PreferExternalManifest;NAME NOT FOUND;Length: 20
16:32:36;7097182;cmd.exe;5892;RegCloseKey;HKLM\COMPONENTS;SUCCESS;
16:32:36;7101913;cmd.exe;5892;QueryOpen;C:\Windows\System32\apphelp.dll;FAST IO DISALLOWED;
16:32:36;7102964;cmd.exe;5892;CreateFile;C:\Windows\System32\apphelp.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;7104219;cmd.exe;5892;QueryBasicInformationFile;C:\Windows\System32\apphelp.dll;SUCCESS;CreationTime: 25-01-2010 10:11:43, LastAccessTime: 25-01-2010 10:11:43, LastWriteTime: 10-04-2009 23:28:18, ChangeTime: 25-01-2010 10:24:17, FileAttributes: A
16:32:36;7104319;cmd.exe;5892;CloseFile;C:\Windows\System32\apphelp.dll;SUCCESS;
16:32:36;7105686;cmd.exe;5892;CreateFile;C:\Windows\System32\apphelp.dll;SUCCESS;Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;7109522;cmd.exe;5892;Load Image;C:\Windows\System32\apphelp.dll;SUCCESS;Image Base: 0x75ca0000, Image Size: 0x2c000
16:32:36;7109760;cmd.exe;5892;CloseFile;C:\Windows\System32\apphelp.dll;SUCCESS;
16:32:36;7111199;cmd.exe;5892;QueryOpen;C:\Windows\System32\apphelp.dll;FAST IO DISALLOWED;
16:32:36;7112184;cmd.exe;5892;CreateFile;C:\Windows\System32\apphelp.dll;SUCCESS;Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;7114025;cmd.exe;5892;QueryBasicInformationFile;C:\Windows\System32\apphelp.dll;SUCCESS;CreationTime: 25-01-2010 10:11:43, LastAccessTime: 25-01-2010 10:11:43, LastWriteTime: 10-04-2009 23:28:18, ChangeTime: 25-01-2010 10:24:17, FileAttributes: A
16:32:36;7114128;cmd.exe;5892;CloseFile;C:\Windows\System32\apphelp.dll;SUCCESS;
16:32:36;7115702;cmd.exe;5892;CreateFile;C:\Windows\System32\apphelp.dll;SUCCESS;Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
16:32:36;7117934;cmd.exe;5892;RegOpenKey;HKLM\System\CurrentControlSet\Control\SafeBoot\Option;REPARSE;Desired Access: Query Value, Set Value
16:32:36;7118122;cmd.exe;5892;RegOpenKey;HKLM\System\CurrentControlSet\Control\SafeBoot\Option;NAME NOT FOUND;Desired Access: Query Value, Set Value
16:32:36;7118270;cmd.exe;5892;RegOpenKey;HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers;SUCCESS;Desired Access: Query Value
16:32:36;7118483;cmd.exe;5892;RegQueryValue;HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\TransparentEnabled;NAME NOT FOUND;Length: 80
16:32:36;7118675;cmd.exe;5892;RegCloseKey;HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers;SUCCESS;
16:32:36;7118897;cmd.exe;5892;RegOpenKey;HKCU\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers;NAME NOT FOUND;Desired Access: Query Value
16:32:36;7119082;cmd.exe;5892;CloseFile;C:\Windows\System32\apphelp.dll;SUCCESS;
16:32:36;7120544;cmd.exe;5892;Load Image;C:\Windows\System32\apphelp.dll;SUCCESS;Image Base: 0x75ca0000, Image Size: 0x2c000
16:32:36;7122620;cmd.exe;5892;CreateFile;C:\Windows\AppPatch\sysmain.sdb;SUCCESS;Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened
16:32:36;7124307;cmd.exe;5892;QueryStandardInformationFile;C:\Windows\AppPatch\sysmain.sdb;SUCCESS;AllocationSize: 3.293.184, EndOfFile: 3.289.592, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;7124531;cmd.exe;5892;QueryStandardInformationFile;C:\Windows\AppPatch\sysmain.sdb;SUCCESS;AllocationSize: 3.293.184, EndOfFile: 3.289.592, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;7124972;cmd.exe;5892;QueryStandardInformationFile;C:\Windows\AppPatch\sysmain.sdb;SUCCESS;AllocationSize: 3.293.184, EndOfFile: 3.289.592, NumberOfLinks: 2, DeletePending: False, Directory: False
16:32:36;7125495;cmd.exe;5892;CloseFile;C:\Windows\AppPatch\sysmain.sdb;SUCCESS;
16:32:36;7126003;cmd.exe;5892;CloseFile;C:\Windows\System32\sc.exe;SUCCESS;
16:32:36;7205943;cmd.exe;5892;Thread Exit;;SUCCESS;User Time: 0.0000000, Kernel Time: 0.0156001
16:32:36;7214381;cmd.exe;5892;QueryNameInformationFile;C:\Windows\System32\cmd.exe;SUCCESS;Name: \Windows\System32\cmd.exe
16:32:36;7214867;cmd.exe;5892;QueryNameInformationFile;C:\Windows\System32\apphelp.dll;SUCCESS;Name: \Windows\System32\apphelp.dll
16:32:36;7215290;cmd.exe;5892;QueryNameInformationFile;C:\Windows\System32\msvcrt.dll;SUCCESS;Name: \Windows\System32\msvcrt.dll
16:32:36;7215693;cmd.exe;5892;QueryNameInformationFile;C:\Windows\System32\rpcrt4.dll;SUCCESS;Name: \Windows\System32\rpcrt4.dll
16:32:36;7216021;cmd.exe;5892;QueryNameInformationFile;C:\Windows\System32\kernel32.dll;SUCCESS;Name: \Windows\System32\kernel32.dll
16:32:36;7216431;cmd.exe;5892;QueryNameInformationFile;C:\Windows\System32\advapi32.dll;SUCCESS;Name: \Windows\System32\advapi32.dll
16:32:36;7216890;cmd.exe;5892;QueryNameInformationFile;C:\Windows\System32\ntdll.dll;SUCCESS;Name: \Windows\System32\ntdll.dll
16:32:36;7218172;cmd.exe;5892;Process Exit;;SUCCESS;Exit Status: 0, User Time: 0.0000000, Kernel Time: 0.0156001, Private Bytes: 1.671.168, Peak Private Bytes: 1.679.360, Working Set: 1.912.832, Peak Working Set: 1.961.984
16:32:36;7218340;cmd.exe;5892;CloseFile;C:\Program Files\MySQL\MySQL Workbench 5.2 OSS;SUCCESS;
16:32:36;7218877;cmd.exe;5892;RegCloseKey;HKLM;SUCCESS;
16:32:36;7219029;cmd.exe;5892;RegCloseKey;HKLM\System\CurrentControlSet\Control\Nls\Locale;SUCCESS;
16:32:36;7219147;cmd.exe;5892;RegCloseKey;HKCU;SUCCESS;
16:32:36;7219535;cmd.exe;5892;RegCloseKey;HKLM\System\CurrentControlSet\Control\Nls\Locale\Alternate Sorts;SUCCESS;
16:32:36;7219646;cmd.exe;5892;RegCloseKey;HKLM\System\CurrentControlSet\Control\Nls\Language Groups;SUCCESS;
16:32:36;7219751;cmd.exe;5892;RegCloseKey;HKLM\System\CurrentControlSet\Control\Session Manager;SUCCESS;
16:32:36;7219889;cmd.exe;5892;RegCloseKey;HKCU\Software\Microsoft\Windows NT\CurrentVersion;SUCCESS;
16:32:36;7220046;cmd.exe;5892;RegCloseKey;HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags;SUCCESS;
16:32:36;7220171;cmd.exe;5892;RegCloseKey;HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options;SUCCESS;