.
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-17T22:46:51.902787002Z | 53 | PC: 13c76 | Get interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:46:51.904486268Z | 53 | PC: 13c76 | Get interrupt vector (Interrupt = '2' AKA 'Character output') |
| 2018-12-17T22:46:51.906416154Z | 53 | PC: 13c76 | Get interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:46:51.908110372Z | 53 | PC: 13c76 | Get interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:46:51.909786923Z | 53 | PC: 13c76 | Get interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:46:51.911879985Z | 53 | PC: 13c76 | Get interrupt vector (Interrupt = '52' AKA 'Get InDOS flag pointer') |
| 2018-12-17T22:46:51.913468179Z | 53 | PC: 13c76 | Get interrupt vector (Interrupt = '53' AKA 'Get interrupt vector') |
| 2018-12-17T22:46:51.915062955Z | 53 | PC: 13c76 | Get interrupt vector (Interrupt = '54' AKA 'Get free disk space') |
| 2018-12-17T22:46:51.917243054Z | 53 | PC: 13c76 | Get interrupt vector (Interrupt = '55' AKA 'Get or set switch character') |
| 2018-12-17T22:46:51.918865412Z | 53 | PC: 13c76 | Get interrupt vector (Interrupt = '56' AKA 'Get or set country info') |
| 2018-12-17T22:46:51.920434672Z | 53 | PC: 13c76 | Get interrupt vector (Interrupt = '57' AKA 'Create subdirectory') |
| 2018-12-17T22:46:51.923163061Z | 53 | PC: 13c76 | Get interrupt vector (Interrupt = '58' AKA 'Remove subdirectory') |
| 2018-12-17T22:46:51.93021746Z | 53 | PC: 13c76 | Get interrupt vector (Interrupt = '59' AKA 'Change current directory') |
| 2018-12-17T22:46:51.931952459Z | 53 | PC: 13c76 | Get interrupt vector (Interrupt = '60' AKA 'Create or truncate file') |
| 2018-12-17T22:46:51.935285075Z | 53 | PC: 13c76 | Get interrupt vector (Interrupt = '61' AKA 'Open file') |
| 2018-12-17T22:46:51.938157888Z | 53 | PC: 13c76 | Get interrupt vector (Interrupt = '62' AKA 'Close file') |
| 2018-12-17T22:46:51.94046461Z | 53 | PC: 13c76 | Get interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:46:51.943316829Z | 53 | PC: 13c76 | Get interrupt vector (Interrupt = '117' AKA 'UNKNOWN!') |
| 2018-12-17T22:46:51.944950454Z | 37 | PC: 13c8b | Set interrupt vector (Interrupt = '0' AKA 'Program terminate') |
| 2018-12-17T22:46:51.946449457Z | 37 | PC: 13c93 | Set interrupt vector (Interrupt = '35' AKA 'Get file size in records') |
| 2018-12-17T22:46:51.948008318Z | 37 | PC: 13c9b | Set interrupt vector (Interrupt = '36' AKA 'Set random record number') |
| 2018-12-17T22:46:51.950740948Z | 37 | PC: 13ca3 | Set interrupt vector (Interrupt = '63' AKA 'Read file or device') |
| 2018-12-17T22:46:51.952800949Z | 68 | PC: 141ef | I/O control for devices (Set for = '') |
| 2018-12-17T22:46:52.058591187Z | 37 | PC: 135e7 | Set interrupt vector (Interrupt = '27' AKA 'Get allocation info for default drive') |
| 2018-12-17T22:46:52.066119109Z | 26 | PC: 13bd7 | Set disk transfer address |
| 2018-12-17T22:46:52.068038392Z | 78 | PC: 13be3 | Find first file |
| 2018-12-17T22:46:52.075376813Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:52.083473838Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:52.425072819Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\IO.SYS') |
| 2018-12-17T22:46:52.428280833Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:52.433807555Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:52.45694471Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:52.467798863Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:52.470653255Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:52.475350781Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:52.482538414Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:52.505167241Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\MSDOS.SYS') |
| 2018-12-17T22:46:52.510431426Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:52.521198938Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:52.536651321Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:52.550810344Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:52.552932382Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:52.557783781Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:52.565590076Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:52.567578983Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:52.571567598Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:52.574150479Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:52.593476819Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:52.600831149Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:52.6309089Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\COMMAND.COM') |
| 2018-12-17T22:46:52.633079414Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:52.637628293Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:52.650665216Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:52.663065895Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:52.664704824Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:52.668436086Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:52.671087376Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:52.675172808Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:52.681541739Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:52.695985859Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\CONFIG.SYS') |
| 2018-12-17T22:46:52.698712092Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:52.703330286Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:52.713427637Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:52.724078582Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:52.725682168Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:52.730041014Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:52.737183152Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:52.750387418Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\AUTOEXEC.BAT') |
| 2018-12-17T22:46:52.75273063Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:52.75838562Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:52.766959685Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:52.778282718Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:52.780713651Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:52.784577322Z | 26 | PC: 13bd7 | Set disk transfer address |
| 2018-12-17T22:46:52.786249075Z | 78 | PC: 13be3 | Find first file |
| 2018-12-17T22:46:52.797285574Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:52.800238373Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:52.822490157Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:52.823943835Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:52.828503163Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:52.836540176Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:52.850198119Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\ATTRIB.EXE') |
| 2018-12-17T22:46:52.852935441Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:52.857547682Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:52.866184034Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:52.878178127Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:52.879769549Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:52.884405788Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:52.893000822Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:52.907513551Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\CHKDSK.EXE') |
| 2018-12-17T22:46:52.909879176Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:52.915215068Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:52.924038577Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:52.935212017Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:52.936808164Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:52.942347262Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:52.953750796Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:52.968329506Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\COUNTRY.SYS') |
| 2018-12-17T22:46:52.984679384Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:52.989322396Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:52.998220745Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:53.021037732Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:53.022409719Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:53.02765054Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:53.036079155Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:53.050206988Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\COUNTRY.TXT') |
| 2018-12-17T22:46:53.052228377Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:53.056821948Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:53.065936644Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:53.077943263Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:53.079665183Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:53.085345451Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:53.093796396Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:53.108372328Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\DEBUG.EXE') |
| 2018-12-17T22:46:53.111494593Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:53.116072357Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:53.125719485Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:53.137766544Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:53.139442908Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:53.144193332Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:53.152515946Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:53.167841579Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\DOSSETUP.INI') |
| 2018-12-17T22:46:53.169996825Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:53.175359135Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:53.184342287Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:53.195889603Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:53.198443544Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:53.204279741Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:53.211802187Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:53.226847323Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\DRVSPACE.BIN') |
| 2018-12-17T22:46:53.229657569Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:53.234355353Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:53.244148184Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:53.256144027Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:53.257866604Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:53.26351315Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:53.271510173Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:53.285568792Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\EDIT.COM') |
| 2018-12-17T22:46:53.289189358Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:53.295133363Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:53.307249367Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:53.322225774Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:53.324580591Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:53.330490674Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:53.340956732Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:53.360534583Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\EXPAND.EXE') |
| 2018-12-17T22:46:53.363754033Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:53.370216909Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:53.380372275Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:53.391846758Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:53.39310015Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:53.3988796Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:53.405986703Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:53.420440832Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\FDISK.EXE') |
| 2018-12-17T22:46:53.423447917Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:53.428061964Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:53.436475294Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:53.448688422Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:53.450508305Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:53.455042036Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:53.463716921Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:53.477526251Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\FORMAT.COM') |
| 2018-12-17T22:46:53.479846016Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:53.486092406Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:53.494525967Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:53.506770079Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:53.509378549Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:53.51429697Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:53.522020752Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:53.53688502Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\KEYB.COM') |
| 2018-12-17T22:46:53.53921414Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:53.543922501Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:53.554261042Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:53.566150688Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:53.567807197Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:53.572672702Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:53.580418186Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:53.594671085Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\KEYBOARD.SYS') |
| 2018-12-17T22:46:53.597208345Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:53.601979761Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:53.611225905Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:53.623570063Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:53.626207762Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:53.63092347Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:53.638269471Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:53.653457664Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\MEM.EXE') |
| 2018-12-17T22:46:53.65510693Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:53.657815348Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:53.663123995Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:53.669657241Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:53.670697804Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:53.676178997Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:53.682186108Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:53.693544118Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\NLSFUNC.EXE') |
| 2018-12-17T22:46:53.696159539Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:53.699797985Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:53.705875644Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:53.718135154Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:53.720134524Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:53.724802542Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:53.733068676Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:53.74868354Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\README.TXT') |
| 2018-12-17T22:46:53.751066945Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:53.756539844Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:53.76436361Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:53.775201954Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:53.778254261Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:53.783129267Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:53.791213343Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:53.807716226Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\NETWORKS.TXT') |
| 2018-12-17T22:46:53.810604467Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:53.816612037Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:53.82559393Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:53.837531339Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:53.839466385Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:53.844413331Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:53.852477356Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:53.867038156Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\QBASIC.EXE') |
| 2018-12-17T22:46:53.869663018Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:53.875760733Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:53.885779776Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:53.897664668Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:53.900634682Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:53.905562979Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:53.913255149Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:53.928231252Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\REPLACE.EXE') |
| 2018-12-17T22:46:53.930847324Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:53.935624167Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:53.945719329Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:53.958184699Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:53.959700268Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:53.96553655Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:53.973542104Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:53.987083515Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\RESTORE.EXE') |
| 2018-12-17T22:46:53.990140532Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:53.99498108Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:54.003486518Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:54.016271693Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:54.0181091Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:54.022858452Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:54.030826642Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:54.045273718Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\SCANDISK.EXE') |
| 2018-12-17T22:46:54.047530653Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:54.052042925Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:54.06158011Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:54.074250828Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:54.075483037Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:54.080891519Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:54.088030783Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:54.101668233Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\SCANDISK.INI') |
| 2018-12-17T22:46:54.105651155Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:54.109885677Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:54.121168305Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:54.135064623Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:54.136223356Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:54.14135842Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:54.154427285Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:54.168860259Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\SETUP.EXE') |
| 2018-12-17T22:46:54.171156837Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:54.176913197Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:54.189986984Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:54.210420588Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:54.212757996Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:54.217097113Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:54.224417164Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:54.238795655Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\SYS.COM') |
| 2018-12-17T22:46:54.241589331Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:54.246074814Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:54.567429199Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:54.576122096Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:54.577952253Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:54.589556241Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:54.598066157Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:54.611370609Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\XCOPY.EXE') |
| 2018-12-17T22:46:54.620318854Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:54.625297565Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:54.634389141Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:54.648402769Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:54.650597382Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:54.655453407Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:54.663783323Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:54.679047459Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\DEFRAG.EXE') |
| 2018-12-17T22:46:54.68155014Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:54.687251825Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:54.696357354Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:54.707934161Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:54.711451804Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:54.716599701Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:54.724140418Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:54.738701611Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\DEFRAG.HLP') |
| 2018-12-17T22:46:54.740325241Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:54.743231447Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:54.749840462Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:54.758617919Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:54.759745135Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:54.778799616Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:54.786907171Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:54.820665639Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\EGA.CPI') |
| 2018-12-17T22:46:54.823673167Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:54.82667078Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:54.834318531Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:54.842332251Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:54.843866706Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:54.84876297Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:54.857314356Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:54.868020054Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\EGA2.CPI') |
| 2018-12-17T22:46:54.870149501Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:54.875518764Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:54.884324412Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:54.896500285Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:54.899813724Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:54.905717599Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:54.913053687Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:54.927774457Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\EGA3.CPI') |
| 2018-12-17T22:46:54.929786135Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:54.934363738Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:54.943244573Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:54.954383883Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:54.955796859Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:54.964502694Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:54.972972148Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:54.987966949Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\EMM386.EXE') |
| 2018-12-17T22:46:54.990446893Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:54.995161553Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:55.004052519Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:55.015082284Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:55.016340704Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:55.021742115Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:55.028881468Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:55.043372963Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\ISO.CPI') |
| 2018-12-17T22:46:55.046676042Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:55.051031644Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:55.059304983Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:55.071397262Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:55.073155177Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:55.077661491Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:55.085791803Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:55.099921359Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\KEYBRD2.SYS') |
| 2018-12-17T22:46:55.102064697Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:55.108645637Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:55.117249521Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:55.128701325Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:55.130586594Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:55.134814851Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:55.141796546Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:55.156258346Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\MSCDEX.EXE') |
| 2018-12-17T22:46:55.159267592Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:55.16426199Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:55.173134263Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:55.184211521Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:55.186061705Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:55.190612219Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:55.197542308Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:55.212231421Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\DOS\QBASIC.INI') |
| 2018-12-17T22:46:55.214115953Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:55.218265809Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:55.22826745Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:55.239426999Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:55.240619053Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:55.245359514Z | 26 | PC: 13bd7 | Set disk transfer address |
| 2018-12-17T22:46:55.246639275Z | 78 | PC: 13be3 | Find first file |
| 2018-12-17T22:46:55.256942893Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:55.258752805Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:55.262661313Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:55.264253284Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:55.269429245Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:55.270775248Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:55.275076806Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:55.284027709Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:55.313948007Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\CONTROL.HLP') |
| 2018-12-17T22:46:55.315763085Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:55.32057711Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:55.328950816Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:55.340102319Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:55.342753847Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:55.347678123Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:55.356172025Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:55.378661761Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SETUP.EXE') |
| 2018-12-17T22:46:55.381225174Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:55.386092951Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:55.396082939Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:55.40728054Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:55.408490682Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:55.414714819Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:55.423297628Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:55.437400376Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SETUP.HLP') |
| 2018-12-17T22:46:55.441440205Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:55.446376331Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:55.455345479Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:55.466867864Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:55.468705429Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:55.473523089Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:55.481244642Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:55.49531406Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SETUP.TXT') |
| 2018-12-17T22:46:55.497274503Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:55.502426018Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:55.511213602Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:55.524088491Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:55.526207241Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:55.531074127Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:55.539350579Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:55.554190473Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM.INI') |
| 2018-12-17T22:46:55.556427264Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:55.561567915Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:55.569912051Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:55.580732354Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:55.582394197Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:55.586856614Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:55.594907207Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:55.609254055Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\WIN.INI') |
| 2018-12-17T22:46:55.611344304Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:55.617338152Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:55.626712042Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:55.63825244Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:55.639884049Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:55.645703396Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:55.652791352Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:55.668574973Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\WINHELP.EXE') |
| 2018-12-17T22:46:55.671981826Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:55.677952954Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:55.688218751Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:55.701537048Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:55.703242658Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:55.708322593Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:55.717802839Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:55.732847353Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\WIN.COM') |
| 2018-12-17T22:46:55.735277571Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:55.741281948Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:55.750607961Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:55.757762665Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:55.759337175Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:55.762225384Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:55.766828265Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:55.777289285Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\BOOTLOG.TXT') |
| 2018-12-17T22:46:55.779690707Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:55.78530231Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:55.794396098Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:55.805629535Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:55.808302122Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:55.814258222Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:55.821651165Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:55.836214419Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\MOUSE.INI') |
| 2018-12-17T22:46:55.839033856Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:55.843720427Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:55.853420216Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:55.865142551Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:55.866839204Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:55.872580183Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:55.881331798Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:55.895854574Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\MSD.EXE') |
| 2018-12-17T22:46:55.89912339Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:55.903937831Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:55.912617115Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:55.924992955Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:55.926311017Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:55.943277783Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:55.95836438Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:55.972346962Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\PACKAGER.EXE') |
| 2018-12-17T22:46:55.974665608Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:55.979729184Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:55.988232971Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:56.000742645Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:56.00238859Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:56.007182122Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:56.01612241Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:56.031535002Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\PBRUSH.EXE') |
| 2018-12-17T22:46:56.034002441Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:56.039523714Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:56.049256858Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:56.060500939Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:56.063045277Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:56.071293836Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:56.079504831Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:56.089540656Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SOL.EXE') |
| 2018-12-17T22:46:56.091819523Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:56.097483235Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:56.425266859Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:56.43767651Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:56.440198414Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:56.445076422Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:56.46164665Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:56.487896845Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\TERMINAL.EXE') |
| 2018-12-17T22:46:56.49036329Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:56.495029807Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:56.504003465Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:56.515327149Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:56.518215482Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:56.523844939Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:56.531251846Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:56.547171602Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\WINFILE.EXE') |
| 2018-12-17T22:46:56.549202632Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:56.55352124Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:56.562527564Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:56.577530661Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:56.579242021Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:56.58746872Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:56.594905076Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:56.608608305Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\WINFILE.HLP') |
| 2018-12-17T22:46:56.612371386Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:56.617046541Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:56.625552045Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:56.638118192Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:56.639805341Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:56.644682964Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:56.654139903Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:56.667891381Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\WINTUTOR.EXE') |
| 2018-12-17T22:46:56.67131093Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:56.676455088Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:56.684978189Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:56.697216299Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:56.699339582Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:56.704020562Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:56.712401246Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:56.727298662Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\WRITE.EXE') |
| 2018-12-17T22:46:56.729784549Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:56.735675077Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:56.744749553Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:56.756055383Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:56.759116574Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:56.763889179Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:56.771337741Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:56.787771448Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\CALC.EXE') |
| 2018-12-17T22:46:56.790299614Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:56.795036162Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:56.804915205Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:56.816335175Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:56.81839148Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:56.824294078Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:56.83589535Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:56.851327246Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\CALC.HLP') |
| 2018-12-17T22:46:56.854377587Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:56.859583172Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:56.869266578Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:56.881273108Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:56.883008379Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:56.892817868Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:56.905943436Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:56.922802701Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\CALENDAR.EXE') |
| 2018-12-17T22:46:56.928983055Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:56.93404307Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:56.943409359Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:56.982296004Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:56.987281009Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:56.996694226Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:57.00832719Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:57.039115487Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\CALENDAR.HLP') |
| 2018-12-17T22:46:57.041617084Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:57.05830238Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:57.084026621Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:57.102109484Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:57.107477638Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:57.112167443Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:57.120876845Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:57.134440525Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\CANYON.MID') |
| 2018-12-17T22:46:57.137062877Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:57.142775572Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:57.151509852Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:57.164600909Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:57.166704646Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:57.171373064Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:57.179803209Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:57.194394961Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\CARDFILE.EXE') |
| 2018-12-17T22:46:57.196818716Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:57.202783106Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:57.215457477Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:57.227862331Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:57.230758323Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:57.235748089Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:57.244184849Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:57.258221751Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\CARDFILE.HLP') |
| 2018-12-17T22:46:57.260650516Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:57.266361207Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:57.275627536Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:57.287018845Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:57.290110765Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:57.295527907Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:57.303194683Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:57.318075904Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\CHARMAP.EXE') |
| 2018-12-17T22:46:57.320500108Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:57.326244899Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:57.335353812Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:57.348061382Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:57.351009158Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:57.358200123Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:57.366723252Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:57.382586346Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\CHORD.WAV') |
| 2018-12-17T22:46:57.385043533Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:57.389979033Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:57.399650324Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:57.410908596Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:57.413615835Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:57.418676047Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:57.427108859Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:57.442182705Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\CLIPBRD.EXE') |
| 2018-12-17T22:46:57.445026398Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:57.449699903Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:57.459453922Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:57.474834434Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:57.476794723Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:57.486203006Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:57.494568622Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:57.509887312Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\CONTROL.EXE') |
| 2018-12-17T22:46:57.512753073Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:57.517432681Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:57.527546023Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:57.539205646Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:57.540854301Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:57.546800837Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:57.555163893Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:57.569093117Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\CONTROL.INI') |
| 2018-12-17T22:46:57.572665685Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:57.5773202Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:57.586964631Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:57.604019471Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:57.606243336Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:57.611336034Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:57.618637959Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:57.633966132Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\DRWATSON.EXE') |
| 2018-12-17T22:46:57.637557085Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:57.642319736Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:57.651944903Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:57.664950364Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:57.66655294Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:57.672320565Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:57.683803338Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:57.699839802Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\EMM386.EXE') |
| 2018-12-17T22:46:57.702582898Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:57.712589361Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:57.722561843Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:57.734293469Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:57.735873414Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:57.741781016Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:57.749221586Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:57.764157497Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\EXPAND.EXE') |
| 2018-12-17T22:46:57.767671213Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:57.772287477Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:57.781883922Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:57.793917533Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:57.795658907Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:57.801278725Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:57.80902925Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:57.822529168Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\GLOSSARY.HLP') |
| 2018-12-17T22:46:57.826989722Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:57.831630213Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:57.840837479Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:57.853035765Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:57.854697471Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:57.860270893Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:57.872103577Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:57.887075585Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\MORICONS.DLL') |
| 2018-12-17T22:46:57.8911082Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:57.895474799Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:57.903597597Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:57.912604024Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:57.914223412Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:57.919978603Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:57.927191851Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:57.940933801Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\MPLAYER.EXE') |
| 2018-12-17T22:46:57.944000517Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:57.948501531Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:57.958462948Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:57.969593603Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:57.971283187Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:57.976099183Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:57.983286874Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:57.997602984Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\NETWORKS.WRI') |
| 2018-12-17T22:46:57.999888628Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:58.00436501Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:58.012829055Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:58.024497401Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:58.026695043Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:58.030922873Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:58.042830356Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:58.058344924Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\NOTEPAD.EXE') |
| 2018-12-17T22:46:58.06052026Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:58.066374934Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:58.075153056Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:58.089596171Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:58.091626121Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:58.096744598Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:58.104156412Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:58.119217325Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\PACKAGER.HLP') |
| 2018-12-17T22:46:58.121816888Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:58.126969868Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:58.1362413Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:58.149086083Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:58.150843609Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:58.155622375Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:58.163868206Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:58.178283923Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\PBRUSH.HLP') |
| 2018-12-17T22:46:58.181315727Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:58.186629672Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:58.195930345Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:58.208912448Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:58.210787973Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:58.216841358Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:58.221705779Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:58.233426462Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\PIFEDIT.EXE') |
| 2018-12-17T22:46:58.237080083Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:58.241945916Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:58.250620936Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:58.263273164Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:58.264887473Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:58.27051237Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:58.278059978Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:58.292450804Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\PIFEDIT.HLP') |
| 2018-12-17T22:46:58.295359613Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:58.299907773Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:58.309095424Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:58.321197356Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:58.322922939Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:58.329765968Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:58.336921371Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:58.351032714Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\PRINTERS.WRI') |
| 2018-12-17T22:46:58.354423717Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:58.359626192Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:58.369773247Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:58.381622253Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:58.38367398Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:58.3893989Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:58.397495479Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:58.412549086Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\PRINTMAN.EXE') |
| 2018-12-17T22:46:58.416109815Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:58.420813385Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:58.430415747Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:58.441903808Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:58.443500642Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:58.452562448Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:58.46009355Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:58.474782786Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\PRINTMAN.HLP') |
| 2018-12-17T22:46:58.477043644Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:58.482972733Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:58.493295167Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:58.505524097Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:58.507759788Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:58.513172002Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:58.521419046Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:58.536773373Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\PROGMAN.EXE') |
| 2018-12-17T22:46:58.539524153Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:58.544897941Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:58.554419704Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:58.565687489Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:58.568992615Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:58.584586413Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:58.592516492Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:58.607005374Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\PROGMAN.HLP') |
| 2018-12-17T22:46:58.609654763Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:58.616231486Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:58.625033903Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:58.637475254Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:58.639390784Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:58.644218901Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:58.652460229Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:58.666620084Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\README.WRI') |
| 2018-12-17T22:46:58.669103904Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:58.675060564Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:58.68434386Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:58.696514829Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:58.698484597Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:58.703158903Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:58.711326075Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:58.724905796Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\RECORDER.EXE') |
| 2018-12-17T22:46:58.727639904Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:58.732399279Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:58.741058158Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:58.753542101Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:58.75513245Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:58.760636593Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:58.768098842Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:58.78157545Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\RECORDER.HLP') |
| 2018-12-17T22:46:58.78458188Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:58.789147324Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:58.797964477Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:58.809883885Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:58.811369022Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:58.817031527Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:58.824324942Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:58.837860886Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\REGEDIT.EXE') |
| 2018-12-17T22:46:58.8410783Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:58.845530854Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:58.854890485Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:58.866264586Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:58.867838834Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:58.874487148Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:58.881840014Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:58.896266721Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\REGEDIT.HLP') |
| 2018-12-17T22:46:58.898957468Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:58.903527007Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:58.912980676Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:58.924498442Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:58.926101649Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:58.931879953Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:58.940051868Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:58.954455353Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\REGEDITV.HLP') |
| 2018-12-17T22:46:58.95715245Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:58.96172517Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:58.971429678Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:58.982696093Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:58.985397731Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:58.990329446Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:58.997632127Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:59.039303995Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SMARTDRV.EXE') |
| 2018-12-17T22:46:59.04204097Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:59.0466488Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:59.056101435Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:59.06806875Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:59.070622553Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:59.075541218Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:59.082876442Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:59.097361377Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SOUNDREC.EXE') |
| 2018-12-17T22:46:59.100085254Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:59.104701353Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:59.114490017Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:59.125685674Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:59.128260639Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:59.134035379Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:59.141353525Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:59.156022931Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSINI.WRI') |
| 2018-12-17T22:46:59.158373777Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:59.163143099Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:59.17261527Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:59.18369404Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:59.186274246Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:59.191177701Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:59.199350398Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:59.213943317Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\TERMINAL.HLP') |
| 2018-12-17T22:46:59.216325575Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:59.221888129Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:59.230803029Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:59.241907224Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:59.244497684Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:59.249441737Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:59.256787036Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:59.272222254Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\WINHELP.HLP') |
| 2018-12-17T22:46:59.274387273Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:59.279806374Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:59.289155492Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:59.300726184Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:59.302660621Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:59.306907741Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:59.314264013Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:59.32838574Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\WINLOGO.BMP') |
| 2018-12-17T22:46:59.330983037Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:59.336781207Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:59.345192227Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:59.357418964Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:59.35938245Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:59.36408612Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:59.37281305Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:59.386389579Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\WINMINE.EXE') |
| 2018-12-17T22:46:59.389720473Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:59.394838843Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:59.402908291Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:59.414436566Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:59.415946827Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:59.424310557Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:59.431661337Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:59.445574574Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\WINTUTOR.DAT') |
| 2018-12-17T22:46:59.449234651Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:59.453638724Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:59.463595692Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:59.477062365Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:59.478713946Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:59.489235647Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:59.496790767Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:59.511388018Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\WRITE.HLP') |
| 2018-12-17T22:46:59.513369492Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:59.518052768Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:59.528782782Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:59.542109023Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:59.544570338Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:59.549332895Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:59.555769119Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:59.570184254Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\256COLOR.BMP') |
| 2018-12-17T22:46:59.572071521Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:59.576953805Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:59.586079052Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:59.598746968Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:59.600154558Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:59.605485632Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:59.613892935Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:59.627184451Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\ARCADE.BMP') |
| 2018-12-17T22:46:59.629533407Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:59.63389422Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:59.642710645Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:59.654627625Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:59.657140936Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:59.66326872Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:59.671372515Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:59.68609739Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\ARGYLE.BMP') |
| 2018-12-17T22:46:59.688882081Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:59.693569493Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:59.70348476Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:59.715004399Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:59.717125393Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:59.722900049Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:59.730160951Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:59.745417679Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\CASTLE.BMP') |
| 2018-12-17T22:46:59.747716157Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:59.753000533Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:59.761663531Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:59.772957647Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:59.774844947Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:59.779324807Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:59.788199591Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:59.801662405Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\CHARMAP.HLP') |
| 2018-12-17T22:46:59.803611706Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:59.808346409Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:59.817181571Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:59.829253401Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:59.830783105Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:59.835593415Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:59.843604553Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:59.857790999Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\CHIMES.WAV') |
| 2018-12-17T22:46:59.861354477Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:59.86609214Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:59.874951817Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:59.8873445Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:59.888943484Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:59.894687911Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:59.901929054Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:59.916644919Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\CLIPBRD.HLP') |
| 2018-12-17T22:46:59.919672628Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:59.923882783Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:59.933042461Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:46:59.944348289Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:46:59.947743963Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:46:59.952476952Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:46:59.960032238Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:46:59.975231524Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\CLOCK.EXE') |
| 2018-12-17T22:46:59.977349465Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:46:59.982974724Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:46:59.993066686Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:00.004119509Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:00.006636342Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:00.01084164Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:00.018206581Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:00.032898613Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\DING.WAV') |
| 2018-12-17T22:47:00.034762971Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:00.0393713Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:00.048773191Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:00.059894628Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:00.061354311Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:00.066331223Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:00.074033574Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:00.08873392Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\EGYPT.BMP') |
| 2018-12-17T22:47:00.091554071Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:00.095877795Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:00.10531199Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:00.11753372Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:00.118874893Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:00.124096226Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:00.131626068Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:00.146690548Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\HIMEM.SYS') |
| 2018-12-17T22:47:00.149187639Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:00.153929139Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:00.16373686Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:00.175120922Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:00.178140972Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:00.182478086Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:00.18960698Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:00.203637169Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\HONEY.BMP') |
| 2018-12-17T22:47:00.206017329Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:00.211379983Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:00.219788001Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:00.230692229Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:00.232757033Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:00.236962282Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:00.245497097Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:00.259340805Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\MPLAYER.HLP') |
| 2018-12-17T22:47:00.261424452Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:00.26460174Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:00.272902796Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:00.284333104Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:00.285870642Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:00.291406385Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:00.298547606Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:00.313109468Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\MSD.INI') |
| 2018-12-17T22:47:00.316079747Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:00.320436623Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:00.331579516Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:00.343505972Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:00.345560933Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:00.357610655Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:00.364780212Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:00.379809307Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\NOTEPAD.HLP') |
| 2018-12-17T22:47:00.381770034Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:00.387114376Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:00.396186656Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:00.414515303Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:00.417528445Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:00.422265855Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:00.430070547Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:00.438441277Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\PBRUSH.DLL') |
| 2018-12-17T22:47:00.440819141Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:00.445106047Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:00.451805643Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:00.464288088Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:00.466089873Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:00.470780491Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:00.479053473Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:00.492909478Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\RAMDRIVE.SYS') |
| 2018-12-17T22:47:00.496160822Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:00.500617552Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:00.510335854Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:00.522490684Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:00.524454075Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:00.530573981Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:00.537681426Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:00.55197507Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\RECORDER.DLL') |
| 2018-12-17T22:47:00.554260567Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:00.558636895Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:00.567095501Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:00.57918084Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:00.581409244Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:00.585838409Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:00.593219418Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:00.608319166Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\REDBRICK.BMP') |
| 2018-12-17T22:47:00.610743349Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:00.616612535Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:00.625132085Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:00.637718964Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:00.640561927Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:00.645400424Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:00.654094379Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:00.668365061Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\RIVETS.BMP') |
| 2018-12-17T22:47:00.670962518Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:00.676708248Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:00.687091157Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:00.703515751Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:00.7048854Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:00.710854232Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:00.718293737Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:00.732145357Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SCRNSAVE.SCR') |
| 2018-12-17T22:47:00.735605689Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:00.740177315Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:00.758049572Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:00.770726565Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:00.772537439Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:00.778130694Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:00.785387061Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:00.800209083Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SOL.HLP') |
| 2018-12-17T22:47:00.802474749Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:00.807382276Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:00.820962471Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:00.833586635Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:00.835891559Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:00.844273593Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:00.853518395Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:00.867534165Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SOUNDREC.HLP') |
| 2018-12-17T22:47:00.884730048Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:00.891014207Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:00.901375341Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:00.916624624Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:00.917937013Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:00.923585969Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:00.942667251Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:00.961027111Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SQUARES.BMP') |
| 2018-12-17T22:47:00.965339744Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:00.969723776Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:00.979658395Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:00.990960251Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:00.992670495Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:00.997359167Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:01.004840223Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:01.019684918Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SSFLYWIN.SCR') |
| 2018-12-17T22:47:01.021762867Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:01.027191653Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:01.036371274Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:01.048200047Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:01.049667274Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:01.053988919Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:01.062956817Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:01.076296682Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SSMARQUE.SCR') |
| 2018-12-17T22:47:01.095092127Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:01.100381321Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:01.118418613Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:01.12953878Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:01.13092023Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:01.135986401Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:01.143454401Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:01.158858706Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SSSTARS.SCR') |
| 2018-12-17T22:47:01.161088268Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:01.166719324Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:01.175473466Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:01.186970903Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:01.189711966Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:01.19442896Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:01.202769686Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:01.216898369Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\TASKMAN.EXE') |
| 2018-12-17T22:47:01.220648736Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:01.225239214Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:01.233798188Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:01.246087461Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:01.247653599Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:01.253120108Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:01.2606388Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:01.276042318Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\THATCH.BMP') |
| 2018-12-17T22:47:01.278971239Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:01.284839058Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:01.294876532Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:01.306046288Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:01.308690613Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:01.313070946Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:01.321202517Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:01.335654065Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\WININI.WRI') |
| 2018-12-17T22:47:01.338216402Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:01.344330838Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:01.354567398Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:01.367444677Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:01.369333262Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:01.378557543Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:01.386422971Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:01.401230687Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\WINMINE.HLP') |
| 2018-12-17T22:47:01.403896898Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:01.409121925Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:01.418567132Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:01.43164255Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:01.434699587Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:01.439235374Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:01.44760037Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:01.46143158Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\WINVER.EXE') |
| 2018-12-17T22:47:01.464300866Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:01.469411342Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:01.478717627Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:01.492243125Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:01.494182438Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:01.500684217Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:01.508118782Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:01.522540636Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\ZIGZAG.BMP') |
| 2018-12-17T22:47:01.524949278Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:01.529684624Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:01.539431107Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:01.550703479Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:01.553470641Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:01.559397817Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:01.568099295Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:01.582205812Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\_DEFAULT.PIF') |
| 2018-12-17T22:47:01.584654069Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:01.590752119Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:01.599335441Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:01.611855915Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:01.613721216Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:01.619844757Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:01.628661671Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:01.642334007Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\DOSPRMPT.PIF') |
| 2018-12-17T22:47:01.646282072Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:01.650618063Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:01.659855513Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:01.671655902Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:01.67439336Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:01.679049301Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:01.68082853Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:01.686817328Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:01.695373084Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:01.710543403Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\PROGMAN.INI') |
| 2018-12-17T22:47:01.712606696Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:01.718110512Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:01.726915258Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:01.745281699Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:01.748523343Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:01.753470746Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:01.76329476Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:01.777525006Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\REG.DAT') |
| 2018-12-17T22:47:01.781257559Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:01.786546928Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:01.795182967Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:01.807791625Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:01.809661165Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:01.81325735Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:01.817598852Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:01.826530605Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\MAIN.GRP') |
| 2018-12-17T22:47:01.828061485Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:01.831495343Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:01.836605961Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:01.843665934Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:01.845037298Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:01.848457327Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:01.852992147Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:01.861452713Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\ACCESSOR.GRP') |
| 2018-12-17T22:47:01.86325616Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:01.866196255Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:01.872383264Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:01.878978174Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:01.88077563Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:01.883685486Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:01.888885093Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:01.897224832Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\GAMES.GRP') |
| 2018-12-17T22:47:01.899501267Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:01.902336559Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:01.925110503Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:01.936962686Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:01.940534971Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:01.945450163Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:01.9532322Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:01.969223663Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\STARTUP.GRP') |
| 2018-12-17T22:47:01.971970965Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:01.978578515Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:01.987593686Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:02.000690843Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:02.003101028Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:02.009462056Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:02.017829159Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:02.031539523Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\APPLICAT.GRP') |
| 2018-12-17T22:47:02.036381315Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:02.041307853Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:02.051092133Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:02.062991782Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:02.064965751Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:02.07085616Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:02.07837003Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:02.101180801Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\QBASIC.PIF') |
| 2018-12-17T22:47:02.103202828Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:02.108995313Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:02.117624293Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:02.130435258Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:02.139116423Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:02.144474744Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:02.152395438Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:02.165905773Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\EDIT.PIF') |
| 2018-12-17T22:47:02.168722236Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:02.174130479Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:02.183740745Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:02.19506405Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:02.197783744Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:02.205968288Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:02.213700249Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:02.228903217Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\WINFILE.INI') |
| 2018-12-17T22:47:02.231219916Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:02.236955523Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:02.246226892Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:02.25876473Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:02.260508152Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:02.265368087Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:02.27383189Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:02.28738605Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\DOSAPP.INI') |
| 2018-12-17T22:47:02.290864356Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:02.295448469Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:02.305694485Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:02.317158023Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:02.318947685Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:02.323892942Z | 26 | PC: 13bd7 | Set disk transfer address |
| 2018-12-17T22:47:02.325478244Z | 78 | PC: 13be3 | Find first file |
| 2018-12-17T22:47:02.336911155Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:02.338491961Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:02.343435703Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:02.345159368Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:02.349993088Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:02.358248386Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:02.372968929Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\CPWIN386.CPL') |
| 2018-12-17T22:47:02.376163899Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:02.38080932Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:02.390319193Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:02.401103895Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:02.403343167Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:02.407722558Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:02.415543466Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:02.429175515Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\GDI.EXE') |
| 2018-12-17T22:47:02.432323804Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:02.437308717Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:02.447730442Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:02.459268757Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:02.460965462Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:02.467771015Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:02.475068734Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:02.490440507Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\SETUP.INF') |
| 2018-12-17T22:47:02.493378864Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:02.499236045Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:02.508184056Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:02.520212144Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:02.523357375Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:02.52798613Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:02.536306443Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:02.551056823Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\USER.EXE') |
| 2018-12-17T22:47:02.55359266Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:02.559277257Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:02.567543715Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:02.580441629Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:02.582088904Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:02.587569576Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:02.594758356Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:02.608753456Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\CGA40WOA.FON') |
| 2018-12-17T22:47:02.611156914Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:02.61572621Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:02.62583109Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:02.638660618Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:02.641703466Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:02.646235162Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:02.654212621Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:02.667531944Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\CGA80WOA.FON') |
| 2018-12-17T22:47:02.670800366Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:02.675135817Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:02.683308731Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:02.69463712Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:02.696247581Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:02.702013301Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:02.709659485Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:02.727819239Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\COMM.DRV') |
| 2018-12-17T22:47:02.73022545Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:02.735653699Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:02.744597301Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:02.75616212Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:02.758941568Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:02.764079319Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:02.77272791Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:02.788078217Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\DOSAPP.FON') |
| 2018-12-17T22:47:02.791486795Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:02.796691115Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:02.806759276Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:02.817613507Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:02.81887259Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:02.824220803Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:02.831197739Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:02.846708447Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\DOSX.EXE') |
| 2018-12-17T22:47:02.848701392Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:02.853230263Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:02.861845265Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:02.87383495Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:02.875028475Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:02.879369904Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:02.887648689Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:02.908994837Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\EGA40WOA.FON') |
| 2018-12-17T22:47:02.922535972Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:02.927029788Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:02.935834433Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:02.94682085Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:02.948491714Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:02.952946505Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:02.959948376Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:02.973746509Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\KEYBOARD.DRV') |
| 2018-12-17T22:47:02.975831098Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:02.982364681Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:02.990635948Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:03.003937155Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:03.005065645Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:03.010471141Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:03.01780483Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:03.032942733Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\KRNL286.EXE') |
| 2018-12-17T22:47:03.0357242Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:03.041158482Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:03.052673923Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:03.063839172Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:03.066862402Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:03.071274069Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:03.079052062Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:03.092395761Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\KRNL386.EXE') |
| 2018-12-17T22:47:03.096294403Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:03.101093435Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:03.110210701Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:03.12268122Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:03.124751213Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:03.130789751Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:03.135231051Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:03.14481156Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\LZEXPAND.DLL') |
| 2018-12-17T22:47:03.147171808Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:03.152838273Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:03.161185705Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:03.172578996Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:03.173899176Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:03.182674042Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:03.190279088Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:03.203771541Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\MOUSE.DRV') |
| 2018-12-17T22:47:03.205703168Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:03.211268595Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:03.219553331Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:03.231441157Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:03.232822546Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:03.238164408Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:03.245217797Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:03.260622397Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\VER.DLL') |
| 2018-12-17T22:47:03.262750215Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:03.267784302Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:03.27700458Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:03.289806211Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:03.291193115Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:03.296549099Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:03.30383207Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:03.31839819Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\VGA.3GR') |
| 2018-12-17T22:47:03.321567979Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:03.32589537Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:03.335755299Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:03.347739185Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:03.351314524Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:03.356134842Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:03.365581006Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:03.379672703Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\VGA.DRV') |
| 2018-12-17T22:47:03.384333782Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:03.389369485Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:03.399258383Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:03.410819021Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:03.413986092Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:03.418995593Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:03.427914949Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:03.442140837Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\VGACOLOR.2GR') |
| 2018-12-17T22:47:03.445718152Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:03.451830133Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:03.460456903Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:03.473370406Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:03.475184046Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:03.480847627Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:03.487996497Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:03.502172046Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\VGALOGO.RLE') |
| 2018-12-17T22:47:03.504136919Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:03.508752103Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:03.517486735Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:03.528395909Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:03.52953788Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:03.533770004Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:03.540584264Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:03.554091103Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\VGAOEM.FON') |
| 2018-12-17T22:47:03.556684437Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:03.56094782Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:03.56920018Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:03.581293539Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:03.58414544Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:03.58878886Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:03.597047379Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:03.610484671Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\VGASYS.FON') |
| 2018-12-17T22:47:03.613121231Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:03.617615667Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:03.626022565Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:03.637994042Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:03.64021249Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:03.645500905Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:03.653800358Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:03.667272352Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\WIN.CNF') |
| 2018-12-17T22:47:03.670340283Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:03.674701473Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:03.684429567Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:03.695750407Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:03.69999233Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:03.704398899Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:03.712846575Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:03.726113981Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\WIN87EM.DLL') |
| 2018-12-17T22:47:03.728351315Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:03.732864731Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:03.749472654Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:03.760757316Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:03.762590167Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:03.767606933Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:03.775696431Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:03.78991778Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\EGA80WOA.FON') |
| 2018-12-17T22:47:03.792264011Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:03.797393872Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:03.806087795Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:03.817504783Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:03.819399323Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:03.823955103Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:03.830992997Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:03.844645161Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\MMSOUND.DRV') |
| 2018-12-17T22:47:03.847149016Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:03.851236367Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:03.859263417Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:03.871344632Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:03.872934856Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:03.877910871Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:03.885273644Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:03.898675753Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\SYSTEM.DRV') |
| 2018-12-17T22:47:03.902386524Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:03.908377184Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:03.917461232Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:03.928668037Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:03.931135367Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:03.935763581Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:03.94708466Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:03.961409554Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\VGAFIX.FON') |
| 2018-12-17T22:47:03.964923448Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:03.969717892Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:03.979993253Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:03.992553303Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:03.994560892Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:03.999388159Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:04.007440561Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:04.021295062Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\VGALOGO.LGO') |
| 2018-12-17T22:47:04.02496466Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:04.030175972Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:04.038877799Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:04.050998955Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:04.052784822Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:04.057429129Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:04.065113308Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:04.078896897Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\SOUND.DRV') |
| 2018-12-17T22:47:04.081652547Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:04.096522599Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:04.106423725Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:04.117556116Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:04.119846023Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:04.12781806Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:04.135338924Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:04.149835775Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\MAIN.CPL') |
| 2018-12-17T22:47:04.152912081Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:04.157455674Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:04.166684805Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:04.178254515Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:04.180733754Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:04.185309771Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:04.193694347Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:04.207365198Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\VTDA.386') |
| 2018-12-17T22:47:04.210952636Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:04.215463659Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:04.224927605Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:04.236523305Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:04.24104527Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:04.245926382Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:04.255890808Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:04.271631347Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\WIN386.EXE') |
| 2018-12-17T22:47:04.274673693Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:04.279316494Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:04.288628532Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:04.299897733Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:04.302454914Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:04.306883687Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:04.315008325Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:04.338947186Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\APPS.INF') |
| 2018-12-17T22:47:04.341493021Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:04.345742225Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:04.354516421Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:04.365303672Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:04.368738736Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:04.373043477Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:04.381175981Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:04.396070766Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\COMMDLG.DLL') |
| 2018-12-17T22:47:04.39924003Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:04.403559724Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:04.413654016Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:04.424672924Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:04.426699003Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:04.431913885Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:04.440385044Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:04.455065318Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\CONTROL.INF') |
| 2018-12-17T22:47:04.458326561Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:04.462825813Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:04.47220036Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:04.48330878Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:04.486310433Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:04.490892396Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:04.4987234Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:04.514370865Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\DDEML.DLL') |
| 2018-12-17T22:47:04.517195926Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:04.521517716Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:04.529983525Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:04.540947579Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:04.542803232Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:04.547076775Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:04.554983657Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:04.574307553Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\DRIVERS.CPL') |
| 2018-12-17T22:47:04.578787933Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:04.583710829Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:04.594380227Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:04.605659357Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:04.608617409Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:04.613003277Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:04.621277808Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:04.634616399Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\DSWAP.EXE') |
| 2018-12-17T22:47:04.637225008Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:04.641490623Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:04.651595233Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:04.662755129Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:04.664635141Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:04.668903699Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:04.676674622Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:04.690305568Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\MCISEQ.DRV') |
| 2018-12-17T22:47:04.693014134Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:04.697237133Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:04.705273024Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:04.717134335Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:04.718053714Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:04.721776205Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:04.726132328Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:04.743377227Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\MCIWAVE.DRV') |
| 2018-12-17T22:47:04.745658306Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:04.749880107Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:04.760337195Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:04.771432904Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:04.773866721Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:04.779045075Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:04.787647399Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:04.802464953Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\MIDIMAP.DRV') |
| 2018-12-17T22:47:04.806130886Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:04.810811683Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:04.819915988Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:04.832065271Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:04.834079701Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:04.838322549Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:04.84742586Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:04.86143598Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\MMSYSTEM.DLL') |
| 2018-12-17T22:47:04.865389705Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:04.870052122Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:04.879415407Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:04.890432691Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:04.89412679Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:04.89885189Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:04.908070533Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:04.923081106Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\OLECLI.DLL') |
| 2018-12-17T22:47:04.925642303Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:04.929114348Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:04.934354839Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:04.941717391Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:04.942708901Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:04.947909874Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:04.955139351Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:04.96831015Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\OLESVR.DLL') |
| 2018-12-17T22:47:04.970237156Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:04.975483028Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:04.985119627Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:04.997312676Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:04.998934297Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:05.010858746Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:05.021102768Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:05.037317251Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\SHELL.DLL') |
| 2018-12-17T22:47:05.039649369Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:05.044479714Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:05.054526393Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:05.066970721Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:05.068708481Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:05.078812861Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:05.086199614Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:05.101932033Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\SYSEDIT.EXE') |
| 2018-12-17T22:47:05.104225547Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:05.108752507Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:05.117860906Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:05.130025017Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:05.132912308Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:05.137254242Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:05.144536527Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:05.159353317Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\TOOLHELP.DLL') |
| 2018-12-17T22:47:05.161780602Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:05.167601499Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:05.176133372Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:05.188187328Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:05.189650377Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:05.194785119Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:05.201554291Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:05.214854211Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\WINOA386.MOD') |
| 2018-12-17T22:47:05.21669193Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:05.220845204Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:05.22907206Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:05.239816725Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:05.240910193Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:05.24618781Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:05.254110286Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:05.268063063Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\WINOLDAP.MOD') |
| 2018-12-17T22:47:05.270119134Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:05.275002061Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:05.283825938Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:05.296962388Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:05.298884456Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:05.303903098Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:05.311838535Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:05.327584586Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\WSWAP.EXE') |
| 2018-12-17T22:47:05.332048918Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:05.336585033Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:05.348803257Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:05.360595856Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:05.37048064Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:05.375035378Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:05.384993598Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:05.411660683Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\ARIAL.FOT') |
| 2018-12-17T22:47:05.415001861Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:05.419577638Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:05.430365747Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:05.461455629Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:05.464899652Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:05.470313112Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:05.479002415Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:05.494895683Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\ARIAL.TTF') |
| 2018-12-17T22:47:05.498603919Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:05.504078483Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:05.514699921Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:05.526491207Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:05.530045671Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:05.535451501Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:05.544534369Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:05.558449577Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\ARIALBD.FOT') |
| 2018-12-17T22:47:05.56229821Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:05.567204138Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:05.577117268Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:05.589530541Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:05.592951313Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:05.597613397Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:05.605932786Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:05.620446777Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\ARIALBD.TTF') |
| 2018-12-17T22:47:05.623151361Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:05.629593557Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:05.6385118Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:05.651335065Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:05.652952254Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:05.658790375Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:05.666168941Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:05.679775848Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\ARIALBI.FOT') |
| 2018-12-17T22:47:05.683565731Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:05.688169075Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:05.698077253Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:05.709633457Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:05.713273092Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:05.718252818Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:05.727575674Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:05.742125517Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\ARIALBI.TTF') |
| 2018-12-17T22:47:05.746410622Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:05.751277318Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:05.761646365Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:05.773319023Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:05.776596766Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:05.781238031Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:05.789367359Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:05.803481806Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\ARIALI.FOT') |
| 2018-12-17T22:47:05.806846704Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:05.811538049Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:05.82106366Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:05.832413941Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:05.834036817Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:05.840270085Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:05.847932486Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:05.864153416Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\ARIALI.TTF') |
| 2018-12-17T22:47:05.866746247Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:05.872371719Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:05.880792662Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:05.892107059Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:05.893631993Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:05.899681551Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:05.906665541Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:05.920791641Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\COUR.FOT') |
| 2018-12-17T22:47:05.922847076Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:05.938101238Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:05.947341109Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:05.966726382Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:05.968069319Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:05.973520651Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:05.98060951Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:05.99421928Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\COUR.TTF') |
| 2018-12-17T22:47:05.997477689Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:06.003426584Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:06.012976734Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:06.023790325Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:06.02503796Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:06.031056356Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:06.038263733Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:06.052837356Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\COURBD.FOT') |
| 2018-12-17T22:47:06.055214016Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:06.060310067Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:06.069519074Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:06.081073709Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:06.082375786Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:06.090543547Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:06.098990628Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:06.113319445Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\COURBD.TTF') |
| 2018-12-17T22:47:06.117401553Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:06.122472682Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:06.130984513Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:06.14268095Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:06.145229673Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:06.149655192Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:06.158046754Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:06.17229064Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\COURBI.FOT') |
| 2018-12-17T22:47:06.175410455Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:06.179619725Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:06.188782553Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:06.203533065Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:06.204757426Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:06.210277661Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:06.217437397Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:06.232332118Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\COURBI.TTF') |
| 2018-12-17T22:47:06.234559411Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:06.238940658Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:06.248270376Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:06.259524539Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:06.261815653Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:06.26703125Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:06.274349962Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:06.287565789Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\COURE.FON') |
| 2018-12-17T22:47:06.289381273Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:06.298300274Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:06.306809996Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:06.318335379Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:06.319960238Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:06.32467796Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:06.334196217Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:06.34826474Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\COURI.FOT') |
| 2018-12-17T22:47:06.350608581Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:06.355125112Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:06.363500934Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:06.3752382Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:06.377075045Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:06.381446258Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:06.389614682Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:06.40397076Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\COURI.TTF') |
| 2018-12-17T22:47:06.407432922Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:06.4118702Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:06.42065234Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:06.44244177Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:06.444110632Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:06.450330956Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:06.457647414Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:06.473269691Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\MIDIMAP.CFG') |
| 2018-12-17T22:47:06.475375951Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:06.480769664Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:06.489270266Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:06.500949296Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:06.502753649Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:06.507102125Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:06.522289091Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:06.537722186Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\MMTASK.TSK') |
| 2018-12-17T22:47:06.539995673Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:06.544553504Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:06.555070327Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:06.570364264Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:06.57341022Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:06.577697189Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:06.585730839Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:06.600243099Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\MODERN.FON') |
| 2018-12-17T22:47:06.602558698Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:06.607824373Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:06.615885187Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:06.62788031Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:06.629424192Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:06.635110577Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:06.643544014Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:06.658401582Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\ROMAN.FON') |
| 2018-12-17T22:47:06.660972249Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:06.665571403Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:06.675189926Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:06.686570638Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:06.688530822Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:06.693370576Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:06.700889847Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:06.715293704Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\SCRIPT.FON') |
| 2018-12-17T22:47:06.717598239Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:06.724062307Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:06.733393138Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:06.744886643Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:06.747779228Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:06.752231236Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:06.757279499Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:06.770880378Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\SERIFE.FON') |
| 2018-12-17T22:47:06.773540011Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:06.77615909Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:06.785259295Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:06.797273748Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:06.800219312Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:06.804708048Z | 67 | PC: 13b7f | Get or set file attributes |
| 2018-12-17T22:47:06.812280724Z | 60 | PC: 141d6 | Create or truncate file |
| 2018-12-17T22:47:06.826256013Z | 68 | PC: 141ef | I/O control for devices (Set for = 'C:\WINDOWS\SYSTEM\SETUP.REG') |
| 2018-12-17T22:47:06.828619756Z | 64 | PC: 142cd | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:47:06.833994443Z | 62 | PC: 1430c | Close file |
| 2018-12-17T22:47:06.842684847Z | 67 | PC: 13ba6 | Get or set file attributes |
| 2018-12-17T22:47:06.856247705Z | 26 | PC: 13bfb | Set disk transfer address |
| 2018-12-17T22:47:06.857809229Z | 79 | PC: 13c00 | Find next file |
| 2018-12-17T22:47:06.862504643Z | 67 | PC: 13b7f | Get or set file attributes |