Hébergeur de fichiers indépendant

CondorSetupV2.exe.CSV

À propos

Type de fichier
Fichier CSV de 359 Ko (text/plain)
Confidentialité
Fichier public, envoyé le 26 février 2018 à 14:04, depuis l'adresse IP 178.38.x.x (CH)
Sécurité
Ne contient aucun Virus ou Malware connus - Dernière vérification: 02/06
Statistiques
La présente page de téléchargement a été vue 224 fois depuis l'envoi du fichier
Page de téléchargement

Aperçu du fichier


"Time of Day","Process Name","PID","Operation","Path","Result","Detail"
"13:32:48,8838761","CondorSetupV2.exe","8896","Process Start","","SUCCESS","Parent PID: 8308, Command line: ""H:\Téléchargements\CondorSetupV2.exe"" , Current directory: H:\Téléchargements\, Environment: 
;	=::=::\
;	ALLUSERSPROFILE=C:\ProgramData
;	APPDATA=C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Roaming
;	asl.log=Destination=file
;	CommonProgramFiles=C:\Program Files\Common Files
;	CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files
;	CommonProgramW6432=C:\Program Files\Common Files
;	COMPUTERNAME=DESKTOP-T5RJH6O
;	ComSpec=C:\WINDOWS\system32\cmd.exe
;	FPS_BROWSER_APP_PROFILE_STRING=Internet Explorer
;	FPS_BROWSER_USER_PROFILE_STRING=Default
;	HOMEDRIVE=C:
;	HOMEPATH=\Users\Michel.DESKTOP-T5RJH6O
;	LOCALAPPDATA=C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local
;	LOGONSERVER=\\DESKTOP-T5RJH6O
;	NUMBER_OF_PROCESSORS=4
;	OneDrive=C:\Users\Michel.DESKTOP-T5RJH6O\OneDrive
;	OS=Windows_NT
;	Path=C:\Program Files (x86)\PC Connectivity Solution\;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Calibre2\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;e:\Program Files (x86)\GNU\GnuPG\pub;E:\Program Files (x86)\Skype\Phone\;E:\Program Files (x86)\AOMEI Backupper;C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Microsoft\WindowsApps;
;	PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
;	PROCESSOR_ARCHITECTURE=AMD64
;	PROCESSOR_IDENTIFIER=Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
;	PROCESSOR_LEVEL=6
;	PROCESSOR_REVISION=3c03
;	ProgramData=C:\ProgramData
;	ProgramFiles=C:\Program Files
;	ProgramFiles(x86)=C:\Program Files (x86)
;	ProgramW6432=C:\Program Files
;	PSModulePath=C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\
;	PUBLIC=C:\Users\Public
;	SESSIONNAME=Console
;	SystemDrive=C:
;	SystemRoot=C:\WINDOWS
;	TEMP=C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp
;	TMP=C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp
;	USERDOMAIN=DESKTOP-T5RJH6O
;	USERDOMAIN_ROAMINGPROFILE=DESKTOP-T5RJH6O
;	USERNAME=Michel
;	USERPROFILE=C:\Users\Michel.DESKTOP-T5RJH6O
;	windir=C:\WINDOWS
;	_JAVA_OPTIONS=-Xmx512M"
"13:32:48,8838807","CondorSetupV2.exe","8896","Thread Create","","SUCCESS","Thread ID: 11024"
"13:32:48,8878258","CondorSetupV2.exe","8896","Load Image","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Image Base: 0x400000, Image Size: 0x16000"
"13:32:48,8881277","CondorSetupV2.exe","8896","Load Image","C:\Windows\System32\ntdll.dll","SUCCESS","Image Base: 0x7ffb71c70000, Image Size: 0x1e0000"
"13:32:48,8881748","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\ntdll.dll","SUCCESS","Image Base: 0x779b0000, Image Size: 0x18d000"
"13:32:48,8883152","CondorSetupV2.exe","8896","CreateFile","C:\Windows\Prefetch\CONDORSETUPV2.EXE-F9AA6894.pf","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: None, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,8883804","CondorSetupV2.exe","8896","QueryStandardInformationFile","C:\Windows\Prefetch\CONDORSETUPV2.EXE-F9AA6894.pf","SUCCESS","AllocationSize: 12 288, EndOfFile: 8 946, NumberOfLinks: 1, DeletePending: False, Directory: False"
"13:32:48,8883976","CondorSetupV2.exe","8896","ReadFile","C:\Windows\Prefetch\CONDORSETUPV2.EXE-F9AA6894.pf","SUCCESS","Offset: 0, Length: 8 946, Priority: Normal"
"13:32:48,8885319","CondorSetupV2.exe","8896","CloseFile","C:\Windows\Prefetch\CONDORSETUPV2.EXE-F9AA6894.pf","SUCCESS",""
"13:32:48,8948082","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Segment Heap","REPARSE","Desired Access: Query Value"
"13:32:48,8948299","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager\Segment Heap","NAME NOT FOUND","Desired Access: Query Value"
"13:32:48,8948827","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SYSTEM\CurrentControlSet\Control\Session Manager","REPARSE","Desired Access: Query Value, Enumerate Sub Keys"
"13:32:48,8948945","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager","SUCCESS","Desired Access: Query Value, Enumerate Sub Keys"
"13:32:48,8949048","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\Session Manager\ResourcePolicies","NAME NOT FOUND","Length: 24"
"13:32:48,8949144","CondorSetupV2.exe","8896","RegCloseKey","HKLM\System\CurrentControlSet\Control\Session Manager","SUCCESS",""
"13:32:48,8952118","CondorSetupV2.exe","8896","CreateFile","C:\Windows","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,8953440","CondorSetupV2.exe","8896","Load Image","C:\Windows\System32\wow64.dll","SUCCESS","Image Base: 0x6c240000, Image Size: 0x51000"
"13:32:48,8954303","CondorSetupV2.exe","8896","Load Image","C:\Windows\System32\wow64win.dll","SUCCESS","Image Base: 0x6c2a0000, Image Size: 0x76000"
"13:32:48,8957177","CondorSetupV2.exe","8896","CreateFile","C:\Windows\System32\wow64log.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
"13:32:48,8958107","CondorSetupV2.exe","8896","Load Image","C:\Windows\System32\kernel32.dll","SUCCESS","Image Base: 0x24c0000, Image Size: 0xae000"
"13:32:48,8958904","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\kernel32.dll","SUCCESS","Image Base: 0x76ac0000, Image Size: 0xd0000"
"13:32:48,8960425","CondorSetupV2.exe","8896","Load Image","C:\Windows\System32\user32.dll","SUCCESS","Image Base: 0x24c0000, Image Size: 0x18f000"
"13:32:48,8961358","CondorSetupV2.exe","8896","CreateFile","C:\Windows","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,8961618","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows","SUCCESS","Name: \Windows"
"13:32:48,8961723","CondorSetupV2.exe","8896","CloseFile","C:\Windows","SUCCESS",""
"13:32:48,8962073","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\Microsoft\Wow64\x86","SUCCESS","Desired Access: Read"
"13:32:48,8962264","CondorSetupV2.exe","8896","RegQueryValue","HKLM\SOFTWARE\Microsoft\Wow64\x86\CondorSetupV2.exe","NAME NOT FOUND","Length: 520"
"13:32:48,8962318","CondorSetupV2.exe","8896","RegQueryValue","HKLM\SOFTWARE\Microsoft\Wow64\x86\(Default)","SUCCESS","Type: REG_SZ, Length: 26, Data: wow64cpu.dll"
"13:32:48,8962402","CondorSetupV2.exe","8896","RegCloseKey","HKLM\SOFTWARE\Microsoft\Wow64\x86","SUCCESS",""
"13:32:48,8963048","CondorSetupV2.exe","8896","Load Image","C:\Windows\System32\wow64cpu.dll","SUCCESS","Image Base: 0x6c230000, Image Size: 0xa000"
"13:32:48,8964823","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Segment Heap","REPARSE","Desired Access: Query Value"
"13:32:48,8964956","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager\Segment Heap","NAME NOT FOUND","Desired Access: Query Value"
"13:32:48,8965340","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SYSTEM\CurrentControlSet\Control\Session Manager","REPARSE","Desired Access: Query Value, Enumerate Sub Keys"
"13:32:48,8965412","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager","SUCCESS","Desired Access: Query Value, Enumerate Sub Keys"
"13:32:48,8965518","CondorSetupV2.exe","8896","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Session Manager","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:48,8965569","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\Session Manager\ResourcePolicies","NAME NOT FOUND","Length: 24"
"13:32:48,8965651","CondorSetupV2.exe","8896","RegCloseKey","HKLM\System\CurrentControlSet\Control\Session Manager","SUCCESS",""
"13:32:48,8967809","CondorSetupV2.exe","8896","CreateFile","H:\Téléchargements","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,8968826","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\kernel32.dll","SUCCESS","Image Base: 0x76ac0000, Image Size: 0xd0000"
"13:32:48,8969976","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS","Image Base: 0x771a0000, Image Size: 0x1d7000"
"13:32:48,8975851","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\WMI\Security\3c74afb9-8d82-44e3-b52c-365dbf48382a","NAME NOT FOUND","Length: 524"
"13:32:48,8976440","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\WMI\Security\05f95efe-7f75-49c7-a994-60a55cc09571","NAME NOT FOUND","Length: 524"
"13:32:48,8978369","CondorSetupV2.exe","8896","CreateFile","C:\Program Files\Bitdefender\Bitdefender 2017\atcuf\263239525519876350\atcuf32.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,8978604","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Program Files\Bitdefender\Bitdefender 2017\atcuf\263239525519876350\atcuf32.dll","SUCCESS","CreationTime: 26.02.2018 04:32:41, LastAccessTime: 26.02.2018 04:32:41, LastWriteTime: 01.02.2018 17:31:20, ChangeTime: 02.02.2018 07:09:36, FileAttributes: A"
"13:32:48,8978704","CondorSetupV2.exe","8896","CloseFile","C:\Program Files\Bitdefender\Bitdefender 2017\atcuf\263239525519876350\atcuf32.dll","SUCCESS",""
"13:32:48,8980095","CondorSetupV2.exe","8896","CreateFile","C:\Program Files\Bitdefender\Bitdefender 2017\atcuf\263239525519876350\atcuf32.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,8980494","CondorSetupV2.exe","8896","CreateFileMapping","C:\Program Files\Bitdefender\Bitdefender 2017\atcuf\263239525519876350\atcuf32.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE_READ|PAGE_NOCACHE"
"13:32:48,8980720","CondorSetupV2.exe","8896","CreateFileMapping","C:\Program Files\Bitdefender\Bitdefender 2017\atcuf\263239525519876350\atcuf32.dll","SUCCESS","SyncType: SyncTypeOther"
"13:32:48,8981242","CondorSetupV2.exe","8896","Load Image","C:\Program Files\Bitdefender\Bitdefender 2017\atcuf\263239525519876350\atcuf32.dll","SUCCESS","Image Base: 0x73940000, Image Size: 0x8d000"
"13:32:48,8982082","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SYSTEM\CurrentControlSet\Control\Nls\CustomLocale","REPARSE","Desired Access: Query Value"
"13:32:48,8982202","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","SUCCESS","Desired Access: Query Value"
"13:32:48,8982329","CondorSetupV2.exe","8896","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:48,8982386","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale\EMPTY","NAME NOT FOUND","Length: 120"
"13:32:48,8982483","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale\EMPTY","NAME NOT FOUND","Length: 120"
"13:32:48,8982996","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\NLS\Language","REPARSE","Desired Access: Read"
"13:32:48,8983069","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\NLS\Language","SUCCESS","Desired Access: Read"
"13:32:48,8983195","CondorSetupV2.exe","8896","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Nls\Language","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:48,8983250","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\Language\InstallLanguageFallback","BUFFER OVERFLOW","Length: 16"
"13:32:48,8983386","CondorSetupV2.exe","8896","RegCloseKey","HKLM\System\CurrentControlSet\Control\Nls\Language","SUCCESS",""
"13:32:48,8983473","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages","REPARSE","Desired Access: Read"
"13:32:48,8983540","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages","SUCCESS","Desired Access: Read"
"13:32:48,8983636","CondorSetupV2.exe","8896","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:48,8983694","CondorSetupV2.exe","8896","RegEnumKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages","SUCCESS","Index: 0, Name: fr-FR"
"13:32:48,8983787","CondorSetupV2.exe","8896","RegQueryKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages","SUCCESS","Query: HandleTags, HandleTags: 0x400"
"13:32:48,8983842","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages\fr-FR","SUCCESS","Desired Access: Read"
"13:32:48,8983947","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\MUI\UILanguages\fr-FR\Type","SUCCESS","Type: REG_DWORD, Length: 4, Data: 146"
"13:32:48,8984107","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\MUI\UILanguages\fr-FR\DefaultFallback","SUCCESS","Type: REG_SZ, Length: 12, Data: en-US"
"13:32:48,8984152","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\MUI\UILanguages\fr-FR\en-US","SUCCESS","Type: REG_MULTI_SZ, Length: 4, Data: "
"13:32:48,8984237","CondorSetupV2.exe","8896","RegEnumValue","HKLM\System\CurrentControlSet\Control\MUI\UILanguages\fr-FR","SUCCESS","Index: 0, Name: DefaultFallback, Type: REG_SZ, Length: 12, Data: en-US"
"13:32:48,8984288","CondorSetupV2.exe","8896","RegEnumValue","HKLM\System\CurrentControlSet\Control\MUI\UILanguages\fr-FR","SUCCESS","Index: 1, Name: en-US, Type: REG_MULTI_SZ, Length: 4, Data: "
"13:32:48,8984331","CondorSetupV2.exe","8896","RegEnumValue","HKLM\System\CurrentControlSet\Control\MUI\UILanguages\fr-FR","SUCCESS","Index: 2, Name: LCID, Type: REG_DWORD, Length: 4, Data: 1036"
"13:32:48,8984373","CondorSetupV2.exe","8896","RegEnumValue","HKLM\System\CurrentControlSet\Control\MUI\UILanguages\fr-FR","SUCCESS","Index: 3, Name: Type, Type: REG_DWORD, Length: 4, Data: 146"
"13:32:48,8984412","CondorSetupV2.exe","8896","RegEnumValue","HKLM\System\CurrentControlSet\Control\MUI\UILanguages\fr-FR","NO MORE ENTRIES","Index: 4, Length: 512"
"13:32:48,8984463","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\MUI\UILanguages\fr-FR\AlternateCodePage","NAME NOT FOUND","Length: 12"
"13:32:48,8984527","CondorSetupV2.exe","8896","RegCloseKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages\fr-FR","SUCCESS",""
"13:32:48,8984575","CondorSetupV2.exe","8896","RegEnumKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages","NO MORE ENTRIES","Index: 1, Length: 512"
"13:32:48,8984626","CondorSetupV2.exe","8896","RegCloseKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages","SUCCESS",""
"13:32:48,8984714","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages\PendingDelete","REPARSE","Desired Access: Read"
"13:32:48,8984792","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\MUI\UILanguages\PendingDelete","NAME NOT FOUND","Desired Access: Read"
"13:32:48,8984934","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\WOW6432Node\Policies\Microsoft\MUI\Settings","REPARSE","Desired Access: Read"
"13:32:48,8985022","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SOFTWARE\Policies\Microsoft\MUI\Settings","NAME NOT FOUND","Desired Access: Read"
"13:32:48,8985185","CondorSetupV2.exe","8896","RegOpenKey","HKCU","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
"13:32:48,8985420","CondorSetupV2.exe","8896","RegQueryKey","HKCU","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"13:32:48,8985469","CondorSetupV2.exe","8896","RegQueryKey","HKCU","SUCCESS","Query: Name"
"13:32:48,8985547","CondorSetupV2.exe","8896","RegOpenKey","HKCU\Control Panel\Desktop\MuiCached\MachineLanguageConfiguration","NAME NOT FOUND","Desired Access: Read"
"13:32:48,8985686","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\MUI\Settings\LanguageConfiguration","REPARSE","Desired Access: Read"
"13:32:48,8985749","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\MUI\Settings\LanguageConfiguration","SUCCESS","Desired Access: Read"
"13:32:48,8985858","CondorSetupV2.exe","8896","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\MUI\Settings\LanguageConfiguration","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:48,8985903","CondorSetupV2.exe","8896","RegEnumValue","HKLM\System\CurrentControlSet\Control\MUI\Settings\LanguageConfiguration","NO MORE ENTRIES","Index: 0, Length: 512"
"13:32:48,8985964","CondorSetupV2.exe","8896","RegCloseKey","HKLM\System\CurrentControlSet\Control\MUI\Settings\LanguageConfiguration","SUCCESS",""
"13:32:48,8986012","CondorSetupV2.exe","8896","RegCloseKey","HKCU","SUCCESS",""
"13:32:48,8986093","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\WOW6432Node\Policies\Microsoft\MUI\Settings","REPARSE","Desired Access: Read"
"13:32:48,8986157","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SOFTWARE\Policies\Microsoft\MUI\Settings","NAME NOT FOUND","Desired Access: Read"
"13:32:48,8986250","CondorSetupV2.exe","8896","RegOpenKey","HKCU","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
"13:32:48,8986380","CondorSetupV2.exe","8896","RegQueryKey","HKCU","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"13:32:48,8986426","CondorSetupV2.exe","8896","RegQueryKey","HKCU","SUCCESS","Query: Name"
"13:32:48,8986495","CondorSetupV2.exe","8896","RegOpenKey","HKCU\Software\Policies\Microsoft\Control Panel\Desktop","NAME NOT FOUND","Desired Access: Read"
"13:32:48,8986604","CondorSetupV2.exe","8896","RegQueryKey","HKCU","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"13:32:48,8986646","CondorSetupV2.exe","8896","RegQueryKey","HKCU","SUCCESS","Query: Name"
"13:32:48,8986709","CondorSetupV2.exe","8896","RegOpenKey","HKCU\Control Panel\Desktop\LanguageConfiguration","SUCCESS","Desired Access: Read"
"13:32:48,8986809","CondorSetupV2.exe","8896","RegSetInfoKey","HKCU\Control Panel\Desktop\LanguageConfiguration","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:48,8986851","CondorSetupV2.exe","8896","RegEnumValue","HKCU\Control Panel\Desktop\LanguageConfiguration","NO MORE ENTRIES","Index: 0, Length: 512"
"13:32:48,8986909","CondorSetupV2.exe","8896","RegCloseKey","HKCU\Control Panel\Desktop\LanguageConfiguration","SUCCESS",""
"13:32:48,8986957","CondorSetupV2.exe","8896","RegCloseKey","HKCU","SUCCESS",""
"13:32:48,8987029","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\WOW6432Node\Policies\Microsoft\MUI\Settings","REPARSE","Desired Access: Read"
"13:32:48,8987093","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SOFTWARE\Policies\Microsoft\MUI\Settings","NAME NOT FOUND","Desired Access: Read"
"13:32:48,8987180","CondorSetupV2.exe","8896","RegOpenKey","HKCU","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
"13:32:48,8987289","CondorSetupV2.exe","8896","RegQueryKey","HKCU","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"13:32:48,8987334","CondorSetupV2.exe","8896","RegQueryKey","HKCU","SUCCESS","Query: Name"
"13:32:48,8987398","CondorSetupV2.exe","8896","RegOpenKey","HKCU\Software\Policies\Microsoft\Control Panel\Desktop","NAME NOT FOUND","Desired Access: Read"
"13:32:48,8987482","CondorSetupV2.exe","8896","RegQueryKey","HKCU","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"13:32:48,8987524","CondorSetupV2.exe","8896","RegQueryKey","HKCU","SUCCESS","Query: Name"
"13:32:48,8987588","CondorSetupV2.exe","8896","RegOpenKey","HKCU\Control Panel\Desktop","SUCCESS","Desired Access: Read"
"13:32:48,8987663","CondorSetupV2.exe","8896","RegSetInfoKey","HKCU\Control Panel\Desktop","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:48,8987712","CondorSetupV2.exe","8896","RegQueryValue","HKCU\Control Panel\Desktop\PreferredUILanguages","BUFFER OVERFLOW","Length: 12"
"13:32:48,8987787","CondorSetupV2.exe","8896","RegQueryValue","HKCU\Control Panel\Desktop\PreferredUILanguages","SUCCESS","Type: REG_MULTI_SZ, Length: 12, Data: fr-FR"
"13:32:48,8987865","CondorSetupV2.exe","8896","RegCloseKey","HKCU\Control Panel\Desktop","SUCCESS",""
"13:32:48,8987914","CondorSetupV2.exe","8896","RegCloseKey","HKCU","SUCCESS",""
"13:32:48,8987989","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\WOW6432Node\Policies\Microsoft\MUI\Settings","REPARSE","Desired Access: Read"
"13:32:48,8988053","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SOFTWARE\Policies\Microsoft\MUI\Settings","NAME NOT FOUND","Desired Access: Read"
"13:32:48,8988140","CondorSetupV2.exe","8896","RegOpenKey","HKCU","SUCCESS","Desired Access: Maximum Allowed, Granted Access: All Access"
"13:32:48,8988249","CondorSetupV2.exe","8896","RegQueryKey","HKCU","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"13:32:48,8988291","CondorSetupV2.exe","8896","RegQueryKey","HKCU","SUCCESS","Query: Name"
"13:32:48,8988355","CondorSetupV2.exe","8896","RegOpenKey","HKCU\Control Panel\Desktop\MuiCached","SUCCESS","Desired Access: Read"
"13:32:48,8988436","CondorSetupV2.exe","8896","RegSetInfoKey","HKCU\Control Panel\Desktop\MuiCached","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:48,8988484","CondorSetupV2.exe","8896","RegQueryValue","HKCU\Control Panel\Desktop\MuiCached\MachinePreferredUILanguages","BUFFER OVERFLOW","Length: 12"
"13:32:48,8988533","CondorSetupV2.exe","8896","RegQueryValue","HKCU\Control Panel\Desktop\MuiCached\MachinePreferredUILanguages","SUCCESS","Type: REG_MULTI_SZ, Length: 12, Data: fr-FR"
"13:32:48,8988611","CondorSetupV2.exe","8896","RegCloseKey","HKCU\Control Panel\Desktop\MuiCached","SUCCESS",""
"13:32:48,8988662","CondorSetupV2.exe","8896","RegCloseKey","HKCU","SUCCESS",""
"13:32:48,8989330","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\SideBySide","NAME NOT FOUND","Desired Access: Read"
"13:32:48,8990196","CondorSetupV2.exe","8896","CreateFile","C:\Program Files\Bitdefender\Bitdefender 2017\atcuf\263239525519876350\atcuf32.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,8990570","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Program Files\Bitdefender\Bitdefender 2017\atcuf\263239525519876350\atcuf32.dll","SUCCESS","CreationTime: 26.02.2018 04:32:41, LastAccessTime: 26.02.2018 04:32:41, LastWriteTime: 01.02.2018 17:31:20, ChangeTime: 02.02.2018 07:09:36, FileAttributes: A"
"13:32:48,8991180","CondorSetupV2.exe","8896","CloseFile","C:\Program Files\Bitdefender\Bitdefender 2017\atcuf\263239525519876350\atcuf32.dll","SUCCESS",""
"13:32:48,8991974","CondorSetupV2.exe","8896","CloseFile","C:\Program Files\Bitdefender\Bitdefender 2017\atcuf\263239525519876350\atcuf32.dll","SUCCESS",""
"13:32:48,8996007","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SYSTEM\CurrentControlSet\Control\Session Manager","REPARSE","Desired Access: Query Value, Enumerate Sub Keys"
"13:32:48,8996116","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager","SUCCESS","Desired Access: Query Value, Enumerate Sub Keys"
"13:32:48,8996221","CondorSetupV2.exe","8896","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Session Manager","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:48,8996276","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\Session Manager\ResourcePolicies","NAME NOT FOUND","Length: 24"
"13:32:48,8996357","CondorSetupV2.exe","8896","RegCloseKey","HKLM\System\CurrentControlSet\Control\Session Manager","SUCCESS",""
"13:32:48,9002214","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\SafeBoot\Option","REPARSE","Desired Access: Query Value, Set Value"
"13:32:48,9002316","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\SafeBoot\Option","NAME NOT FOUND","Desired Access: Query Value, Set Value"
"13:32:48,9002443","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\Srp\GP\DLL","REPARSE","Desired Access: Read"
"13:32:48,9002509","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\Srp\GP\DLL","NAME NOT FOUND","Desired Access: Read"
"13:32:48,9002633","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\Safer\CodeIdentifiers","REPARSE","Desired Access: Query Value"
"13:32:48,9002709","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers","SUCCESS","Desired Access: Query Value"
"13:32:48,9002826","CondorSetupV2.exe","8896","RegSetInfoKey","HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:48,9002878","CondorSetupV2.exe","8896","RegQueryValue","HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\TransparentEnabled","NAME NOT FOUND","Length: 80"
"13:32:48,9003001","CondorSetupV2.exe","8896","RegCloseKey","HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers","SUCCESS",""
"13:32:48,9003122","CondorSetupV2.exe","8896","RegOpenKey","HKCU\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers","NAME NOT FOUND","Desired Access: Query Value"
"13:32:48,9003300","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\FileSystem\","REPARSE","Desired Access: Read"
"13:32:48,9003364","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\FileSystem","SUCCESS","Desired Access: Read"
"13:32:48,9003454","CondorSetupV2.exe","8896","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\FileSystem","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:48,9003503","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\FileSystem\LongPathsEnabled","SUCCESS","Type: REG_DWORD, Length: 4, Data: 0"
"13:32:48,9003596","CondorSetupV2.exe","8896","RegCloseKey","HKLM\System\CurrentControlSet\Control\FileSystem","SUCCESS",""
"13:32:48,9005262","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\user32.dll","SUCCESS","Image Base: 0x76550000, Image Size: 0x175000"
"13:32:48,9005585","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\user32.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9005739","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\user32.dll","SUCCESS","Name: \Windows\SysWOW64\user32.dll"
"13:32:48,9006781","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\win32u.dll","SUCCESS","Image Base: 0x74670000, Image Size: 0x16000"
"13:32:48,9007062","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\win32u.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9007179","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\win32u.dll","SUCCESS","Name: \Windows\SysWOW64\win32u.dll"
"13:32:48,9008212","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\gdi32.dll","SUCCESS","Image Base: 0x74f20000, Image Size: 0x22000"
"13:32:48,9008417","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\gdi32.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9008526","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\gdi32.dll","SUCCESS","Name: \Windows\SysWOW64\gdi32.dll"
"13:32:48,9009386","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\gdi32full.dll","SUCCESS","Image Base: 0x743f0000, Image Size: 0x15e000"
"13:32:48,9009612","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\gdi32full.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9009733","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\gdi32full.dll","SUCCESS","Name: \Windows\SysWOW64\gdi32full.dll"
"13:32:48,9010509","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\msvcp_win.dll","SUCCESS","Image Base: 0x745e0000, Image Size: 0x7c000"
"13:32:48,9010702","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\msvcp_win.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9010808","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\msvcp_win.dll","SUCCESS","Name: \Windows\SysWOW64\msvcp_win.dll"
"13:32:48,9011532","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\ucrtbase.dll","SUCCESS","Image Base: 0x74be0000, Image Size: 0x117000"
"13:32:48,9011653","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\ucrtbase.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9011759","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\ucrtbase.dll","SUCCESS","Name: \Windows\SysWOW64\ucrtbase.dll"
"13:32:48,9013286","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\oleaut32.dll","SUCCESS","Image Base: 0x75010000, Image Size: 0x93000"
"13:32:48,9013455","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\oleaut32.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9013561","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\oleaut32.dll","SUCCESS","Name: \Windows\SysWOW64\oleaut32.dll"
"13:32:48,9014065","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SYSTEM\CurrentControlSet\Control\Session Manager","REPARSE","Desired Access: Query Value, Enumerate Sub Keys"
"13:32:48,9014162","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager","SUCCESS","Desired Access: Query Value, Enumerate Sub Keys"
"13:32:48,9014258","CondorSetupV2.exe","8896","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Session Manager","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:48,9014313","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\Session Manager\ResourcePolicies","NAME NOT FOUND","Length: 24"
"13:32:48,9014400","CondorSetupV2.exe","8896","RegCloseKey","HKLM\System\CurrentControlSet\Control\Session Manager","SUCCESS",""
"13:32:48,9015034","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\combase.dll","SUCCESS","Image Base: 0x76860000, Image Size: 0x246000"
"13:32:48,9015215","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\combase.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9015324","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\combase.dll","SUCCESS","Name: \Windows\SysWOW64\combase.dll"
"13:32:48,9016151","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\rpcrt4.dll","SUCCESS","Image Base: 0x74f50000, Image Size: 0xbe000"
"13:32:48,9016402","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\rpcrt4.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9016507","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\rpcrt4.dll","SUCCESS","Name: \Windows\SysWOW64\rpcrt4.dll"
"13:32:48,9017464","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\sspicli.dll","SUCCESS","Image Base: 0x743d0000, Image Size: 0x20000"
"13:32:48,9017615","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\sspicli.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9017727","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\sspicli.dll","SUCCESS","Name: \Windows\SysWOW64\sspicli.dll"
"13:32:48,9018448","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\cryptbase.dll","SUCCESS","Image Base: 0x743c0000, Image Size: 0xa000"
"13:32:48,9018584","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\cryptbase.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9018687","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\cryptbase.dll","SUCCESS","Name: \Windows\SysWOW64\cryptbase.dll"
"13:32:48,9019731","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\bcryptprimitives.dll","SUCCESS","Image Base: 0x76b90000, Image Size: 0x57000"
"13:32:48,9019894","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\bcryptprimitives.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9020009","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\bcryptprimitives.dll","SUCCESS","Name: \Windows\SysWOW64\bcryptprimitives.dll"
"13:32:48,9020993","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\sechost.dll","SUCCESS","Image Base: 0x76470000, Image Size: 0x43000"
"13:32:48,9021150","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\sechost.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9021256","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\sechost.dll","SUCCESS","Name: \Windows\SysWOW64\sechost.dll"
"13:32:48,9022982","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\advapi32.dll","SUCCESS","Image Base: 0x74e60000, Image Size: 0x78000"
"13:32:48,9023194","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\advapi32.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9023302","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\advapi32.dll","SUCCESS","Name: \Windows\SysWOW64\advapi32.dll"
"13:32:48,9024211","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\msvcrt.dll","SUCCESS","Image Base: 0x770c0000, Image Size: 0xbd000"
"13:32:48,9024413","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\msvcrt.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9024519","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\msvcrt.dll","SUCCESS","Name: \Windows\SysWOW64\msvcrt.dll"
"13:32:48,9025340","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\SideBySide\AssemblyStorageRoots","NAME NOT FOUND","Desired Access: Enumerate Sub Keys"
"13:32:48,9025992","CondorSetupV2.exe","8896","QueryOpen","H:\Téléchargements\CondorSetupV2.exe.Local","NAME NOT FOUND",""
"13:32:48,9027024","CondorSetupV2.exe","8896","CreateFile","C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.248_none_5d7c08dba7db7edd","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9036029","CondorSetupV2.exe","8896","CreateFile","C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.248_none_5d7c08dba7db7edd\comctl32.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9036271","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.248_none_5d7c08dba7db7edd\comctl32.dll","SUCCESS","CreationTime: 14.02.2018 01:31:22, LastAccessTime: 14.02.2018 01:31:22, LastWriteTime: 10.02.2018 06:05:58, ChangeTime: 14.02.2018 01:34:27, FileAttributes: A"
"13:32:48,9036370","CondorSetupV2.exe","8896","CloseFile","C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.248_none_5d7c08dba7db7edd\comctl32.dll","SUCCESS",""
"13:32:48,9037285","CondorSetupV2.exe","8896","CreateFile","C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.248_none_5d7c08dba7db7edd\comctl32.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9037632","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.248_none_5d7c08dba7db7edd\comctl32.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE_READ|PAGE_NOCACHE"
"13:32:48,9037853","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.248_none_5d7c08dba7db7edd\comctl32.dll","SUCCESS","SyncType: SyncTypeOther"
"13:32:48,9038357","CondorSetupV2.exe","8896","Load Image","C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.248_none_5d7c08dba7db7edd\comctl32.dll","SUCCESS","Image Base: 0x74180000, Image Size: 0x211000"
"13:32:48,9038553","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.248_none_5d7c08dba7db7edd\comctl32.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9038680","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.248_none_5d7c08dba7db7edd\comctl32.dll","SUCCESS","Name: \Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.248_none_5d7c08dba7db7edd\comctl32.dll"
"13:32:48,9039981","CondorSetupV2.exe","8896","CloseFile","C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.16299.248_none_5d7c08dba7db7edd\comctl32.dll","SUCCESS",""
"13:32:48,9042580","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\Sorting\Versions","REPARSE","Desired Access: Read"
"13:32:48,9042713","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\Sorting\Versions","SUCCESS","Desired Access: Read"
"13:32:48,9042852","CondorSetupV2.exe","8896","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Nls\Sorting\Versions","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:48,9042915","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\Sorting\Versions\(Default)","SUCCESS","Type: REG_SZ, Length: 18, Data: 0006020E"
"13:32:48,9047745","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9048062","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS","CreationTime: 29.09.2017 14:42:14, LastAccessTime: 29.09.2017 14:42:14, LastWriteTime: 29.09.2017 14:42:14, ChangeTime: 19.01.2018 04:59:36, FileAttributes: A"
"13:32:48,9048165","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS",""
"13:32:48,9049680","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9050109","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\SysWOW64\imm32.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE_READ|PAGE_NOCACHE"
"13:32:48,9050220","CondorSetupV2.exe","8896","QueryStandardInformationFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS","AllocationSize: 143 360, EndOfFile: 143 152, NumberOfLinks: 2, DeletePending: False, Directory: False"
"13:32:48,9050380","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\SysWOW64\imm32.dll","SUCCESS","SyncType: SyncTypeOther"
"13:32:48,9050791","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS",""
"13:32:48,9051784","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\imm32.dll","SUCCESS","Image Base: 0x745b0000, Image Size: 0x25000"
"13:32:48,9051971","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\imm32.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9052095","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS","Name: \Windows\SysWOW64\imm32.dll"
"13:32:48,9053239","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy","REPARSE","Desired Access: Query Value"
"13:32:48,9053357","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy","SUCCESS","Desired Access: Query Value"
"13:32:48,9053481","CondorSetupV2.exe","8896","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:48,9053541","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy\Enabled","SUCCESS","Type: REG_DWORD, Length: 4, Data: 0"
"13:32:48,9053653","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\Lsa","REPARSE","Desired Access: Query Value"
"13:32:48,9053722","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\Lsa","SUCCESS","Desired Access: Query Value"
"13:32:48,9053801","CondorSetupV2.exe","8896","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Lsa","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:48,9053852","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy","NAME NOT FOUND","Length: 20"
"13:32:48,9053909","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy\MDMEnabled","SUCCESS","Type: REG_DWORD, Length: 4, Data: 0"
"13:32:48,9054024","CondorSetupV2.exe","8896","RegCloseKey","HKLM\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy","SUCCESS",""
"13:32:48,9054099","CondorSetupV2.exe","8896","RegCloseKey","HKLM\System\CurrentControlSet\Control\Lsa","SUCCESS",""
"13:32:48,9054184","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SYSTEM\CurrentControlSet\Policies\Microsoft\Cryptography\Configuration","REPARSE","Desired Access: Query Value"
"13:32:48,9054259","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Policies\Microsoft\Cryptography\Configuration","NAME NOT FOUND","Desired Access: Query Value"
"13:32:48,9054875","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\WMI\Security\a6d3c9ac-9128-522a-495a-1821191173c2","NAME NOT FOUND","Length: 524"
"13:32:48,9056116","CondorSetupV2.exe","8896","RegOpenKey","HKLM","SUCCESS","Desired Access: Maximum Allowed, Granted Access: Read"
"13:32:48,9056294","CondorSetupV2.exe","8896","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"13:32:48,9056354","CondorSetupV2.exe","8896","RegQueryKey","HKLM","SUCCESS","Query: Name"
"13:32:48,9056454","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SOFTWARE\WOW6432Node\Microsoft\OLE","REPARSE","Desired Access: Read"
"13:32:48,9056638","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SOFTWARE\Microsoft\Ole","SUCCESS","Desired Access: Read"
"13:32:48,9056723","CondorSetupV2.exe","8896","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\Ole","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:48,9056780","CondorSetupV2.exe","8896","RegQueryValue","HKLM\SOFTWARE\Microsoft\Ole\PageAllocatorUseSystemHeap","NAME NOT FOUND","Length: 144"
"13:32:48,9056934","CondorSetupV2.exe","8896","RegCloseKey","HKLM\SOFTWARE\Microsoft\Ole","SUCCESS",""
"13:32:48,9057016","CondorSetupV2.exe","8896","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"13:32:48,9057061","CondorSetupV2.exe","8896","RegQueryKey","HKLM","SUCCESS","Query: Name"
"13:32:48,9057142","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SOFTWARE\WOW6432Node\Microsoft\OLE","REPARSE","Desired Access: Read"
"13:32:48,9057218","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SOFTWARE\Microsoft\Ole","SUCCESS","Desired Access: Read"
"13:32:48,9057281","CondorSetupV2.exe","8896","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\Ole","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:48,9057336","CondorSetupV2.exe","8896","RegQueryValue","HKLM\SOFTWARE\Microsoft\Ole\PageAllocatorSystemHeapIsPrivate","NAME NOT FOUND","Length: 144"
"13:32:48,9057420","CondorSetupV2.exe","8896","RegCloseKey","HKLM\SOFTWARE\Microsoft\Ole","SUCCESS",""
"13:32:48,9057483","CondorSetupV2.exe","8896","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"13:32:48,9057526","CondorSetupV2.exe","8896","RegQueryKey","HKLM","SUCCESS","Query: Name"
"13:32:48,9057595","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SOFTWARE\WOW6432Node\Microsoft\OLE","REPARSE","Desired Access: Read"
"13:32:48,9057662","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SOFTWARE\Microsoft\Ole","SUCCESS","Desired Access: Read"
"13:32:48,9057719","CondorSetupV2.exe","8896","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\Ole","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:48,9057770","CondorSetupV2.exe","8896","RegQueryValue","HKLM\SOFTWARE\Microsoft\Ole\AggressiveMTATesting","NAME NOT FOUND","Length: 144"
"13:32:48,9057852","CondorSetupV2.exe","8896","RegCloseKey","HKLM\SOFTWARE\Microsoft\Ole","SUCCESS",""
"13:32:48,9058205","CondorSetupV2.exe","8896","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"13:32:48,9058259","CondorSetupV2.exe","8896","RegOpenKey","HKLM","SUCCESS","Desired Access: Read"
"13:32:48,9058335","CondorSetupV2.exe","8896","RegSetInfoKey","HKLM","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:48,9058407","CondorSetupV2.exe","8896","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x100"
"13:32:48,9058456","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\Microsoft\Ole\FeatureDevelopmentProperties","NAME NOT FOUND","Desired Access: Read"
"13:32:48,9058576","CondorSetupV2.exe","8896","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x100"
"13:32:48,9058625","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\Microsoft\Ole\FeatureDevelopmentProperties","NAME NOT FOUND","Desired Access: Read"
"13:32:48,9058709","CondorSetupV2.exe","8896","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x100"
"13:32:48,9058754","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\Microsoft\Ole","SUCCESS","Desired Access: Read"
"13:32:48,9059772","CondorSetupV2.exe","8896","RegOpenKey","HKCU","SUCCESS","Desired Access: Read"
"13:32:48,9059911","CondorSetupV2.exe","8896","RegSetInfoKey","HKCU","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:48,9060010","CondorSetupV2.exe","8896","RegQueryKey","HKCU","SUCCESS","Query: HandleTags, HandleTags: 0x100"
"13:32:48,9060077","CondorSetupV2.exe","8896","RegOpenKey","HKCU\Software\Classes\Local Settings","REPARSE","Desired Access: Read"
"13:32:48,9060182","CondorSetupV2.exe","8896","RegOpenKey","HKCU\Software\Classes\Local Settings","SUCCESS","Desired Access: Read"
"13:32:48,9060318","CondorSetupV2.exe","8896","RegCloseKey","HKCU","SUCCESS",""
"13:32:48,9060418","CondorSetupV2.exe","8896","RegQueryKey","HKCU\Software\Classes\Local Settings","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"13:32:48,9060466","CondorSetupV2.exe","8896","RegQueryKey","HKCU\Software\Classes\Local Settings","SUCCESS","Query: Name"
"13:32:48,9060557","CondorSetupV2.exe","8896","RegOpenKey","HKCU\Software\Classes\Local Settings\Software\Microsoft\Ole\FeatureDevelopmentProperties","NAME NOT FOUND","Desired Access: Read"
"13:32:48,9060662","CondorSetupV2.exe","8896","RegQueryKey","HKCU\Software\Classes\Local Settings","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"13:32:48,9060704","CondorSetupV2.exe","8896","RegQueryKey","HKCU\Software\Classes\Local Settings","SUCCESS","Query: Name"
"13:32:48,9060774","CondorSetupV2.exe","8896","RegOpenKey","HKCU\Software\Classes\Local Settings\Software\Microsoft\Ole\FeatureDevelopmentProperties","NAME NOT FOUND","Desired Access: Read"
"13:32:48,9060861","CondorSetupV2.exe","8896","RegQueryKey","HKCU\Software\Classes\Local Settings","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"13:32:48,9060901","CondorSetupV2.exe","8896","RegQueryKey","HKCU\Software\Classes\Local Settings","SUCCESS","Query: Name"
"13:32:48,9060967","CondorSetupV2.exe","8896","RegOpenKey","HKCU\Software\Classes\Local Settings\Software\Microsoft\Ole","NAME NOT FOUND","Desired Access: Read"
"13:32:48,9061043","CondorSetupV2.exe","8896","RegQueryKey","HKCU\Software\Classes\Local Settings","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"13:32:48,9061082","CondorSetupV2.exe","8896","RegQueryKey","HKCU\Software\Classes\Local Settings","SUCCESS","Query: Name"
"13:32:48,9061148","CondorSetupV2.exe","8896","RegOpenKey","HKCU\Software\Classes\Local Settings\Software\Microsoft","SUCCESS","Desired Access: Read"
"13:32:48,9061224","CondorSetupV2.exe","8896","RegSetInfoKey","HKCU\Software\Classes\Local Settings\Software\Microsoft","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:48,9061867","CondorSetupV2.exe","8896","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"13:32:48,9061909","CondorSetupV2.exe","8896","RegQueryKey","HKLM","SUCCESS","Query: Name"
"13:32:48,9061993","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\WOW6432Node\Microsoft\OLE\Tracing","REPARSE","Desired Access: Read"
"13:32:48,9062081","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SOFTWARE\Microsoft\Ole\Tracing","NAME NOT FOUND","Desired Access: Read"
"13:32:48,9062455","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\WMI\Security\1aff6089-e863-4d36-bdfd-3581f07440be","NAME NOT FOUND","Length: 524"
"13:32:48,9062884","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\WMI\Security\f0558438-f56a-5987-47da-040ca75aef05","NAME NOT FOUND","Length: 524"
"13:32:48,9065317","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9065610","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS","CreationTime: 29.09.2017 14:42:14, LastAccessTime: 29.09.2017 14:42:14, LastWriteTime: 29.09.2017 14:42:14, ChangeTime: 19.01.2018 04:59:36, FileAttributes: A"
"13:32:48,9065710","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS",""
"13:32:48,9067548","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9067789","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS","CreationTime: 29.09.2017 14:42:14, LastAccessTime: 29.09.2017 14:42:14, LastWriteTime: 29.09.2017 14:42:14, ChangeTime: 19.01.2018 04:59:36, FileAttributes: A"
"13:32:48,9067874","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\imm32.dll","SUCCESS",""
"13:32:48,9068318","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\WMI\Security\f25bcd2e-2690-55dc-3bc4-07b65b1b41c9","NAME NOT FOUND","Length: 524"
"13:32:48,9068617","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\Display","REPARSE","Desired Access: Read"
"13:32:48,9068716","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SOFTWARE\Policies\Microsoft\Windows\Display","NAME NOT FOUND","Desired Access: Read"
"13:32:48,9068846","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options","REPARSE","Desired Access: Query Value, Enumerate Sub Keys"
"13:32:48,9069015","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options","SUCCESS","Desired Access: Query Value, Enumerate Sub Keys"
"13:32:48,9069100","CondorSetupV2.exe","8896","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:48,9069193","CondorSetupV2.exe","8896","RegQueryKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options","SUCCESS","Query: HandleTags, HandleTags: 0x400"
"13:32:48,9069250","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CondorSetupV2.exe","NAME NOT FOUND","Desired Access: Query Value, Enumerate Sub Keys"
"13:32:48,9069420","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\Display","REPARSE","Desired Access: Read"
"13:32:48,9069483","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SOFTWARE\Policies\Microsoft\Windows\Display","NAME NOT FOUND","Desired Access: Read"
"13:32:48,9069631","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\GRE_Initialize","REPARSE","Desired Access: Read"
"13:32:48,9069755","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize","SUCCESS","Desired Access: Read"
"13:32:48,9069824","CondorSetupV2.exe","8896","RegSetInfoKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:48,9069887","CondorSetupV2.exe","8896","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize\DisableMetaFiles","NAME NOT FOUND","Length: 20"
"13:32:48,9070002","CondorSetupV2.exe","8896","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize","SUCCESS",""
"13:32:48,9070307","CondorSetupV2.exe","8896","RegOpenKey","HKCU\Control Panel\Desktop","SUCCESS","Desired Access: Read"
"13:32:48,9070431","CondorSetupV2.exe","8896","RegQueryValue","HKCU\Control Panel\Desktop\EnablePerProcessSystemDPI","NAME NOT FOUND","Length: 520"
"13:32:48,9070558","CondorSetupV2.exe","8896","RegCloseKey","HKCU\Control Panel\Desktop","SUCCESS",""
"13:32:48,9071349","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Compatibility32","SUCCESS","Desired Access: Read"
"13:32:48,9071512","CondorSetupV2.exe","8896","RegQueryValue","HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Compatibility32\CondorSetupV2","NAME NOT FOUND","Length: 172"
"13:32:48,9071602","CondorSetupV2.exe","8896","RegCloseKey","HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Compatibility32","SUCCESS",""
"13:32:48,9071684","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\IME Compatibility","NAME NOT FOUND","Desired Access: Read"
"13:32:48,9076046","CondorSetupV2.exe","8896","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"13:32:48,9076145","CondorSetupV2.exe","8896","RegQueryKey","HKLM","SUCCESS","Query: Name"
"13:32:48,9076290","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows","SUCCESS","Desired Access: Read"
"13:32:48,9076444","CondorSetupV2.exe","8896","RegSetInfoKey","HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:48,9076526","CondorSetupV2.exe","8896","RegQueryValue","HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows\LoadAppInit_DLLs","SUCCESS","Type: REG_DWORD, Length: 4, Data: 0"
"13:32:48,9076652","CondorSetupV2.exe","8896","RegCloseKey","HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows","SUCCESS",""
"13:32:48,9077543","CondorSetupV2.exe","8896","RegQueryKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options","SUCCESS","Query: HandleTags, HandleTags: 0x400"
"13:32:48,9077618","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CondorSetupV2.exe","NAME NOT FOUND","Desired Access: Query Value, Enumerate Sub Keys"
"13:32:48,9081824","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9082053","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS","CreationTime: 14.02.2018 01:31:21, LastAccessTime: 14.02.2018 01:31:21, LastWriteTime: 10.02.2018 06:22:00, ChangeTime: 14.02.2018 02:22:35, FileAttributes: A"
"13:32:48,9082153","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS",""
"13:32:48,9083997","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\ole32.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9084284","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\SysWOW64\ole32.dll","SUCCESS","CreationTime: 03.02.2018 07:12:20, LastAccessTime: 03.02.2018 07:12:20, LastWriteTime: 01.01.2018 12:42:32, ChangeTime: 14.02.2018 01:34:27, FileAttributes: A"
"13:32:48,9084374","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\ole32.dll","SUCCESS",""
"13:32:48,9085165","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\ole32.dll","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9085549","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\SysWOW64\ole32.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE_READ|PAGE_NOCACHE"
"13:32:48,9085648","CondorSetupV2.exe","8896","QueryStandardInformationFile","C:\Windows\SysWOW64\ole32.dll","SUCCESS","AllocationSize: 1 003 520, EndOfFile: 1 003 152, NumberOfLinks: 2, DeletePending: False, Directory: False"
"13:32:48,9085793","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\SysWOW64\ole32.dll","SUCCESS","SyncType: SyncTypeOther"
"13:32:48,9086288","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\ole32.dll","SUCCESS",""
"13:32:48,9086762","CondorSetupV2.exe","8896","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"13:32:48,9086820","CondorSetupV2.exe","8896","RegQueryKey","HKLM","SUCCESS","Query: Name"
"13:32:48,9086931","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SOFTWARE\WOW6432Node\Microsoft\OLEAUT","NAME NOT FOUND","Desired Access: Query Value"
"13:32:48,9090140","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9090342","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS","CreationTime: 14.02.2018 01:31:21, LastAccessTime: 14.02.2018 01:31:21, LastWriteTime: 10.02.2018 06:22:00, ChangeTime: 14.02.2018 02:22:35, FileAttributes: A"
"13:32:48,9090430","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS",""
"13:32:48,9092196","CondorSetupV2.exe","8896","CreateFile","C:\Windows\WindowsShell.Manifest","SUCCESS","Desired Access: Generic Read/Execute, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9092531","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\WindowsShell.Manifest","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE_READ|PAGE_NOCACHE"
"13:32:48,9092622","CondorSetupV2.exe","8896","QueryStandardInformationFile","C:\Windows\WindowsShell.Manifest","SUCCESS","AllocationSize: 4 096, EndOfFile: 670, NumberOfLinks: 3, DeletePending: False, Directory: False"
"13:32:48,9092778","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\WindowsShell.Manifest","SUCCESS","SyncType: SyncTypeOther"
"13:32:48,9093077","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\SideBySide","NAME NOT FOUND","Desired Access: Read"
"13:32:48,9093222","CondorSetupV2.exe","8896","QueryStandardInformationFile","C:\Windows\WindowsShell.Manifest","SUCCESS","AllocationSize: 4 096, EndOfFile: 670, NumberOfLinks: 3, DeletePending: False, Directory: False"
"13:32:48,9093313","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\WindowsShell.Manifest","SUCCESS","CreationTime: 29.09.2017 14:41:58, LastAccessTime: 29.09.2017 14:41:58, LastWriteTime: 29.09.2017 14:41:58, ChangeTime: 16.02.2018 21:18:33, FileAttributes: RHA"
"13:32:48,9093865","CondorSetupV2.exe","8896","CloseFile","C:\Windows\WindowsShell.Manifest","SUCCESS",""
"13:32:48,9095360","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","REPARSE","Desired Access: Read"
"13:32:48,9095465","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","SUCCESS","Desired Access: Read"
"13:32:48,9095580","CondorSetupV2.exe","8896","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:48,9095637","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale\fr-CH","NAME NOT FOUND","Length: 532"
"13:32:48,9095734","CondorSetupV2.exe","8896","RegCloseKey","HKLM\System\CurrentControlSet\Control\Nls\CustomLocale","SUCCESS",""
"13:32:48,9095815","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale","REPARSE","Desired Access: Read"
"13:32:48,9095885","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale","SUCCESS","Desired Access: Read"
"13:32:48,9095975","CondorSetupV2.exe","8896","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:48,9096030","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale\fr-CH","NAME NOT FOUND","Length: 532"
"13:32:48,9096105","CondorSetupV2.exe","8896","RegCloseKey","HKLM\System\CurrentControlSet\Control\Nls\ExtendedLocale","SUCCESS",""
"13:32:48,9097859","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\shell32.dll","SUCCESS","Image Base: 0x750b0000, Image Size: 0x1333000"
"13:32:48,9098146","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\shell32.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9098291","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\shell32.dll","SUCCESS","Name: \Windows\SysWOW64\shell32.dll"
"13:32:48,9099948","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\cfgmgr32.dll","SUCCESS","Image Base: 0x74ee0000, Image Size: 0x38000"
"13:32:48,9100193","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\cfgmgr32.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9100337","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\cfgmgr32.dll","SUCCESS","Name: \Windows\SysWOW64\cfgmgr32.dll"
"13:32:48,9101765","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\SHCore.dll","SUCCESS","Image Base: 0x764c0000, Image Size: 0x88000"
"13:32:48,9101971","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\SHCore.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9102100","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\SHCore.dll","SUCCESS","Name: \Windows\SysWOW64\SHCore.dll"
"13:32:48,9103429","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\windows.storage.dll","SUCCESS","Image Base: 0x773e0000, Image Size: 0x5c6000"
"13:32:48,9103634","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\windows.storage.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9103755","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\windows.storage.dll","SUCCESS","Name: \Windows\SysWOW64\windows.storage.dll"
"13:32:48,9104992","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\shlwapi.dll","SUCCESS","Image Base: 0x76ea0000, Image Size: 0x45000"
"13:32:48,9105237","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\shlwapi.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9105379","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\shlwapi.dll","SUCCESS","Name: \Windows\SysWOW64\shlwapi.dll"
"13:32:48,9106653","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\kernel.appcore.dll","SUCCESS","Image Base: 0x773d0000, Image Size: 0xe000"
"13:32:48,9106840","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\kernel.appcore.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9106957","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\kernel.appcore.dll","SUCCESS","Name: \Windows\SysWOW64\kernel.appcore.dll"
"13:32:48,9108014","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\powrprof.dll","SUCCESS","Image Base: 0x76e40000, Image Size: 0x45000"
"13:32:48,9108174","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\powrprof.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9108286","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\powrprof.dll","SUCCESS","Name: \Windows\SysWOW64\powrprof.dll"
"13:32:48,9109306","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\profapi.dll","SUCCESS","Image Base: 0x76450000, Image Size: 0x14000"
"13:32:48,9109448","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\profapi.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9109560","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\profapi.dll","SUCCESS","Name: \Windows\SysWOW64\profapi.dll"
"13:32:48,9118009","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9118254","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS","CreationTime: 14.02.2018 01:31:21, LastAccessTime: 14.02.2018 01:31:21, LastWriteTime: 10.02.2018 06:22:00, ChangeTime: 14.02.2018 02:22:35, FileAttributes: A"
"13:32:48,9118353","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS",""
"13:32:48,9120874","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9121118","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS","CreationTime: 14.02.2018 01:31:21, LastAccessTime: 14.02.2018 01:31:21, LastWriteTime: 10.02.2018 06:22:00, ChangeTime: 14.02.2018 02:22:35, FileAttributes: A"
"13:32:48,9121227","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS",""
"13:32:48,9123884","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9124071","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS","CreationTime: 14.02.2018 01:31:21, LastAccessTime: 14.02.2018 01:31:21, LastWriteTime: 10.02.2018 06:22:00, ChangeTime: 14.02.2018 02:22:35, FileAttributes: A"
"13:32:48,9124182","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS",""
"13:32:48,9127488","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\WMI\Security\30336ed4-e327-447c-9de0-51b652c86108","NAME NOT FOUND","Length: 524"
"13:32:48,9128031","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\WMI\Security\b87cf16b-0bf8-4492-a510-d5f59626b033","NAME NOT FOUND","Length: 524"
"13:32:48,9128369","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\WMI\Security\a40b455c-253c-4311-ac6d-6e667edccefc","NAME NOT FOUND","Length: 524"
"13:32:48,9128656","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\WMI\Security\703fcc13-b66f-5868-ddd9-e2db7f381ffb","NAME NOT FOUND","Length: 524"
"13:32:48,9128928","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\WMI\Security\32980f26-c8f5-5767-6b26-635b3fa83c61","NAME NOT FOUND","Length: 524"
"13:32:48,9130787","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9130978","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS","CreationTime: 14.02.2018 01:31:21, LastAccessTime: 14.02.2018 01:31:21, LastWriteTime: 10.02.2018 06:22:00, ChangeTime: 14.02.2018 02:22:35, FileAttributes: A"
"13:32:48,9131071","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS",""
"13:32:48,9133586","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\WMI\Security\30336ed4-e327-447c-9de0-51b652c86108","NAME NOT FOUND","Length: 524"
"13:32:48,9133918","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\WMI\Security\b87cf16b-0bf8-4492-a510-d5f59626b033","NAME NOT FOUND","Length: 524"
"13:32:48,9134202","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\WMI\Security\32980f26-c8f5-5767-6b26-635b3fa83c61","NAME NOT FOUND","Length: 524"
"13:32:48,9134467","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\WMI\Security\703fcc13-b66f-5868-ddd9-e2db7f381ffb","NAME NOT FOUND","Length: 524"
"13:32:48,9134917","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\CMF\Config","REPARSE","Desired Access: Read"
"13:32:48,9135041","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\CMF\Config","SUCCESS","Desired Access: Read"
"13:32:48,9135204","CondorSetupV2.exe","8896","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\CMF\Config","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:48,9135261","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\CMF\Config\SYSTEM","SUCCESS","Type: REG_DWORD, Length: 4, Data: 0"
"13:32:48,9135367","CondorSetupV2.exe","8896","RegCloseKey","HKLM\System\CurrentControlSet\Control\CMF\Config","SUCCESS",""
"13:32:48,9136221","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\fr-FR\KernelBase.dll.mui","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9136644","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\SysWOW64\fr-FR\KernelBase.dll.mui","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE_READ|PAGE_NOCACHE"
"13:32:48,9136743","CondorSetupV2.exe","8896","QueryStandardInformationFile","C:\Windows\SysWOW64\fr-FR\KernelBase.dll.mui","SUCCESS","AllocationSize: 1 126 400, EndOfFile: 1 123 840, NumberOfLinks: 2, DeletePending: False, Directory: False"
"13:32:48,9136888","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\SysWOW64\fr-FR\KernelBase.dll.mui","SUCCESS","SyncType: SyncTypeOther"
"13:32:48,9138648","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\netmsg.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9138932","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\SysWOW64\netmsg.dll","SUCCESS","CreationTime: 29.09.2017 14:42:14, LastAccessTime: 29.09.2017 14:42:14, LastWriteTime: 29.09.2017 14:42:14, ChangeTime: 19.01.2018 04:59:39, FileAttributes: A"
"13:32:48,9139110","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\netmsg.dll","SUCCESS",""
"13:32:48,9140417","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\netmsg.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9140867","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\SysWOW64\netmsg.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE_READ|PAGE_NOCACHE"
"13:32:48,9141048","CondorSetupV2.exe","8896","QueryStandardInformationFile","C:\Windows\SysWOW64\netmsg.dll","SUCCESS","AllocationSize: 4 096, EndOfFile: 2 560, NumberOfLinks: 2, DeletePending: False, Directory: False"
"13:32:48,9141247","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\SysWOW64\netmsg.dll","SUCCESS","SyncType: SyncTypeOther"
"13:32:48,9141543","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\netmsg.dll","SUCCESS",""
"13:32:48,9142560","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\fr-FR\netmsg.dll.mui","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9142917","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\SysWOW64\fr-FR\netmsg.dll.mui","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE_READ|PAGE_NOCACHE"
"13:32:48,9142995","CondorSetupV2.exe","8896","QueryStandardInformationFile","C:\Windows\SysWOW64\fr-FR\netmsg.dll.mui","SUCCESS","AllocationSize: 237 568, EndOfFile: 236 544, NumberOfLinks: 4, DeletePending: False, Directory: False"
"13:32:48,9143128","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\System32\fr-FR\netmsg.dll.mui","SUCCESS","SyncType: SyncTypeOther"
"13:32:48,9144764","CondorSetupV2.exe","8896","CreateFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9145238","CondorSetupV2.exe","8896","QueryStandardInformationFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","AllocationSize: 636 301 312, EndOfFile: 636 299 576, NumberOfLinks: 1, DeletePending: False, Directory: False"
"13:32:48,9145304","CondorSetupV2.exe","8896","QueryStandardInformationFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","AllocationSize: 636 301 312, EndOfFile: 636 299 576, NumberOfLinks: 1, DeletePending: False, Directory: False"
"13:32:48,9145383","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 852 119, Length: 64, Priority: Normal"
"13:32:48,9145721","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 852 183, Length: 4"
"13:32:48,9145806","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 852 187, Length: 5"
"13:32:48,9145890","CondorSetupV2.exe","8896","QueryStandardInformationFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","AllocationSize: 636 301 312, EndOfFile: 636 299 576, NumberOfLinks: 1, DeletePending: False, Directory: False"
"13:32:48,9146168","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 852 192, Length: 4"
"13:32:48,9146237","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 852 196, Length: 4 096"
"13:32:48,9146898","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 856 292, Length: 4"
"13:32:48,9146971","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 856 296, Length: 4 096"
"13:32:48,9147155","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 860 392, Length: 4"
"13:32:48,9147212","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 860 396, Length: 4 096"
"13:32:48,9147390","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 864 492, Length: 4"
"13:32:48,9147451","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 864 496, Length: 4 096"
"13:32:48,9147629","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 868 592, Length: 4"
"13:32:48,9147686","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 868 596, Length: 4 096"
"13:32:48,9147867","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 872 692, Length: 4"
"13:32:48,9147922","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 872 696, Length: 4 096"
"13:32:48,9148103","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 876 792, Length: 4"
"13:32:48,9148160","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 876 796, Length: 4 096"
"13:32:48,9148341","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 880 892, Length: 4"
"13:32:48,9148399","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 880 896, Length: 4 096"
"13:32:48,9148577","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 884 992, Length: 4"
"13:32:48,9148634","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 884 996, Length: 4 096"
"13:32:48,9148812","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 889 092, Length: 4"
"13:32:48,9148870","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 889 096, Length: 4 096"
"13:32:48,9149048","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 893 192, Length: 4"
"13:32:48,9149108","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 893 196, Length: 4 096"
"13:32:48,9149289","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 897 292, Length: 4"
"13:32:48,9149347","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 897 296, Length: 4 096"
"13:32:48,9149525","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 901 392, Length: 4"
"13:32:48,9149579","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 901 396, Length: 4 096"
"13:32:48,9149757","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 905 492, Length: 4"
"13:32:48,9149814","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 905 496, Length: 4 096"
"13:32:48,9150137","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 909 592, Length: 4"
"13:32:48,9150282","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 909 596, Length: 4 096"
"13:32:48,9150500","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 913 692, Length: 4"
"13:32:48,9150557","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 913 696, Length: 4 096"
"13:32:48,9150741","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 917 792, Length: 4"
"13:32:48,9150802","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 635 917 796, Length: 4 096"
"13:32:48,9216480","CondorSetupV2.exe","8896","CreateFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9216731","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp","SUCCESS","CreationTime: 19.01.2018 05:11:13, LastAccessTime: 26.02.2018 13:31:41, LastWriteTime: 26.02.2018 13:31:41, ChangeTime: 26.02.2018 13:31:41, FileAttributes: D"
"13:32:48,9217337","CondorSetupV2.exe","8896","CloseFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp","SUCCESS",""
"13:32:48,9219022","CondorSetupV2.exe","8896","CreateFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
"13:32:48,9220115","CondorSetupV2.exe","8896","CreateFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Open Reparse Point, Attributes: N, ShareMode: Read, Write, AllocationSize: 0, OpenResult: Created"
"13:32:48,9221763","CondorSetupV2.exe","8896","CloseFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp","SUCCESS",""
"13:32:48,9223631","CondorSetupV2.exe","8896","CreateFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: , Attributes: N, ShareMode: Read, AllocationSize: n/a"
"13:32:48,9223985","CondorSetupV2.exe","8896","CreateFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","SUCCESS","Desired Access: Generic Write, Read Attributes, Disposition: OverwriteIf, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: None, AllocationSize: 0, OpenResult: Created"
"13:32:48,9227381","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 053 231, Length: 4"
"13:32:48,9227562","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 053 235, Length: 5"
"13:32:48,9227677","CondorSetupV2.exe","8896","QueryStandardInformationFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","AllocationSize: 636 301 312, EndOfFile: 636 299 576, NumberOfLinks: 1, DeletePending: False, Directory: False"
"13:32:48,9228033","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 053 240, Length: 4"
"13:32:48,9228105","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 053 244, Length: 4 096"
"13:32:48,9228585","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 057 340, Length: 4"
"13:32:48,9228652","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 057 344, Length: 4 096"
"13:32:48,9228842","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 061 440, Length: 4"
"13:32:48,9228899","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 061 444, Length: 4 096"
"13:32:48,9229080","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 065 540, Length: 4"
"13:32:48,9229138","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 065 544, Length: 4 096"
"13:32:48,9229316","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 069 640, Length: 4"
"13:32:48,9229373","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 069 644, Length: 4 096"
"13:32:48,9229554","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 073 740, Length: 4"
"13:32:48,9229612","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 073 744, Length: 4 096"
"13:32:48,9229790","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 077 840, Length: 4"
"13:32:48,9229847","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 077 844, Length: 4 096"
"13:32:48,9230037","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 081 940, Length: 4"
"13:32:48,9230098","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 081 944, Length: 4 096"
"13:32:48,9230279","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 086 040, Length: 4"
"13:32:48,9230336","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 086 044, Length: 4 096"
"13:32:48,9230514","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 090 140, Length: 4"
"13:32:48,9230572","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 090 144, Length: 4 096"
"13:32:48,9230753","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 094 240, Length: 4"
"13:32:48,9230810","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 094 244, Length: 4 096"
"13:32:48,9230988","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 098 340, Length: 4"
"13:32:48,9231042","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 098 344, Length: 4 096"
"13:32:48,9231224","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 102 440, Length: 4"
"13:32:48,9231281","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 102 444, Length: 4 096"
"13:32:48,9231459","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 106 540, Length: 4"
"13:32:48,9231513","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 106 544, Length: 4 096"
"13:32:48,9231691","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 110 640, Length: 4"
"13:32:48,9231749","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 110 644, Length: 4 096"
"13:32:48,9231930","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 114 740, Length: 4"
"13:32:48,9231987","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 114 744, Length: 4 096"
"13:32:48,9232165","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 118 840, Length: 4"
"13:32:48,9232223","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 118 844, Length: 4 096"
"13:32:48,9292443","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 122 940, Length: 4"
"13:32:48,9292640","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 122 944, Length: 4 096"
"13:32:48,9292872","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 127 040, Length: 4"
"13:32:48,9292948","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 127 044, Length: 4 096"
"13:32:48,9293144","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 131 140, Length: 4"
"13:32:48,9293204","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 131 144, Length: 4 096"
"13:32:48,9293391","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 135 240, Length: 4"
"13:32:48,9293458","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 135 244, Length: 4 096"
"13:32:48,9293642","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 139 340, Length: 4"
"13:32:48,9293699","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 139 344, Length: 4 096"
"13:32:48,9293883","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 143 440, Length: 4"
"13:32:48,9293944","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 143 444, Length: 4 096"
"13:32:48,9294128","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 147 540, Length: 4"
"13:32:48,9294188","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 147 544, Length: 4 096"
"13:32:48,9294369","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 151 640, Length: 4"
"13:32:48,9294427","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 151 644, Length: 4 096"
"13:32:48,9294608","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 155 740, Length: 4"
"13:32:48,9294668","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 155 744, Length: 4 096"
"13:32:48,9294855","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 159 840, Length: 4"
"13:32:48,9294913","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 159 844, Length: 4 096"
"13:32:48,9295094","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 163 940, Length: 4"
"13:32:48,9295154","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 163 944, Length: 4 096"
"13:32:48,9295335","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 168 040, Length: 4"
"13:32:48,9295390","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 168 044, Length: 4 096"
"13:32:48,9295571","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 172 140, Length: 4"
"13:32:48,9295625","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 172 144, Length: 4 096"
"13:32:48,9295806","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 176 240, Length: 4"
"13:32:48,9295864","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 176 244, Length: 4 096"
"13:32:48,9296045","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 180 340, Length: 4"
"13:32:48,9296102","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 180 344, Length: 4 096"
"13:32:48,9296283","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 184 440, Length: 4"
"13:32:48,9296341","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 184 444, Length: 4 096"
"13:32:48,9361026","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 188 540, Length: 4"
"13:32:48,9361195","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 188 544, Length: 4 096"
"13:32:48,9361434","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 192 640, Length: 4"
"13:32:48,9361509","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 192 644, Length: 4 096"
"13:32:48,9361711","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 196 740, Length: 4"
"13:32:48,9361775","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 196 744, Length: 4 096"
"13:32:48,9361959","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 200 840, Length: 4"
"13:32:48,9362022","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 200 844, Length: 4 096"
"13:32:48,9362206","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 204 940, Length: 4"
"13:32:48,9362267","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 204 944, Length: 4 096"
"13:32:48,9362451","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 209 040, Length: 4"
"13:32:48,9362508","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 209 044, Length: 4 096"
"13:32:48,9362689","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 213 140, Length: 4"
"13:32:48,9362747","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 213 144, Length: 4 096"
"13:32:48,9362931","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 217 240, Length: 4"
"13:32:48,9362988","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 217 244, Length: 4 096"
"13:32:48,9363169","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 221 340, Length: 4"
"13:32:48,9363227","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 221 344, Length: 4 096"
"13:32:48,9363444","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 225 440, Length: 4"
"13:32:48,9363507","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 225 444, Length: 4 096"
"13:32:48,9363689","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 229 540, Length: 4"
"13:32:48,9363749","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 229 544, Length: 4 096"
"13:32:48,9363930","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 233 640, Length: 4"
"13:32:48,9363984","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 233 644, Length: 4 096"
"13:32:48,9364169","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 237 740, Length: 4"
"13:32:48,9364226","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 237 744, Length: 4 096"
"13:32:48,9364407","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 241 840, Length: 4"
"13:32:48,9364464","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 241 844, Length: 4 096"
"13:32:48,9364649","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 245 940, Length: 4"
"13:32:48,9364709","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 245 944, Length: 4 096"
"13:32:48,9364890","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 250 040, Length: 4"
"13:32:48,9364950","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 250 044, Length: 4 096"
"13:32:48,9427800","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 254 140, Length: 4"
"13:32:48,9427985","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 254 144, Length: 4 096"
"13:32:48,9428226","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 258 240, Length: 4"
"13:32:48,9428292","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 258 244, Length: 4 096"
"13:32:48,9428483","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 262 340, Length: 4"
"13:32:48,9428543","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 262 344, Length: 4 096"
"13:32:48,9428727","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 266 440, Length: 4"
"13:32:48,9428788","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 266 444, Length: 4 096"
"13:32:48,9428975","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 270 540, Length: 4"
"13:32:48,9429168","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 270 544, Length: 4 096"
"13:32:48,9429446","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 274 640, Length: 4"
"13:32:48,9429527","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 274 644, Length: 4 096"
"13:32:48,9429720","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 278 740, Length: 4"
"13:32:48,9429778","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 278 744, Length: 4 096"
"13:32:48,9429962","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 282 840, Length: 4"
"13:32:48,9430019","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 282 844, Length: 4 096"
"13:32:48,9430282","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 286 940, Length: 4"
"13:32:48,9430345","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 286 944, Length: 4 096"
"13:32:48,9430529","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 291 040, Length: 4"
"13:32:48,9430587","CondorSetupV2.exe","8896","ReadFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Offset: 636 291 044, Length: 2 823"
"13:32:48,9500008","CondorSetupV2.exe","8896","SetEndOfFileInformationFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","SUCCESS","EndOfFile: 718 848"
"13:32:48,9501400","CondorSetupV2.exe","8896","SetAllocationInformationFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","SUCCESS","AllocationSize: 718 848"
"13:32:48,9501717","CondorSetupV2.exe","8896","WriteFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","SUCCESS","Offset: 0, Length: 718 848, Priority: Normal"
"13:32:48,9505210","CondorSetupV2.exe","8896","CloseFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","SUCCESS",""
"13:32:48,9658317","CondorSetupV2.exe","8896","CloseFile","H:\Téléchargements\CondorSetupV2.exe","SUCCESS",""
"13:32:48,9660231","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\Sorting\Versions\000602xx","SUCCESS","Type: REG_SZ, Length: 26, Data: kernel32.dll"
"13:32:48,9661396","CondorSetupV2.exe","8896","CreateFile","C:\Windows\Globalization\Sorting\SortDefault.nls","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9661803","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\Globalization\Sorting\SortDefault.nls","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE_READ|PAGE_NOCACHE"
"13:32:48,9661906","CondorSetupV2.exe","8896","QueryStandardInformationFile","C:\Windows\Globalization\Sorting\SortDefault.nls","SUCCESS","AllocationSize: 3 371 008, EndOfFile: 3 368 788, NumberOfLinks: 2, DeletePending: False, Directory: False"
"13:32:48,9662051","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\Globalization\Sorting\SortDefault.nls","SUCCESS","SyncType: SyncTypeOther"
"13:32:48,9662356","CondorSetupV2.exe","8896","CloseFile","C:\Windows\Globalization\Sorting\SortDefault.nls","SUCCESS",""
"13:32:48,9662872","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\Sorting\Ids","REPARSE","Desired Access: Read"
"13:32:48,9663014","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\Nls\Sorting\Ids","SUCCESS","Desired Access: Read"
"13:32:48,9663174","CondorSetupV2.exe","8896","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Nls\Sorting\Ids","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:48,9663237","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\Sorting\Ids\fr-CH","NAME NOT FOUND","Length: 90"
"13:32:48,9663325","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\Nls\Sorting\Ids\fr","SUCCESS","Type: REG_SZ, Length: 78, Data: {00000003-57EE-1E5C-00B4-D0000BB1E11E}"
"13:32:48,9666301","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\uxtheme.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9666642","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\SysWOW64\uxtheme.dll","SUCCESS","CreationTime: 29.09.2017 14:42:25, LastAccessTime: 29.09.2017 14:42:25, LastWriteTime: 29.09.2017 14:42:25, ChangeTime: 19.01.2018 04:59:42, FileAttributes: A"
"13:32:48,9666772","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\uxtheme.dll","SUCCESS",""
"13:32:48,9667841","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\uxtheme.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9668264","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\SysWOW64\uxtheme.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE_READ"
"13:32:48,9668493","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\SysWOW64\uxtheme.dll","SUCCESS","SyncType: SyncTypeOther"
"13:32:48,9669314","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\uxtheme.dll","SUCCESS","Image Base: 0x70800000, Image Size: 0x79000"
"13:32:48,9669580","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\uxtheme.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9669728","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\uxtheme.dll","SUCCESS","Name: \Windows\SysWOW64\uxtheme.dll"
"13:32:48,9671611","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\uxtheme.dll","SUCCESS",""
"13:32:48,9674262","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9674479","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS","CreationTime: 14.02.2018 01:31:21, LastAccessTime: 14.02.2018 01:31:21, LastWriteTime: 10.02.2018 06:22:00, ChangeTime: 14.02.2018 02:22:35, FileAttributes: A"
"13:32:48,9674579","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS",""
"13:32:48,9677833","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\msctf.dll","SUCCESS","Image Base: 0x74d10000, Image Size: 0x144000"
"13:32:48,9678056","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\msctf.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9678210","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\msctf.dll","SUCCESS","Name: \Windows\SysWOW64\msctf.dll"
"13:32:48,9681797","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9682017","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS","CreationTime: 14.02.2018 01:31:21, LastAccessTime: 14.02.2018 01:31:21, LastWriteTime: 10.02.2018 06:22:00, ChangeTime: 14.02.2018 02:22:35, FileAttributes: A"
"13:32:48,9682126","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS",""
"13:32:48,9683789","CondorSetupV2.exe","8896","QueryOpen","E:\Program Files (x86)\ASUS\ASUS MultiFrame\HookTitle.dll","SUCCESS","CreationTime: 15.08.2013 17:36:44, LastAccessTime: 19.01.2018 07:10:32, LastWriteTime: 15.08.2013 17:36:44, ChangeTime: 19.01.2018 07:10:32, AllocationSize: 1 994 752, EndOfFile: 1 993 728, FileAttributes: A"
"13:32:48,9684215","CondorSetupV2.exe","8896","CreateFile","E:\Program Files (x86)\ASUS\ASUS MultiFrame\HookTitle.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9684535","CondorSetupV2.exe","8896","CreateFileMapping","E:\Program Files (x86)\ASUS\ASUS MultiFrame\HookTitle.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE_READ"
"13:32:48,9684737","CondorSetupV2.exe","8896","CreateFileMapping","E:\Program Files (x86)\ASUS\ASUS MultiFrame\HookTitle.dll","SUCCESS","SyncType: SyncTypeOther"
"13:32:48,9685507","CondorSetupV2.exe","8896","Load Image","E:\Program Files (x86)\ASUS\ASUS MultiFrame\HookTitle.dll","SUCCESS","Image Base: 0x77e00000, Image Size: 0x1f4000"
"13:32:48,9685694","CondorSetupV2.exe","8896","QueryNameInformationFile","E:\Program Files (x86)\ASUS\ASUS MultiFrame\HookTitle.dll","BUFFER OVERFLOW","Name: \Progr"
"13:32:48,9685845","CondorSetupV2.exe","8896","QueryNameInformationFile","E:\Program Files (x86)\ASUS\ASUS MultiFrame\HookTitle.dll","SUCCESS","Name: \Program Files (x86)\ASUS\ASUS MultiFrame\HookTitle.dll"
"13:32:48,9686494","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\SideBySide","NAME NOT FOUND","Desired Access: Read"
"13:32:48,9687100","CondorSetupV2.exe","8896","CreateFile","E:\Program Files (x86)\ASUS\ASUS MultiFrame\HookTitle.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9687426","CondorSetupV2.exe","8896","QueryBasicInformationFile","E:\Program Files (x86)\ASUS\ASUS MultiFrame\HookTitle.dll","SUCCESS","CreationTime: 15.08.2013 17:36:44, LastAccessTime: 19.01.2018 07:10:32, LastWriteTime: 15.08.2013 17:36:44, ChangeTime: 19.01.2018 07:10:32, FileAttributes: A"
"13:32:48,9688030","CondorSetupV2.exe","8896","CloseFile","E:\Program Files (x86)\ASUS\ASUS MultiFrame\HookTitle.dll","SUCCESS",""
"13:32:48,9688697","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\SideBySide\AssemblyStorageRoots","NAME NOT FOUND","Desired Access: Enumerate Sub Keys"
"13:32:48,9689280","CondorSetupV2.exe","8896","QueryOpen","H:\Téléchargements\CondorSetupV2.exe.Local","NAME NOT FOUND",""
"13:32:48,9690246","CondorSetupV2.exe","8896","CreateFile","C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.16299.248_none_8e66fbc1026df8ab","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9691363","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\ole32.dll","SUCCESS","Image Base: 0x76f50000, Image Size: 0xf7000"
"13:32:48,9691604","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\ole32.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9691746","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\ole32.dll","SUCCESS","Name: \Windows\SysWOW64\ole32.dll"
"13:32:48,9692673","CondorSetupV2.exe","8896","CloseFile","E:\Program Files (x86)\ASUS\ASUS MultiFrame\HookTitle.dll","SUCCESS",""
"13:32:48,9693298","CondorSetupV2.exe","8896","QueryOpen","E:\Program Files (x86)\ASUS\ASUS MultiFrame\MSIMG32.dll","NAME NOT FOUND",""
"13:32:48,9694708","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\msimg32.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9695000","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\SysWOW64\msimg32.dll","SUCCESS","CreationTime: 29.09.2017 14:42:14, LastAccessTime: 29.09.2017 14:42:14, LastWriteTime: 29.09.2017 14:42:14, ChangeTime: 19.01.2018 04:59:38, FileAttributes: A"
"13:32:48,9695103","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\msimg32.dll","SUCCESS",""
"13:32:48,9696244","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\msimg32.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9696700","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\SysWOW64\msimg32.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE_READ"
"13:32:48,9696938","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\SysWOW64\msimg32.dll","SUCCESS","SyncType: SyncTypeOther"
"13:32:48,9697569","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\msimg32.dll","SUCCESS","Image Base: 0x743b0000, Image Size: 0x6000"
"13:32:48,9697732","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\msimg32.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9697865","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\msimg32.dll","SUCCESS","Name: \Windows\SysWOW64\msimg32.dll"
"13:32:48,9698339","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\msimg32.dll","SUCCESS",""
"13:32:48,9698934","CondorSetupV2.exe","8896","QueryOpen","E:\Program Files (x86)\ASUS\ASUS MultiFrame\OLEACC.dll","NAME NOT FOUND",""
"13:32:48,9701551","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\oleacc.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9701859","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\SysWOW64\oleacc.dll","SUCCESS","CreationTime: 29.09.2017 14:42:23, LastAccessTime: 29.09.2017 14:42:23, LastWriteTime: 29.09.2017 14:42:23, ChangeTime: 19.01.2018 04:59:39, FileAttributes: A"
"13:32:48,9701965","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\oleacc.dll","SUCCESS",""
"13:32:48,9702997","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\oleacc.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9703420","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\SysWOW64\oleacc.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE_READ"
"13:32:48,9703640","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\SysWOW64\oleacc.dll","SUCCESS","SyncType: SyncTypeOther"
"13:32:48,9704334","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\oleacc.dll","SUCCESS","Image Base: 0x72ba0000, Image Size: 0x56000"
"13:32:48,9704639","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\oleacc.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9704799","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\oleacc.dll","SUCCESS","Name: \Windows\SysWOW64\oleacc.dll"
"13:32:48,9705620","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\oleacc.dll","SUCCESS",""
"13:32:48,9707477","CondorSetupV2.exe","8896","CreateFile","C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.16299.248_none_8e66fbc1026df8ab\GdiPlus.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9707830","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.16299.248_none_8e66fbc1026df8ab\GdiPlus.dll","SUCCESS","CreationTime: 14.02.2018 01:31:20, LastAccessTime: 14.02.2018 01:31:20, LastWriteTime: 10.02.2018 05:46:22, ChangeTime: 14.02.2018 01:34:27, FileAttributes: A"
"13:32:48,9707942","CondorSetupV2.exe","8896","CloseFile","C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.16299.248_none_8e66fbc1026df8ab\GdiPlus.dll","SUCCESS",""
"13:32:48,9708793","CondorSetupV2.exe","8896","CreateFile","C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.16299.248_none_8e66fbc1026df8ab\GdiPlus.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9709207","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.16299.248_none_8e66fbc1026df8ab\GdiPlus.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE_READ"
"13:32:48,9709424","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.16299.248_none_8e66fbc1026df8ab\GdiPlus.dll","SUCCESS","SyncType: SyncTypeOther"
"13:32:48,9709913","CondorSetupV2.exe","8896","Load Image","C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.16299.248_none_8e66fbc1026df8ab\GdiPlus.dll","SUCCESS","Image Base: 0x739d0000, Image Size: 0x16b000"
"13:32:48,9710197","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.16299.248_none_8e66fbc1026df8ab\GdiPlus.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9710387","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.16299.248_none_8e66fbc1026df8ab\GdiPlus.dll","SUCCESS","Name: \Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.16299.248_none_8e66fbc1026df8ab\GdiPlus.dll"
"13:32:48,9711096","CondorSetupV2.exe","8896","CloseFile","C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.16299.248_none_8e66fbc1026df8ab\GdiPlus.dll","SUCCESS",""
"13:32:48,9711739","CondorSetupV2.exe","8896","QueryOpen","E:\Program Files (x86)\ASUS\ASUS MultiFrame\WINMM.dll","NAME NOT FOUND",""
"13:32:48,9713490","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\winmm.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9713840","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\SysWOW64\winmm.dll","SUCCESS","CreationTime: 29.09.2017 14:42:08, LastAccessTime: 29.09.2017 14:42:08, LastWriteTime: 29.09.2017 14:42:08, ChangeTime: 19.01.2018 04:59:44, FileAttributes: A"
"13:32:48,9713964","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\winmm.dll","SUCCESS",""
"13:32:48,9714891","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\winmm.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9715292","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\SysWOW64\winmm.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE_READ"
"13:32:48,9715507","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\SysWOW64\winmm.dll","SUCCESS","SyncType: SyncTypeOther"
"13:32:48,9716113","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\winmm.dll","SUCCESS","Image Base: 0x74140000, Image Size: 0x24000"
"13:32:48,9716325","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\winmm.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9716464","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\winmm.dll","SUCCESS","Name: \Windows\SysWOW64\winmm.dll"
"13:32:48,9717309","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\winmm.dll","SUCCESS",""
"13:32:48,9717961","CondorSetupV2.exe","8896","QueryOpen","E:\Program Files (x86)\ASUS\ASUS MultiFrame\WINSPOOL.DRV","NAME NOT FOUND",""
"13:32:48,9719654","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\winspool.drv","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9719962","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\SysWOW64\winspool.drv","SUCCESS","CreationTime: 29.09.2017 14:42:27, LastAccessTime: 29.09.2017 14:42:27, LastWriteTime: 29.09.2017 14:42:27, ChangeTime: 18.01.2018 20:24:14, FileAttributes: A"
"13:32:48,9720071","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\winspool.drv","SUCCESS",""
"13:32:48,9720956","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\winspool.drv","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9721882","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\SysWOW64\winspool.drv","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE_READ"
"13:32:48,9722133","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\SysWOW64\winspool.drv","SUCCESS","SyncType: SyncTypeOther"
"13:32:48,9722863","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\winspool.drv","SUCCESS","Image Base: 0x73d20000, Image Size: 0x6c000"
"13:32:48,9723150","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\winspool.drv","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9723298","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\winspool.drv","SUCCESS","Name: \Windows\SysWOW64\winspool.drv"
"13:32:48,9724282","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\winspool.drv","SUCCESS",""
"13:32:48,9727331","CondorSetupV2.exe","8896","QueryOpen","E:\Program Files (x86)\ASUS\ASUS MultiFrame\WINMMBASE.dll","NAME NOT FOUND",""
"13:32:48,9729115","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\winmmbase.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9729348","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\SysWOW64\winmmbase.dll","SUCCESS","CreationTime: 29.09.2017 14:42:08, LastAccessTime: 29.09.2017 14:42:08, LastWriteTime: 29.09.2017 14:42:08, ChangeTime: 19.01.2018 04:59:44, FileAttributes: A"
"13:32:48,9729456","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\winmmbase.dll","SUCCESS",""
"13:32:48,9730474","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\winmmbase.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9730905","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\SysWOW64\winmmbase.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE_READ"
"13:32:48,9731183","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\SysWOW64\winmmbase.dll","SUCCESS","SyncType: SyncTypeOther"
"13:32:48,9731829","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\winmmbase.dll","SUCCESS","Image Base: 0x740c0000, Image Size: 0x23000"
"13:32:48,9732043","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\winmmbase.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9732179","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\winmmbase.dll","SUCCESS","Name: \Windows\SysWOW64\winmmbase.dll"
"13:32:48,9732873","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\winmmbase.dll","SUCCESS",""
"13:32:48,9734902","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\winmmbase.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9735107","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\SysWOW64\winmmbase.dll","SUCCESS","CreationTime: 29.09.2017 14:42:08, LastAccessTime: 29.09.2017 14:42:08, LastWriteTime: 29.09.2017 14:42:08, ChangeTime: 19.01.2018 04:59:44, FileAttributes: A"
"13:32:48,9735207","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\winmmbase.dll","SUCCESS",""
"13:32:48,9736994","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\winmmbase.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9737178","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\SysWOW64\winmmbase.dll","SUCCESS","CreationTime: 29.09.2017 14:42:08, LastAccessTime: 29.09.2017 14:42:08, LastWriteTime: 29.09.2017 14:42:08, ChangeTime: 19.01.2018 04:59:44, FileAttributes: A"
"13:32:48,9737269","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\winmmbase.dll","SUCCESS",""
"13:32:48,9739038","CondorSetupV2.exe","8896","QueryOpen","E:\Program Files (x86)\ASUS\ASUS MultiFrame\IPHLPAPI.DLL","NAME NOT FOUND",""
"13:32:48,9740526","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\IPHLPAPI.DLL","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9740816","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\SysWOW64\IPHLPAPI.DLL","SUCCESS","CreationTime: 29.09.2017 14:42:14, LastAccessTime: 29.09.2017 14:42:14, LastWriteTime: 29.09.2017 14:42:14, ChangeTime: 19.01.2018 04:59:36, FileAttributes: A"
"13:32:48,9740927","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\IPHLPAPI.DLL","SUCCESS",""
"13:32:48,9741863","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\IPHLPAPI.DLL","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9742265","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\SysWOW64\IPHLPAPI.DLL","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE_READ"
"13:32:48,9742476","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\SysWOW64\IPHLPAPI.DLL","SUCCESS","SyncType: SyncTypeOther"
"13:32:48,9743155","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\IPHLPAPI.DLL","SUCCESS","Image Base: 0x73b60000, Image Size: 0x30000"
"13:32:48,9743376","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\IPHLPAPI.DLL","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9743511","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\IPHLPAPI.DLL","SUCCESS","Name: \Windows\SysWOW64\IPHLPAPI.DLL"
"13:32:48,9744118","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\IPHLPAPI.DLL","SUCCESS",""
"13:32:48,9744749","CondorSetupV2.exe","8896","QueryOpen","E:\Program Files (x86)\ASUS\ASUS MultiFrame\bcrypt.dll","NAME NOT FOUND",""
"13:32:48,9746201","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\bcrypt.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9746545","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\SysWOW64\bcrypt.dll","SUCCESS","CreationTime: 18.01.2018 21:21:10, LastAccessTime: 18.01.2018 21:21:10, LastWriteTime: 18.01.2018 21:21:10, ChangeTime: 14.02.2018 01:34:27, FileAttributes: A"
"13:32:48,9746657","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\bcrypt.dll","SUCCESS",""
"13:32:48,9747496","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\bcrypt.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9747901","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\SysWOW64\bcrypt.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE_READ"
"13:32:48,9748103","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\SysWOW64\bcrypt.dll","SUCCESS","SyncType: SyncTypeOther"
"13:32:48,9748713","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\bcrypt.dll","SUCCESS","Image Base: 0x73dd0000, Image Size: 0x19000"
"13:32:48,9748951","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\bcrypt.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9749129","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\bcrypt.dll","SUCCESS","Name: \Windows\SysWOW64\bcrypt.dll"
"13:32:48,9749709","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\bcrypt.dll","SUCCESS",""
"13:32:48,9754140","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\oleaccrc.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9754554","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\SysWOW64\oleaccrc.dll","SUCCESS","CreationTime: 29.09.2017 14:42:22, LastAccessTime: 29.09.2017 14:42:22, LastWriteTime: 29.09.2017 14:42:22, ChangeTime: 19.01.2018 04:59:39, FileAttributes: A"
"13:32:48,9754684","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\oleaccrc.dll","SUCCESS",""
"13:32:48,9755906","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\oleaccrc.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9756404","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\SysWOW64\oleaccrc.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE_READ"
"13:32:48,9756510","CondorSetupV2.exe","8896","QueryStandardInformationFile","C:\Windows\SysWOW64\oleaccrc.dll","SUCCESS","AllocationSize: 8 192, EndOfFile: 4 608, NumberOfLinks: 2, DeletePending: False, Directory: False"
"13:32:48,9756688","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\SysWOW64\oleaccrc.dll","SUCCESS","SyncType: SyncTypeOther"
"13:32:48,9757005","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\oleaccrc.dll","SUCCESS",""
"13:32:48,9758445","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\WMI\Security\f3a71a4b-6118-4257-8ccb-39a33ba059d4","NAME NOT FOUND","Length: 524"
"13:32:48,9760933","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9761156","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS","CreationTime: 14.02.2018 01:31:21, LastAccessTime: 14.02.2018 01:31:21, LastWriteTime: 10.02.2018 06:22:00, ChangeTime: 14.02.2018 02:22:35, FileAttributes: A"
"13:32:48,9761265","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS",""
"13:32:48,9762050","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\WMI\Security\c69cb70a-3133-4cca-ab0e-046848effcda","NAME NOT FOUND","Length: 524"
"13:32:48,9763320","CondorSetupV2.exe","8896","RegQueryKey","HKLM","SUCCESS","Query: HandleTags, HandleTags: 0x0"
"13:32:48,9763429","CondorSetupV2.exe","8896","RegQueryKey","HKLM","SUCCESS","Query: Name"
"13:32:48,9763634","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\WOW6432Node\Microsoft\OLE\Tracing","REPARSE","Desired Access: Read"
"13:32:48,9763800","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SOFTWARE\Microsoft\Ole\Tracing","NAME NOT FOUND","Desired Access: Read"
"13:32:48,9764154","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\WMI\Security\1aff6089-e863-4d36-bdfd-3581f07440be","NAME NOT FOUND","Length: 524"
"13:32:48,9764458","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\WMI\Security\f0558438-f56a-5987-47da-040ca75aef05","NAME NOT FOUND","Length: 524"
"13:32:48,9766309","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\oleaut32.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9766608","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\SysWOW64\oleaut32.dll","SUCCESS","CreationTime: 29.09.2017 14:42:14, LastAccessTime: 29.09.2017 14:42:14, LastWriteTime: 29.09.2017 14:42:14, ChangeTime: 19.01.2018 04:59:39, FileAttributes: A"
"13:32:48,9766716","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\oleaut32.dll","SUCCESS",""
"13:32:48,9773276","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SYSTEM\CurrentControlSet\Control\Session Manager","REPARSE","Desired Access: Query Value, Enumerate Sub Keys"
"13:32:48,9773448","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager","SUCCESS","Desired Access: Query Value, Enumerate Sub Keys"
"13:32:48,9773593","CondorSetupV2.exe","8896","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Session Manager","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:48,9773669","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\Session Manager\ResourcePolicies","NAME NOT FOUND","Length: 24"
"13:32:48,9773783","CondorSetupV2.exe","8896","RegCloseKey","HKLM\System\CurrentControlSet\Control\Session Manager","SUCCESS",""
"13:32:48,9780672","CondorSetupV2.exe","8896","RegOpenKey","HKCU","SUCCESS","Desired Access: Read"
"13:32:48,9780892","CondorSetupV2.exe","8896","RegCloseKey","HKCU","SUCCESS",""
"13:32:48,9781028","CondorSetupV2.exe","8896","RegOpenKey","HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows","SUCCESS","Desired Access: Read"
"13:32:48,9781191","CondorSetupV2.exe","8896","RegSetInfoKey","HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:48,9781409","CondorSetupV2.exe","8896","RegQueryValue","HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragMinDist","NAME NOT FOUND","Length: 16"
"13:32:48,9781526","CondorSetupV2.exe","8896","RegCloseKey","HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows","SUCCESS",""
"13:32:48,9781701","CondorSetupV2.exe","8896","RegOpenKey","HKCU","SUCCESS","Desired Access: Read"
"13:32:48,9781822","CondorSetupV2.exe","8896","RegCloseKey","HKCU","SUCCESS",""
"13:32:48,9781922","CondorSetupV2.exe","8896","RegOpenKey","HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows","SUCCESS","Desired Access: Read"
"13:32:48,9782024","CondorSetupV2.exe","8896","RegSetInfoKey","HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:48,9782088","CondorSetupV2.exe","8896","RegQueryValue","HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\DragDelay","NAME NOT FOUND","Length: 16"
"13:32:48,9782172","CondorSetupV2.exe","8896","RegCloseKey","HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows","SUCCESS",""
"13:32:48,9796502","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\dwmapi.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9796859","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\SysWOW64\dwmapi.dll","SUCCESS","CreationTime: 29.09.2017 14:42:16, LastAccessTime: 29.09.2017 14:42:16, LastWriteTime: 29.09.2017 14:42:16, ChangeTime: 19.01.2018 04:59:35, FileAttributes: A"
"13:32:48,9796985","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\dwmapi.dll","SUCCESS",""
"13:32:48,9798181","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\dwmapi.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9798655","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\SysWOW64\dwmapi.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE_READ"
"13:32:48,9798896","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\SysWOW64\dwmapi.dll","SUCCESS","SyncType: SyncTypeOther"
"13:32:48,9799645","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\dwmapi.dll","SUCCESS","Image Base: 0x707b0000, Image Size: 0x23000"
"13:32:48,9799865","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\dwmapi.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:48,9800016","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\dwmapi.dll","SUCCESS","Name: \Windows\SysWOW64\dwmapi.dll"
"13:32:48,9800825","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\dwmapi.dll","SUCCESS",""
"13:32:48,9804596","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9804843","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS","CreationTime: 14.02.2018 01:31:21, LastAccessTime: 14.02.2018 01:31:21, LastWriteTime: 10.02.2018 06:22:00, ChangeTime: 14.02.2018 02:22:35, FileAttributes: A"
"13:32:48,9804949","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\KernelBase.dll","SUCCESS",""
"13:32:48,9810624","CondorSetupV2.exe","8896","CreateFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9810856","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","SUCCESS","CreationTime: 26.02.2018 13:32:48, LastAccessTime: 26.02.2018 13:32:48, LastWriteTime: 26.02.2018 13:32:48, ChangeTime: 26.02.2018 13:32:48, FileAttributes: A"
"13:32:48,9810959","CondorSetupV2.exe","8896","CloseFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","SUCCESS",""
"13:32:48,9812456","CondorSetupV2.exe","8896","CreateFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9812631","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","SUCCESS","CreationTime: 26.02.2018 13:32:48, LastAccessTime: 26.02.2018 13:32:48, LastWriteTime: 26.02.2018 13:32:48, ChangeTime: 26.02.2018 13:32:48, FileAttributes: A"
"13:32:48,9812722","CondorSetupV2.exe","8896","CloseFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","SUCCESS",""
"13:32:48,9813283","CondorSetupV2.exe","8896","RegQueryKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options","SUCCESS","Query: HandleTags, HandleTags: 0x400"
"13:32:48,9813395","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CondorSetupV2.tmp","NAME NOT FOUND","Desired Access: Query Value, Enumerate Sub Keys"
"13:32:48,9813576","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\Microsoft\Wow64\x86\xtajit","NAME NOT FOUND","Desired Access: Query Value"
"13:32:48,9814449","CondorSetupV2.exe","8896","CreateFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:48,9815188","CondorSetupV2.exe","8896","WriteFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","SUCCESS","Offset: 0, Length: 720 896, I/O Flags: Non-cached, Paging I/O, Synchronous Paging I/O, Priority: Normal"
"13:32:48,9984346","CondorSetupV2.exe","8896","SetEndOfFileInformationFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","SUCCESS","EndOfFile: 718 848"
"13:32:48,9984612","CondorSetupV2.exe","8896","CreateFileMapping","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","SUCCESS","SyncType: SyncTypeOther"
"13:32:48,9984865","CondorSetupV2.exe","8896","CreateFileMapping","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE|PAGE_NOCACHE"
"13:32:48,9984992","CondorSetupV2.exe","8896","QueryStandardInformationFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","SUCCESS","AllocationSize: 720 896, EndOfFile: 718 848, NumberOfLinks: 1, DeletePending: False, Directory: False"
"13:32:48,9985514","CondorSetupV2.exe","8896","CreateFileMapping","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","SUCCESS","SyncType: SyncTypeOther"
"13:32:48,9985831","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CondorSetupV2.tmp","NAME NOT FOUND","Desired Access: Query Value, Enumerate Sub Keys"
"13:32:48,9986166","CondorSetupV2.exe","8896","QuerySecurityFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","SUCCESS","Information: Label"
"13:32:48,9986477","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","SUCCESS","Name: \Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp"
"13:32:49,1658957","CondorSetupV2.exe","8896","CreateFile","C:","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
"13:32:49,1659238","CondorSetupV2.exe","8896","CloseFile","C:","SUCCESS",""
"13:32:49,1683587","CondorSetupV2.exe","8896","CreateFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp","SUCCESS","Desired Access: Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: D, ShareMode: None, AllocationSize: n/a, OpenResult: Opened"
"13:32:49,1683783","CondorSetupV2.exe","8896","CloseFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp","SUCCESS",""
"13:32:49,1684580","CondorSetupV2.exe","8896","CreateFile","C:","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
"13:32:49,1684834","CondorSetupV2.exe","8896","CloseFile","C:","SUCCESS",""
"13:32:49,1813764","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Services\bam\UserSettings\S-1-5-21-1834999686-790659620-491044530-1001","SUCCESS","Desired Access: All Access"
"13:32:49,1814096","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Services\bam\UserSettings\S-1-5-21-1834999686-790659620-491044530-1001\\Device\HarddiskVolume2\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","NAME NOT FOUND","Length: 40"
"13:32:49,1814461","CondorSetupV2.exe","8896","RegCloseKey","HKLM\System\CurrentControlSet\Services\bam\UserSettings\S-1-5-21-1834999686-790659620-491044530-1001","SUCCESS",""
"13:32:49,1814561","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\BAM","REPARSE","Desired Access: Query Value"
"13:32:49,1814685","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager\BAM","NAME NOT FOUND","Desired Access: Query Value"
"13:32:49,1814944","CondorSetupV2.exe","8896","Process Create","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","SUCCESS","PID: 1376, Command line: ""C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp"" /SL5=""$160952,635852119,62976,H:\Téléchargements\CondorSetupV2.exe"" "
"13:32:49,1815418","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls","REPARSE","Desired Access: Query Value"
"13:32:49,1815509","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls","NAME NOT FOUND","Desired Access: Query Value"
"13:32:49,1815645","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\SafeBoot\Option","REPARSE","Desired Access: Query Value, Set Value"
"13:32:49,1815711","CondorSetupV2.exe","8896","RegOpenKey","HKLM\System\CurrentControlSet\Control\SafeBoot\Option","NAME NOT FOUND","Desired Access: Query Value, Set Value"
"13:32:49,1815826","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\Safer\CodeIdentifiers","REPARSE","Desired Access: Query Value"
"13:32:49,1816007","CondorSetupV2.exe","8896","RegOpenKey","HKLM\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers","SUCCESS","Desired Access: Query Value"
"13:32:49,1816125","CondorSetupV2.exe","8896","RegSetInfoKey","HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:49,1816179","CondorSetupV2.exe","8896","RegQueryValue","HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\TransparentEnabled","NAME NOT FOUND","Length: 80"
"13:32:49,1816233","CondorSetupV2.exe","8896","RegQueryValue","HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\AuthenticodeEnabled","SUCCESS","Type: REG_DWORD, Length: 4, Data: 0"
"13:32:49,1816318","CondorSetupV2.exe","8896","RegCloseKey","HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers","SUCCESS",""
"13:32:49,1816463","CondorSetupV2.exe","8896","RegOpenKey","HKCU\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers","NAME NOT FOUND","Desired Access: Query Value"
"13:32:49,1817160","CondorSetupV2.exe","8896","RegOpenKey","HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders","SUCCESS","Desired Access: Query Value"
"13:32:49,1817275","CondorSetupV2.exe","8896","RegSetInfoKey","HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:49,1817332","CondorSetupV2.exe","8896","RegQueryValue","HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache","SUCCESS","Type: REG_SZ, Length: 148, Data: C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Microsoft\Windows\INetCache"
"13:32:49,1817441","CondorSetupV2.exe","8896","RegCloseKey","HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders","SUCCESS",""
"13:32:49,1817537","CondorSetupV2.exe","8896","RegOpenKey","HKCU\Software\Microsoft\Windows NT\CurrentVersion","SUCCESS","Desired Access: Enumerate Sub Keys"
"13:32:49,1817631","CondorSetupV2.exe","8896","RegSetInfoKey","HKCU\Software\Microsoft\Windows NT\CurrentVersion","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:49,1817719","CondorSetupV2.exe","8896","RegQueryKey","HKCU\Software\Microsoft\Windows NT\CurrentVersion","SUCCESS","Query: HandleTags, HandleTags: 0x400"
"13:32:49,1817773","CondorSetupV2.exe","8896","RegOpenKey","HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers","SUCCESS","Desired Access: Query Value"
"13:32:49,1817857","CondorSetupV2.exe","8896","RegSetInfoKey","HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:49,1817906","CondorSetupV2.exe","8896","RegQueryValue","HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","NAME NOT FOUND","Length: 16"
"13:32:49,1817972","CondorSetupV2.exe","8896","RegCloseKey","HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers","SUCCESS",""
"13:32:49,1818271","CondorSetupV2.exe","8896","QuerySecurityFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","SUCCESS","Information: Owner, Group, DACL, SACL, Label, Attribute, Process Trust Label, 0x100"
"13:32:49,1819113","CondorSetupV2.exe","8896","CreateFile","C:\Windows\apppatch\sysmain.sdb","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
"13:32:49,1819497","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\apppatch\sysmain.sdb","SUCCESS","CreationTime: 14.02.2018 01:31:32, LastAccessTime: 14.02.2018 01:31:32, LastWriteTime: 10.02.2018 10:42:56, ChangeTime: 14.02.2018 02:20:15, FileAttributes: A"
"13:32:49,1819584","CondorSetupV2.exe","8896","CloseFile","C:\Windows\apppatch\sysmain.sdb","SUCCESS",""
"13:32:49,1820333","CondorSetupV2.exe","8896","CreateFile","C:\Windows\apppatch\sysmain.sdb","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
"13:32:49,1820638","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\apppatch\sysmain.sdb","SUCCESS","CreationTime: 14.02.2018 01:31:32, LastAccessTime: 14.02.2018 01:31:32, LastWriteTime: 10.02.2018 10:42:56, ChangeTime: 14.02.2018 02:20:15, FileAttributes: A"
"13:32:49,1820719","CondorSetupV2.exe","8896","CloseFile","C:\Windows\apppatch\sysmain.sdb","SUCCESS",""
"13:32:49,1820934","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","SUCCESS","CreationTime: 26.02.2018 13:32:48, LastAccessTime: 26.02.2018 13:32:48, LastWriteTime: 26.02.2018 13:32:48, ChangeTime: 26.02.2018 13:32:48, FileAttributes: A"
"13:32:49,1821323","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","SUCCESS","CreationTime: 26.02.2018 13:32:48, LastAccessTime: 26.02.2018 13:32:48, LastWriteTime: 26.02.2018 13:32:48, ChangeTime: 26.02.2018 13:32:48, FileAttributes: A"
"13:32:49,1821420","CondorSetupV2.exe","8896","QuerySecurityFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","SUCCESS","Information: Owner"
"13:32:49,1821552","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","SUCCESS","Name: \Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp"
"13:32:49,1822986","CondorSetupV2.exe","8896","CreateFile","C:\Windows\apppatch\sysmain.sdb","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:49,1823309","CondorSetupV2.exe","8896","QueryStandardInformationFile","C:\Windows\apppatch\sysmain.sdb","SUCCESS","AllocationSize: 3 952 640, EndOfFile: 3 951 364, NumberOfLinks: 2, DeletePending: False, Directory: False"
"13:32:49,1823400","CondorSetupV2.exe","8896","QueryStandardInformationFile","C:\Windows\apppatch\sysmain.sdb","SUCCESS","AllocationSize: 3 952 640, EndOfFile: 3 951 364, NumberOfLinks: 2, DeletePending: False, Directory: False"
"13:32:49,1823505","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\apppatch\sysmain.sdb","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE_READ"
"13:32:49,1823602","CondorSetupV2.exe","8896","QueryStandardInformationFile","C:\Windows\apppatch\sysmain.sdb","SUCCESS","AllocationSize: 3 952 640, EndOfFile: 3 951 364, NumberOfLinks: 2, DeletePending: False, Directory: False"
"13:32:49,1823756","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\apppatch\sysmain.sdb","SUCCESS","SyncType: SyncTypeOther"
"13:32:49,1825130","CondorSetupV2.exe","8896","QueryStandardInformationFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","SUCCESS","AllocationSize: 720 896, EndOfFile: 718 848, NumberOfLinks: 1, DeletePending: False, Directory: False"
"13:32:49,1825377","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers","SUCCESS","Desired Access: Read"
"13:32:49,1825564","CondorSetupV2.exe","8896","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","NAME NOT FOUND","Length: 1 024"
"13:32:49,1825652","CondorSetupV2.exe","8896","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers","SUCCESS",""
"13:32:49,1825754","CondorSetupV2.exe","8896","RegOpenKey","HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers","SUCCESS","Desired Access: Read"
"13:32:49,1825845","CondorSetupV2.exe","8896","RegQueryValue","HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","NAME NOT FOUND","Length: 1 024"
"13:32:49,1825917","CondorSetupV2.exe","8896","RegCloseKey","HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers","SUCCESS",""
"13:32:49,1825990","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\CondorSetupV2.tmp","NAME NOT FOUND","Desired Access: Read"
"13:32:49,1826397","CondorSetupV2.exe","8896","QueryStandardInformationFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","SUCCESS","AllocationSize: 720 896, EndOfFile: 718 848, NumberOfLinks: 1, DeletePending: False, Directory: False"
"13:32:49,1826621","CondorSetupV2.exe","8896","CreateFileMapping","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE|PAGE_NOCACHE"
"13:32:49,1826726","CondorSetupV2.exe","8896","QueryStandardInformationFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","SUCCESS","AllocationSize: 720 896, EndOfFile: 718 848, NumberOfLinks: 1, DeletePending: False, Directory: False"
"13:32:49,1827004","CondorSetupV2.exe","8896","CreateFileMapping","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","SUCCESS","SyncType: SyncTypeOther"
"13:32:49,1830002","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS","Desired Access: Read"
"13:32:49,1830132","CondorSetupV2.exe","8896","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\{a9f603c2-b224-4a07-b6ea-a2bcc1a51297}","NAME NOT FOUND","Length: 20"
"13:32:49,1830325","CondorSetupV2.exe","8896","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS",""
"13:32:49,1830412","CondorSetupV2.exe","8896","RegOpenKey","HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS","Desired Access: Read"
"13:32:49,1830518","CondorSetupV2.exe","8896","RegQueryValue","HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\{a9f603c2-b224-4a07-b6ea-a2bcc1a51297}","NAME NOT FOUND","Length: 20"
"13:32:49,1830596","CondorSetupV2.exe","8896","RegCloseKey","HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS",""
"13:32:49,1832906","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS","Desired Access: Read"
"13:32:49,1832999","CondorSetupV2.exe","8896","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\{35bf919e-0495-48df-8e74-456384e34e74}","NAME NOT FOUND","Length: 20"
"13:32:49,1833084","CondorSetupV2.exe","8896","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS",""
"13:32:49,1833165","CondorSetupV2.exe","8896","RegOpenKey","HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS","Desired Access: Read"
"13:32:49,1833567","CondorSetupV2.exe","8896","RegQueryValue","HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\{35bf919e-0495-48df-8e74-456384e34e74}","NAME NOT FOUND","Length: 20"
"13:32:49,1833694","CondorSetupV2.exe","8896","RegCloseKey","HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS",""
"13:32:49,1834551","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS","Desired Access: Read"
"13:32:49,1834636","CondorSetupV2.exe","8896","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\{6b39d1b2-7883-4648-94bf-bd5109b4ac48}","NAME NOT FOUND","Length: 20"
"13:32:49,1834711","CondorSetupV2.exe","8896","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS",""
"13:32:49,1834889","CondorSetupV2.exe","8896","RegOpenKey","HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS","Desired Access: Read"
"13:32:49,1834977","CondorSetupV2.exe","8896","RegQueryValue","HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\{6b39d1b2-7883-4648-94bf-bd5109b4ac48}","NAME NOT FOUND","Length: 20"
"13:32:49,1835049","CondorSetupV2.exe","8896","RegCloseKey","HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS",""
"13:32:49,1838376","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS","Desired Access: Read"
"13:32:49,1838466","CondorSetupV2.exe","8896","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\{307a29ff-ad8d-4ecc-8869-11273cdbf47d}","NAME NOT FOUND","Length: 20"
"13:32:49,1838545","CondorSetupV2.exe","8896","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS",""
"13:32:49,1838623","CondorSetupV2.exe","8896","RegOpenKey","HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS","Desired Access: Read"
"13:32:49,1838711","CondorSetupV2.exe","8896","RegQueryValue","HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\{307a29ff-ad8d-4ecc-8869-11273cdbf47d}","NAME NOT FOUND","Length: 20"
"13:32:49,1838786","CondorSetupV2.exe","8896","RegCloseKey","HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS",""
"13:32:49,1841778","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS","Desired Access: Read"
"13:32:49,1841968","CondorSetupV2.exe","8896","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\{a9f603c2-b224-4a07-b6ea-a2bcc1a51297}","NAME NOT FOUND","Length: 20"
"13:32:49,1842059","CondorSetupV2.exe","8896","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS",""
"13:32:49,1842134","CondorSetupV2.exe","8896","RegOpenKey","HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS","Desired Access: Read"
"13:32:49,1842222","CondorSetupV2.exe","8896","RegQueryValue","HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\{a9f603c2-b224-4a07-b6ea-a2bcc1a51297}","NAME NOT FOUND","Length: 20"
"13:32:49,1842294","CondorSetupV2.exe","8896","RegCloseKey","HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS",""
"13:32:49,1844443","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS","Desired Access: Read"
"13:32:49,1844525","CondorSetupV2.exe","8896","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\{35bf919e-0495-48df-8e74-456384e34e74}","NAME NOT FOUND","Length: 20"
"13:32:49,1844600","CondorSetupV2.exe","8896","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS",""
"13:32:49,1844775","CondorSetupV2.exe","8896","RegOpenKey","HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS","Desired Access: Read"
"13:32:49,1844866","CondorSetupV2.exe","8896","RegQueryValue","HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\{35bf919e-0495-48df-8e74-456384e34e74}","NAME NOT FOUND","Length: 20"
"13:32:49,1844938","CondorSetupV2.exe","8896","RegCloseKey","HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS",""
"13:32:49,1845814","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS","Desired Access: Read"
"13:32:49,1845898","CondorSetupV2.exe","8896","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\{6b39d1b2-7883-4648-94bf-bd5109b4ac48}","NAME NOT FOUND","Length: 20"
"13:32:49,1845971","CondorSetupV2.exe","8896","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS",""
"13:32:49,1846046","CondorSetupV2.exe","8896","RegOpenKey","HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS","Desired Access: Read"
"13:32:49,1846128","CondorSetupV2.exe","8896","RegQueryValue","HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\{6b39d1b2-7883-4648-94bf-bd5109b4ac48}","NAME NOT FOUND","Length: 20"
"13:32:49,1846197","CondorSetupV2.exe","8896","RegCloseKey","HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS",""
"13:32:49,1849630","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS","Desired Access: Read"
"13:32:49,1849732","CondorSetupV2.exe","8896","RegQueryValue","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\{307a29ff-ad8d-4ecc-8869-11273cdbf47d}","NAME NOT FOUND","Length: 20"
"13:32:49,1849814","CondorSetupV2.exe","8896","RegCloseKey","HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS",""
"13:32:49,1849898","CondorSetupV2.exe","8896","RegOpenKey","HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS","Desired Access: Read"
"13:32:49,1850016","CondorSetupV2.exe","8896","RegQueryValue","HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\{307a29ff-ad8d-4ecc-8869-11273cdbf47d}","NAME NOT FOUND","Length: 20"
"13:32:49,1850091","CondorSetupV2.exe","8896","RegCloseKey","HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS",""
"13:32:49,1850825","CondorSetupV2.exe","8896","CloseFile","C:\Windows\apppatch\sysmain.sdb","SUCCESS",""
"13:32:49,1851519","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","SUCCESS","CreationTime: 26.02.2018 13:32:48, LastAccessTime: 26.02.2018 13:32:48, LastWriteTime: 26.02.2018 13:32:48, ChangeTime: 26.02.2018 13:32:48, FileAttributes: A"
"13:32:49,1851945","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\SideBySide","NAME NOT FOUND","Desired Access: Read"
"13:32:49,1961498","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\apphelp.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:49,1961815","CondorSetupV2.exe","8896","QueryBasicInformationFile","C:\Windows\SysWOW64\apphelp.dll","SUCCESS","CreationTime: 18.01.2018 21:21:46, LastAccessTime: 18.01.2018 21:21:46, LastWriteTime: 18.01.2018 21:21:46, ChangeTime: 14.02.2018 01:34:27, FileAttributes: A"
"13:32:49,1961920","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\apphelp.dll","SUCCESS",""
"13:32:49,1962787","CondorSetupV2.exe","8896","CreateFile","C:\Windows\SysWOW64\apphelp.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:49,1963188","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\SysWOW64\apphelp.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE_READ|PAGE_NOCACHE"
"13:32:49,1963400","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\SysWOW64\apphelp.dll","SUCCESS","SyncType: SyncTypeOther"
"13:32:49,1964160","CondorSetupV2.exe","8896","Load Image","C:\Windows\SysWOW64\apphelp.dll","SUCCESS","Image Base: 0x70b20000, Image Size: 0x9a000"
"13:32:49,1964447","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\apphelp.dll","BUFFER OVERFLOW","Name: \Windo"
"13:32:49,1964610","CondorSetupV2.exe","8896","QueryNameInformationFile","C:\Windows\SysWOW64\apphelp.dll","SUCCESS","Name: \Windows\SysWOW64\apphelp.dll"
"13:32:49,1966135","CondorSetupV2.exe","8896","CloseFile","C:\Windows\SysWOW64\apphelp.dll","SUCCESS",""
"13:32:49,1966844","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\WMI\Security\8ccca27d-f1d8-4dda-b5dd-339aee937731","NAME NOT FOUND","Length: 524"
"13:32:49,1967674","CondorSetupV2.exe","8896","RegOpenKey","HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS","Desired Access: Query Value"
"13:32:49,1967891","CondorSetupV2.exe","8896","RegSetInfoKey","HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:49,1967961","CondorSetupV2.exe","8896","RegQueryValue","HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\LogFlags","NAME NOT FOUND","Length: 20"
"13:32:49,1968042","CondorSetupV2.exe","8896","RegCloseKey","HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags","SUCCESS",""
"13:32:49,1968251","CondorSetupV2.exe","8896","RegQueryValue","HKLM\System\CurrentControlSet\Control\WMI\Security\18608e62-a628-49d9-8c02-55972e097d24","NAME NOT FOUND","Length: 524"
"13:32:49,1969594","CondorSetupV2.exe","8896","CreateFile","C:\Windows\apppatch\sysmain.sdb","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:49,1970032","CondorSetupV2.exe","8896","QueryStandardInformationFile","C:\Windows\apppatch\sysmain.sdb","SUCCESS","AllocationSize: 3 952 640, EndOfFile: 3 951 364, NumberOfLinks: 2, DeletePending: False, Directory: False"
"13:32:49,1970119","CondorSetupV2.exe","8896","QueryStandardInformationFile","C:\Windows\apppatch\sysmain.sdb","SUCCESS","AllocationSize: 3 952 640, EndOfFile: 3 951 364, NumberOfLinks: 2, DeletePending: False, Directory: False"
"13:32:49,1970213","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\apppatch\sysmain.sdb","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE_READ|PAGE_NOCACHE"
"13:32:49,1970297","CondorSetupV2.exe","8896","QueryStandardInformationFile","C:\Windows\apppatch\sysmain.sdb","SUCCESS","AllocationSize: 3 952 640, EndOfFile: 3 951 364, NumberOfLinks: 2, DeletePending: False, Directory: False"
"13:32:49,1970723","CondorSetupV2.exe","8896","CreateFileMapping","C:\Windows\apppatch\sysmain.sdb","SUCCESS","SyncType: SyncTypeOther"
"13:32:49,1971484","CondorSetupV2.exe","8896","CloseFile","C:\Windows\apppatch\sysmain.sdb","SUCCESS",""
"13:32:49,1972235","CondorSetupV2.exe","8896","CloseFile","C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp\is-VUNG3.tmp\CondorSetupV2.tmp","SUCCESS",""
"13:32:56,2751914","CondorSetupV2.exe","11460","Process Start","","SUCCESS","Parent PID: 1376, Command line: ""H:\Téléchargements\CondorSetupV2.exe"" /SPAWNWND=$5408DA /NOTIFYWND=$160952 , Current directory: H:\Téléchargements\, Environment: 
;	ALLUSERSPROFILE=C:\ProgramData
;	APPDATA=C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Roaming
;	asl.log=Destination=file
;	CommonProgramFiles=C:\Program Files\Common Files
;	CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files
;	CommonProgramW6432=C:\Program Files\Common Files
;	COMPUTERNAME=DESKTOP-T5RJH6O
;	ComSpec=C:\WINDOWS\system32\cmd.exe
;	HOMEDRIVE=C:
;	HOMEPATH=\Users\Michel.DESKTOP-T5RJH6O
;	LOCALAPPDATA=C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local
;	LOGONSERVER=\\DESKTOP-T5RJH6O
;	NUMBER_OF_PROCESSORS=4
;	OneDrive=C:\Users\Michel.DESKTOP-T5RJH6O\OneDrive
;	OS=Windows_NT
;	Path=C:\Program Files (x86)\PC Connectivity Solution\;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Calibre2\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;e:\Program Files (x86)\GNU\GnuPG\pub;E:\Program Files (x86)\Skype\Phone\;E:\Program Files (x86)\AOMEI Backupper;C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Microsoft\WindowsApps
;	PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
;	PROCESSOR_ARCHITECTURE=AMD64
;	PROCESSOR_IDENTIFIER=Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
;	PROCESSOR_LEVEL=6
;	PROCESSOR_REVISION=3c03
;	ProgramData=C:\ProgramData
;	ProgramFiles=C:\Program Files
;	ProgramFiles(x86)=C:\Program Files (x86)
;	ProgramW6432=C:\Program Files
;	PSModulePath=C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\
;	PUBLIC=C:\Users\Public
;	SystemDrive=C:
;	SystemRoot=C:\WINDOWS
;	TEMP=C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp
;	TMP=C:\Users\Michel.DESKTOP-T5RJH6O\AppData\Local\Temp
;	USERDOMAIN=DESKTOP-T5RJH6O
;	USERDOMAIN_ROAMINGPROFILE=DESKTOP-T5RJH6O
;	USERNAME=Michel
;	USERPROFILE=C:\Users\Michel.DESKTOP-T5RJH6O
;	windir=C:\WINDOWS
;	_JAVA_OPTIONS=-Xmx512M"
"13:32:56,2751959","CondorSetupV2.exe","11460","Thread Create","","SUCCESS","Thread ID: 10288"
"13:32:56,3249313","CondorSetupV2.exe","11460","Load Image","H:\Téléchargements\CondorSetupV2.exe","SUCCESS","Image Base: 0x400000, Image Size: 0x16000"
"13:32:56,3249784","CondorSetupV2.exe","11460","Load Image","C:\Windows\System32\ntdll.dll","SUCCESS","Image Base: 0x7ffb71c70000, Image Size: 0x1e0000"
"13:32:56,3250116","CondorSetupV2.exe","11460","Load Image","C:\Windows\SysWOW64\ntdll.dll","SUCCESS","Image Base: 0x779b0000, Image Size: 0x18d000"
"13:32:56,3251263","CondorSetupV2.exe","11460","RegOpenKey","HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Segment Heap","REPARSE","Desired Access: Query Value"
"13:32:56,3251468","CondorSetupV2.exe","11460","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager\Segment Heap","NAME NOT FOUND","Desired Access: Query Value"
"13:32:56,3251846","CondorSetupV2.exe","11460","RegOpenKey","HKLM\SYSTEM\CurrentControlSet\Control\Session Manager","REPARSE","Desired Access: Query Value, Enumerate Sub Keys"
"13:32:56,3251930","CondorSetupV2.exe","11460","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager","SUCCESS","Desired Access: Query Value, Enumerate Sub Keys"
"13:32:56,3252066","CondorSetupV2.exe","11460","RegQueryValue","HKLM\System\CurrentControlSet\Control\Session Manager\ResourcePolicies","NAME NOT FOUND","Length: 24"
"13:32:56,3252157","CondorSetupV2.exe","11460","RegCloseKey","HKLM\System\CurrentControlSet\Control\Session Manager","SUCCESS",""
"13:32:56,3254765","CondorSetupV2.exe","11460","CreateFile","C:\Windows","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
"13:32:56,3255846","CondorSetupV2.exe","11460","Load Image","C:\Windows\System32\wow64.dll","SUCCESS","Image Base: 0x6c240000, Image Size: 0x51000"
"13:32:56,3256673","CondorSetupV2.exe","11460","Load Image","C:\Windows\System32\wow64win.dll","SUCCESS","Image Base: 0x6c2a0000, Image Size: 0x76000"
"13:32:56,3259272","CondorSetupV2.exe","11460","CreateFile","C:\Windows\System32\wow64log.dll","NAME NOT FOUND","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a"
"13:32:56,3260757","CondorSetupV2.exe","11460","Load Image","C:\Windows\System32\kernel32.dll","SUCCESS","Image Base: 0x2430000, Image Size: 0xae000"
"13:32:56,3262013","CondorSetupV2.exe","11460","Load Image","C:\Windows\SysWOW64\kernel32.dll","SUCCESS","Image Base: 0x76ac0000, Image Size: 0xd0000"
"13:32:56,3263208","CondorSetupV2.exe","11460","Load Image","C:\Windows\System32\user32.dll","SUCCESS","Image Base: 0x2430000, Image Size: 0x18f000"
"13:32:56,3264090","CondorSetupV2.exe","11460","CreateFile","C:\Windows","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"13:32:56,3264349","CondorSetupV2.exe","11460","QueryNameInformationFile","C:\Windows","SUCCESS","Name: \Windows"
"13:32:56,3264446","CondorSetupV2.exe","11460","CloseFile","C:\Windows","SUCCESS",""
"13:32:56,3264838","CondorSetupV2.exe","11460","RegOpenKey","HKLM\Software\Microsoft\Wow64\x86","SUCCESS","Desired Access: Read"
"13:32:56,3265053","CondorSetupV2.exe","11460","RegQueryValue","HKLM\SOFTWARE\Microsoft\Wow64\x86\CondorSetupV2.exe","NAME NOT FOUND","Length: 520"
"13:32:56,3265101","CondorSetupV2.exe","11460","RegQueryValue","HKLM\SOFTWARE\Microsoft\Wow64\x86\(Default)","SUCCESS","Type: REG_SZ, Length: 26, Data: wow64cpu.dll"
"13:32:56,3265176","CondorSetupV2.exe","11460","RegCloseKey","HKLM\SOFTWARE\Microsoft\Wow64\x86","SUCCESS",""
"13:32:56,3266197","CondorSetupV2.exe","11460","Load Image","C:\Windows\System32\wow64cpu.dll","SUCCESS","Image Base: 0x6c230000, Image Size: 0xa000"
"13:32:56,3268099","CondorSetupV2.exe","11460","RegOpenKey","HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Segment Heap","REPARSE","Desired Access: Query Value"
"13:32:56,3268204","CondorSetupV2.exe","11460","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager\Segment Heap","NAME NOT FOUND","Desired Access: Query Value"
"13:32:56,3268533","CondorSetupV2.exe","11460","RegOpenKey","HKLM\SYSTEM\CurrentControlSet\Control\Session Manager","REPARSE","Desired Access: Query Value, Enumerate Sub Keys"
"13:32:56,3268600","CondorSetupV2.exe","11460","RegOpenKey","HKLM\System\CurrentControlSet\Control\Session Manager","SUCCESS","Desired Access: Query Value, Enumerate Sub Keys"
"13:32:56,3268696","CondorSetupV2.exe","11460","RegSetInfoKey","HKLM\System\CurrentControlSet\Control\Session Manager","SUCCESS","KeySetInformationClass: KeySetHandleTagsInformation, Length: 0"
"13:32:56,3268748","CondorSetupV2.exe","11460","RegQueryValue","HKLM\System\CurrentControlSet\Control\Session Manager\ResourcePolicies","NAME NOT FOUND","Length: 24"
"13:32:56,3268826","CondorSetupV2.exe","11460","RegCloseKey","HKLM\System\CurrentControlSet\Control\Session Manager","SUCCESS",""
"13:32:56,3270628","CondorSetupV2.exe","11460","CreateFile","H:\Téléchargements","SUCCESS","Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
"13:32:56,3271519","CondorSetupV2.exe","11460","Load Image","C:\Windows\SysWOW64\kernel32.dll","SUCCESS","Image Base: 0x76ac0000, Image Size: 0xd0000"



Partager le fichier

Télécharger CondorSetupV2.exe.CSV

Télécharger le fichier (359 Ko)