890	3:38:15 PM	explorer.exe:1776	QUERY INFORMATION	C:\orgplay02b\orgplay.exe	SUCCESS	Attributes: A	
891	3:38:15 PM	explorer.exe:1776	OPEN	C:\orgplay02b\orgplay.exe	SUCCESS	Options: Open  Access: 00100020	
892	3:38:15 PM	explorer.exe:1776	QUERY INFORMATION	C:\orgplay02b\orgplay.exe	SUCCESS	Length: 341278	
893	3:38:15 PM	explorer.exe:1776	CLOSE	C:\orgplay02b\orgplay.exe	SUCCESS		
894	3:38:15 PM	explorer.exe:1776	QUERY INFORMATION	C:\orgplay02b\orgplay.exe	SUCCESS	Attributes: A	
895	3:38:15 PM	explorer.exe:1776	OPEN	C:\orgplay02b\orgplay.exe	SUCCESS	Options: Open  Access: Read	
896	3:38:15 PM	explorer.exe:1776	QUERY INFORMATION	C:\orgplay02b\orgplay.exe	SUCCESS	Length: 341278	
897	3:38:15 PM	explorer.exe:1776	CLOSE	C:\orgplay02b\orgplay.exe	SUCCESS		
898	3:38:15 PM	explorer.exe:1776	QUERY INFORMATION	C:\orgplay02b\orgplay.exe	SUCCESS	Attributes: A	
899	3:38:15 PM	explorer.exe:1776	OPEN	C:\orgplay02b\orgplay.exe	SUCCESS	Options: Open  Access: 00100020	
900	3:38:15 PM	explorer.exe:1776	QUERY INFORMATION	C:\orgplay02b\orgplay.exe	SUCCESS	Length: 341278	
901	3:38:15 PM	explorer.exe:1776	CLOSE	C:\orgplay02b\orgplay.exe	SUCCESS		
902	3:38:15 PM	explorer.exe:1776	QUERY INFORMATION	C:\orgplay02b\orgplay.exe	SUCCESS	Attributes: A	
903	3:38:15 PM	explorer.exe:1776	OPEN	C:\orgplay02b\orgplay.exe	SUCCESS	Options: Open  Access: Read	
904	3:38:15 PM	explorer.exe:1776	QUERY INFORMATION	C:\orgplay02b\orgplay.exe	SUCCESS	Length: 341278	
905	3:38:15 PM	explorer.exe:1776	CLOSE	C:\orgplay02b\orgplay.exe	SUCCESS		
906	3:38:15 PM	explorer.exe:1776	QUERY INFORMATION	C:\orgplay02b\orgplay.exe	SUCCESS	Attributes: A	
908	3:38:15 PM	explorer.exe:1776	QUERY INFORMATION	C:\orgplay02b\orgplay.exe	SUCCESS	Attributes: A	
909	3:38:15 PM	explorer.exe:1776	QUERY INFORMATION	C:\orgplay02b\orgplay.exe	SUCCESS	Attributes: A	
910	3:38:15 PM	explorer.exe:1776	QUERY INFORMATION	C:\orgplay02b\orgplay.exe:Zone.Identifier	NOT FOUND	Attributes: Error	
911	3:38:15 PM	explorer.exe:1776	QUERY INFORMATION	C:\orgplay02b\orgplay.exe	SUCCESS	Attributes: A	
912	3:38:15 PM	explorer.exe:1776	OPEN	C:\orgplay02b\orgplay.exe	SUCCESS	Options: Open  Access: 001000A1	
913	3:38:15 PM	explorer.exe:1776	QUERY INFORMATION	C:\orgplay02b\orgplay.exe	SUCCESS	Attributes: A	
914	3:38:15 PM	explorer.exe:1776	QUERY INFORMATION	C:\orgplay02b\orgplay.exe	SUCCESS	Length: 341278	
915	3:38:15 PM	explorer.exe:1776	OPEN	C:\orgplay02b\orgplay.exe.Manifest	NOT FOUND	Options: Open  Access: 001200A9	
916	3:38:15 PM	explorer.exe:1776	CLOSE	C:\orgplay02b\orgplay.exe	SUCCESS		
917	3:38:15 PM	orgplay.exe:136	OPEN	C:\orgplay02b	SUCCESS	Options: Open Directory  Access: 00100020	
918	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\orgplay.exe.Local	NOT FOUND	Attributes: Error	
919	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\CNCS32.dll	SUCCESS	Attributes: A	
920	3:38:15 PM	orgplay.exe:136	OPEN	C:\orgplay02b\CNCS32.dll	SUCCESS	Options: Open  Access: 00100021	
921	3:38:15 PM	orgplay.exe:136	CLOSE	C:\orgplay02b\CNCS32.dll	SUCCESS		
922	3:38:15 PM	orgplay.exe:136	READ 	C:	SUCCESS	Offset: 161792 Length: 3072	
923	3:38:15 PM	orgplay.exe:136	READ 	C:	SUCCESS	Offset: 155648 Length: 6144	
924	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\orgplay.exe.Local\	NOT FOUND	Attributes: Error	
925	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.5190_x-ww_D21E1F39	SUCCESS	Attributes: D	
926	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.5190_x-ww_D21E1F39	SUCCESS	Options: Open Directory  Access: 00100020	
927	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.5190_x-ww_D21E1F39\COMCTL32.dll	SUCCESS	Options: Open  Access: 00100021	
928	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_5.82.3790.5190_x-ww_D21E1F39\COMCTL32.dll	SUCCESS		
929	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\WINMM.dll	NOT FOUND	Attributes: Error	
930	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\WINMM.dll	SUCCESS	Attributes: A	
931	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\WINMM.dll	SUCCESS	Options: Open  Access: 00100021	
932	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\WINMM.dll	SUCCESS		
933	3:38:15 PM	orgplay.exe:136	READ 	C:	SUCCESS	Offset: 135168 Length: 7680	
934	3:38:15 PM	orgplay.exe:136	OPEN	C:\orgplay02b\orgplay.exe	SUCCESS	Options: Open  Access: 00100001	
935	3:38:15 PM	orgplay.exe:136	READ 	C:\orgplay02b\orgplay.exe	SUCCESS	Offset: 341274 Length: 4	
936	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.exe	SUCCESS	Offset: 341266 Length: 8	
937	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.exe	SUCCESS	Offset: 0 Length: 4	
938	3:38:15 PM	orgplay.exe:136	CLOSE	C:\orgplay02b\orgplay.exe	SUCCESS		
939	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\IMM32.DLL	SUCCESS	Attributes: A	
940	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\IMM32.DLL	SUCCESS	Options: Open  Access: 00100020	
941	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\IMM32.DLL	SUCCESS	Length: 110592	
942	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\IMM32.DLL	SUCCESS		
943	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\IMM32.DLL	SUCCESS	Attributes: A	
944	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\IMM32.DLL	SUCCESS	Options: Open  Access: 00100020	
945	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\IMM32.DLL	SUCCESS	Length: 110592	
946	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\IMM32.DLL	SUCCESS		
947	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\IMM32.DLL	SUCCESS	Attributes: A	
948	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\IMM32.DLL	SUCCESS	Options: Open  Access: 00100021	
949	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\IMM32.DLL	SUCCESS		
950	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\IMM32.DLL	SUCCESS	Attributes: A	
951	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\IMM32.DLL	SUCCESS	Attributes: A	
952	3:38:15 PM	orgplay.exe:136	READ 	C:\WINDOWS\system32\config\system	SUCCESS	Offset: 262144 Length: 4096	
953	3:38:15 PM	orgplay.exe:136	READ 	C:	SUCCESS	Offset: 103424 Length: 29696	
954	3:38:15 PM	orgplay.exe:136	READ 	C:	SUCCESS	Offset: 142848 Length: 12800	
955	3:38:15 PM	orgplay.exe:136	READ 	C:	SUCCESS	Offset: 9216 Length: 32768	
956	3:38:15 PM	orgplay.exe:136	READ 	C:	SUCCESS	Offset: 58368 Length: 32768	
957	3:38:15 PM	orgplay.exe:136	READ 	C:	SUCCESS	Offset: 41984 Length: 16384	
958	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\CNCS32.dll	SUCCESS	Attributes: A	
959	3:38:15 PM	orgplay.exe:136	READ 	C:	SUCCESS	Offset: 1024 Length: 8192	
960	3:38:15 PM	orgplay.exe:136	OPEN	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\	SUCCESS	Options: Open Directory  Access: 00100020	
961	3:38:15 PM	orgplay.exe:136	CLOSE	C:\orgplay02b	SUCCESS		
962	3:38:15 PM	orgplay.exe:136	OPEN	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\	SUCCESS	Options: Open Directory  Access: 00100001	
963	3:38:15 PM	orgplay.exe:136	DIRECTORY	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\	NO SUCH FILE	FileBothDirectoryInformation: gfc*.GOX	
964	3:38:15 PM	orgplay.exe:136	READ 	C:	SUCCESS	Offset: 20480 Length: 4096	
965	3:38:15 PM	orgplay.exe:136	READ 	C:	SUCCESS	Offset: 45056 Length: 4096	
966	3:38:15 PM	orgplay.exe:136	CLOSE	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\	SUCCESS		
967	3:38:15 PM	orgplay.exe:136	OPEN	C:\orgplay02b	SUCCESS	Options: Open Directory  Access: 00100020	
968	3:38:15 PM	orgplay.exe:136	CLOSE	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\	SUCCESS		
969	3:38:15 PM	orgplay.exe:136	OPEN	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\	SUCCESS	Options: Open Directory  Access: 00100020	
970	3:38:15 PM	orgplay.exe:136	CLOSE	C:\orgplay02b	SUCCESS		
971	3:38:15 PM	orgplay.exe:136	OPEN	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\	SUCCESS	Options: Open Directory  Access: 00100001	
972	3:38:15 PM	orgplay.exe:136	DIRECTORY	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\	NO SUCH FILE	FileBothDirectoryInformation: gfc*.mid	
973	3:38:15 PM	orgplay.exe:136	CLOSE	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\	SUCCESS		
974	3:38:15 PM	orgplay.exe:136	OPEN	C:\orgplay02b	SUCCESS	Options: Open Directory  Access: 00100020	
975	3:38:15 PM	orgplay.exe:136	CLOSE	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\	SUCCESS		
976	3:38:15 PM	orgplay.exe:136	OPEN	C:\orgplay02b\orgplay.exe	SUCCESS	Options: Open  Access: Read	
977	3:38:15 PM	orgplay.exe:136	READ 	C:\orgplay02b\orgplay.exe	SUCCESS	Offset: 180224 Length: 6	
978	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.exe	SUCCESS	Offset: 180230 Length: 260	
979	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp	SUCCESS	Attributes: D	
980	3:38:15 PM	orgplay.exe:136	OPEN	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF17.GOX	NOT FOUND	Options: Open  Access: Read	
981	3:38:15 PM	orgplay.exe:136	CREATE	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF17.GOX	SUCCESS	Options: OverwriteIf  Access: 0012019F	
982	3:38:15 PM	orgplay.exe:136	READ 	C:	SUCCESS	Offset: 36864 Length: 4096	
983	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.exe	SUCCESS	Offset: 180490 Length: 32768	
984	3:38:15 PM	orgplay.exe:136	WRITE 	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF17.GOX	SUCCESS	Offset: 0 Length: 32768	
985	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.exe	SUCCESS	Offset: 213258 Length: 13824	
986	3:38:15 PM	orgplay.exe:136	WRITE 	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF17.GOX	SUCCESS	Offset: 32768 Length: 13824	
987	3:38:15 PM	orgplay.exe:136	CLOSE	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF17.GOX	SUCCESS		
988	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.exe	SUCCESS	Offset: 227082 Length: 6	
989	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.exe	SUCCESS	Offset: 227088 Length: 260	
990	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp	SUCCESS	Attributes: D	
991	3:38:15 PM	orgplay.exe:136	OPEN	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF18.GOX	NOT FOUND	Options: Open  Access: Read	
992	3:38:15 PM	orgplay.exe:136	CREATE	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF18.GOX	SUCCESS	Options: OverwriteIf  Access: 0012019F	
993	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.exe	SUCCESS	Offset: 227348 Length: 32768	
994	3:38:15 PM	orgplay.exe:136	WRITE 	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF18.GOX	SUCCESS	Offset: 0 Length: 32768	
995	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.exe	SUCCESS	Offset: 260116 Length: 16384	
996	3:38:15 PM	orgplay.exe:136	WRITE 	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF18.GOX	SUCCESS	Offset: 32768 Length: 16384	
997	3:38:15 PM	orgplay.exe:136	CLOSE	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF18.GOX	SUCCESS		
998	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.exe	SUCCESS	Offset: 276500 Length: 6	
999	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.exe	SUCCESS	Offset: 276506 Length: 260	
1000	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp	SUCCESS	Attributes: D	
1001	3:38:15 PM	orgplay.exe:136	OPEN	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF19.GOX	NOT FOUND	Options: Open  Access: Read	
1002	3:38:15 PM	orgplay.exe:136	CREATE	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF19.GOX	SUCCESS	Options: OverwriteIf  Access: 0012019F	
1003	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.exe	SUCCESS	Offset: 276766 Length: 32768	
1004	3:38:15 PM	orgplay.exe:136	WRITE 	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF19.GOX	SUCCESS	Offset: 0 Length: 32768	
1005	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.exe	SUCCESS	Offset: 309534 Length: 31744	
1006	3:38:15 PM	orgplay.exe:136	WRITE 	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF19.GOX	SUCCESS	Offset: 32768 Length: 31744	
1007	3:38:15 PM	orgplay.exe:136	CLOSE	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF19.GOX	SUCCESS		
1008	3:38:15 PM	orgplay.exe:136	CLOSE	C:\orgplay02b\orgplay.exe	SUCCESS		
1009	3:38:15 PM	orgplay.exe:136	OPEN	C:\orgplay02b\orgplay.cca	SUCCESS	Options: Open  Access: Read	
1010	3:38:15 PM	orgplay.exe:136	READ 	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 0 Length: 358	
1011	3:38:15 PM	orgplay.exe:136	CLOSE	C:\orgplay02b\orgplay.cca	SUCCESS		
1012	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\WINMM.dll	SUCCESS	Attributes: A	
1013	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\cnc.ini	NOT FOUND	Options: Open  Access: Read	
1014	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\DSOUND.DLL	NOT FOUND	Attributes: Error	
1015	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\DSOUND.DLL	SUCCESS	Attributes: A	
1016	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\DSOUND.DLL	SUCCESS	Options: Open  Access: 00100021	
1017	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\DSOUND.DLL	SUCCESS		
1018	3:38:15 PM	orgplay.exe:136	SET INFORMATION 	C:\WINDOWS\system32\config\software.LOG	SUCCESS	Length: 32768	
1019	3:38:15 PM	orgplay.exe:136	SET INFORMATION 	C:\WINDOWS\system32\config\software.LOG	SUCCESS	Length: 36864	
1020	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\DSOUND.DLL	SUCCESS	Attributes: A	
1021	3:38:15 PM	orgplay.exe:136	OPEN	C:\orgplay02b\orgplay.exe	SUCCESS	Options: Open  Access: Read	
1022	3:38:15 PM	orgplay.exe:136	READ 	C:\orgplay02b\orgplay.exe	SUCCESS	Offset: 0 Length: 64	
1023	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.exe	SUCCESS	Offset: 128 Length: 248	
1024	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\orgplay.exe	SUCCESS	Length: 341278	
1025	3:38:15 PM	orgplay.exe:136	CLOSE	C:\orgplay02b\orgplay.exe	SUCCESS		
1026	3:38:15 PM	orgplay.exe:136	OPEN	C:\orgplay02b\wdmaud.drv	NOT FOUND	Options: Open  Access: 00100080	
1027	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\wdmaud.drv	NOT FOUND	Attributes: Error	
1028	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\wdmaud.drv	NOT FOUND	Attributes: Error	
1029	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Attributes: A	
1030	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Options: Open  Access: 00100080	
1031	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\wdmaud.drv	SUCCESS		
1032	3:38:15 PM	orgplay.exe:136	OPEN	C:\orgplay02b\wdmaud.drv	NOT FOUND	Options: Open  Access: 00100080	
1033	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\wdmaud.drv	NOT FOUND	Attributes: Error	
1034	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\wdmaud.drv	NOT FOUND	Attributes: Error	
1035	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Attributes: A	
1036	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Options: Open  Access: 00100080	
1037	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\wdmaud.drv	SUCCESS		
1038	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\wdmaud.drv	NOT FOUND	Attributes: Error	
1039	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Attributes: A	
1040	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Options: Open  Access: 00100021	
1041	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\wdmaud.drv	SUCCESS		
1042	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\setupapi.dll	NOT FOUND	Attributes: Error	
1043	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\setupapi.dll	SUCCESS	Attributes: A	
1044	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\setupapi.dll	SUCCESS	Options: Open  Access: 00100021	
1045	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\setupapi.dll	SUCCESS		
1046	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\	SUCCESS	Attributes: D	
1047	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\WINTRUST.dll	NOT FOUND	Attributes: Error	
1048	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\WINTRUST.dll	SUCCESS	Attributes: A	
1049	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\WINTRUST.dll	SUCCESS	Options: Open  Access: 00100021	
1050	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\WINTRUST.dll	SUCCESS		
1051	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\CRYPT32.dll	NOT FOUND	Attributes: Error	
1052	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\CRYPT32.dll	SUCCESS	Attributes: A	
1053	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\CRYPT32.dll	SUCCESS	Options: Open  Access: 00100021	
1054	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\CRYPT32.dll	SUCCESS		
1055	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\MSASN1.dll	NOT FOUND	Attributes: Error	
1056	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\MSASN1.dll	SUCCESS	Attributes: A	
1057	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\MSASN1.dll	SUCCESS	Options: Open  Access: 00100021	
1058	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\MSASN1.dll	SUCCESS		
1059	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Attributes: A	
1060	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Attributes: A	
1061	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Attributes: A	
1062	3:38:15 PM	orgplay.exe:136	READ 	C:	SUCCESS	Offset: 91136 Length: 12288	
1063	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Attributes: A	
1064	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Attributes: A	
1065	3:38:15 PM	orgplay.exe:136	OPEN	C:\orgplay02b\wdmaud.drv	NOT FOUND	Options: Open  Access: 00100080	
1066	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\wdmaud.drv	NOT FOUND	Attributes: Error	
1067	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\wdmaud.drv	NOT FOUND	Attributes: Error	
1068	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Attributes: A	
1069	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Options: Open  Access: 00100080	
1070	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\wdmaud.drv	SUCCESS		
1071	3:38:15 PM	orgplay.exe:136	OPEN	C:\orgplay02b\wdmaud.drv	NOT FOUND	Options: Open  Access: 00100080	
1072	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\wdmaud.drv	NOT FOUND	Attributes: Error	
1073	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\wdmaud.drv	NOT FOUND	Attributes: Error	
1074	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Attributes: A	
1075	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Options: Open  Access: 00100080	
1076	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\wdmaud.drv	SUCCESS		
1077	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\wdmaud.drv	NOT FOUND	Attributes: Error	
1078	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Attributes: A	
1079	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Options: Open  Access: 00100021	
1080	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\wdmaud.drv	SUCCESS		
1081	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\setupapi.dll	NOT FOUND	Attributes: Error	
1082	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\setupapi.dll	SUCCESS	Attributes: A	
1083	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\setupapi.dll	SUCCESS	Options: Open  Access: 00100021	
1084	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\setupapi.dll	SUCCESS		
1085	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\	SUCCESS	Attributes: D	
1086	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Attributes: A	
1087	3:38:15 PM	orgplay.exe:136	OPEN	C:\orgplay02b\wdmaud.drv	NOT FOUND	Options: Open  Access: 00100080	
1088	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\wdmaud.drv	NOT FOUND	Attributes: Error	
1089	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\wdmaud.drv	NOT FOUND	Attributes: Error	
1090	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Attributes: A	
1091	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Options: Open  Access: 00100080	
1092	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\wdmaud.drv	SUCCESS		
1093	3:38:15 PM	orgplay.exe:136	OPEN	C:\orgplay02b\wdmaud.drv	NOT FOUND	Options: Open  Access: 00100080	
1094	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\wdmaud.drv	NOT FOUND	Attributes: Error	
1095	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\wdmaud.drv	NOT FOUND	Attributes: Error	
1096	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Attributes: A	
1097	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Options: Open  Access: 00100080	
1098	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\wdmaud.drv	SUCCESS		
1099	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Attributes: A	
1100	3:38:15 PM	orgplay.exe:136	OPEN	C:\orgplay02b\wdmaud.drv	NOT FOUND	Options: Open  Access: 00100080	
1101	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\wdmaud.drv	NOT FOUND	Attributes: Error	
1102	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\wdmaud.drv	NOT FOUND	Attributes: Error	
1103	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Attributes: A	
1104	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Options: Open  Access: 00100080	
1105	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\wdmaud.drv	SUCCESS		
1106	3:38:15 PM	orgplay.exe:136	OPEN	C:\orgplay02b\wdmaud.drv	NOT FOUND	Options: Open  Access: 00100080	
1107	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\wdmaud.drv	NOT FOUND	Attributes: Error	
1108	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\wdmaud.drv	NOT FOUND	Attributes: Error	
1109	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Attributes: A	
1110	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Options: Open  Access: 00100080	
1111	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\wdmaud.drv	SUCCESS		
1112	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Attributes: A	
1113	3:38:15 PM	orgplay.exe:136	READ 	C:\WINDOWS\system32\config\system	SUCCESS	Offset: 270336 Length: 4096	
1114	3:38:15 PM	orgplay.exe:136	OPEN	C:\orgplay02b\wdmaud.drv	NOT FOUND	Options: Open  Access: 00100080	
1115	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\wdmaud.drv	NOT FOUND	Attributes: Error	
1116	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\wdmaud.drv	NOT FOUND	Attributes: Error	
1117	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Attributes: A	
1118	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Options: Open  Access: 00100080	
1119	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\wdmaud.drv	SUCCESS		
1120	3:38:15 PM	orgplay.exe:136	OPEN	C:\orgplay02b\wdmaud.drv	NOT FOUND	Options: Open  Access: 00100080	
1121	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\wdmaud.drv	NOT FOUND	Attributes: Error	
1122	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\wdmaud.drv	NOT FOUND	Attributes: Error	
1123	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Attributes: A	
1124	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Options: Open  Access: 00100080	
1125	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\wdmaud.drv	SUCCESS		
1126	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Attributes: A	
1127	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\wdmaud.drv	SUCCESS	Attributes: A	
1128	3:38:15 PM	orgplay.exe:136	READ 	C:\WINDOWS\system32\config\system	SUCCESS	Offset: 237568 Length: 4096	
1129	3:38:15 PM	orgplay.exe:136	READ 	C:\WINDOWS\system32\config\system	SUCCESS	Offset: 241664 Length: 4096	
1130	3:38:15 PM	orgplay.exe:136	READ 	C:\WINDOWS\system32\config\system	SUCCESS	Offset: 245760 Length: 4096	
1131	3:38:15 PM	orgplay.exe:136	READ 	C:\WINDOWS\system32\config\system	SUCCESS	Offset: 249856 Length: 4096	
1132	3:38:15 PM	orgplay.exe:136	READ 	C:\WINDOWS\system32\config\system	SUCCESS	Offset: 266240 Length: 4096	
1133	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\msacm32.drv	NOT FOUND	Attributes: Error	
1134	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\msacm32.drv	SUCCESS	Attributes: A	
1135	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\msacm32.drv	SUCCESS	Options: Open  Access: 00100021	
1136	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\msacm32.drv	SUCCESS		
1137	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\MSACM32.dll	NOT FOUND	Attributes: Error	
1138	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\MSACM32.dll	SUCCESS	Attributes: A	
1139	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\MSACM32.dll	SUCCESS	Options: Open  Access: 00100021	
1140	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\MSACM32.dll	SUCCESS		
1141	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\msacm32.drv	SUCCESS	Attributes: A	
1142	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\msacm32.drv	SUCCESS	Attributes: A	
1143	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\msacm32.drv	SUCCESS	Attributes: A	
1144	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\msacm32.drv	SUCCESS	Attributes: A	
1145	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\msacm32.drv	SUCCESS	Attributes: A	
1146	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\msacm32.drv	SUCCESS	Attributes: A	
1147	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\midimap.dll	NOT FOUND	Attributes: Error	
1148	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\midimap.dll	SUCCESS	Attributes: A	
1149	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\midimap.dll	SUCCESS	Options: Open  Access: 00100021	
1150	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\midimap.dll	SUCCESS		
1151	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\midimap.dll	SUCCESS	Attributes: A	
1152	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\setupapi.dll	NOT FOUND	Attributes: Error	
1153	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\setupapi.dll	SUCCESS	Attributes: A	
1154	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\setupapi.dll	SUCCESS	Options: Open  Access: 00100021	
1155	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\setupapi.dll	SUCCESS		
1156	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\	SUCCESS	Attributes: D	
1157	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\setupapi.dll	NOT FOUND	Attributes: Error	
1158	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\setupapi.dll	SUCCESS	Attributes: A	
1159	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\setupapi.dll	SUCCESS	Options: Open  Access: 00100021	
1160	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\setupapi.dll	SUCCESS		
1161	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\	SUCCESS	Attributes: D	
1162	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\setupapi.dll	NOT FOUND	Attributes: Error	
1163	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\setupapi.dll	SUCCESS	Attributes: A	
1164	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\setupapi.dll	SUCCESS	Options: Open  Access: 00100021	
1165	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\setupapi.dll	SUCCESS		
1166	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\	SUCCESS	Attributes: D	
1167	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\setupapi.dll	NOT FOUND	Attributes: Error	
1168	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\setupapi.dll	SUCCESS	Attributes: A	
1169	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\setupapi.dll	SUCCESS	Options: Open  Access: 00100021	
1170	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\setupapi.dll	SUCCESS		
1171	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\	SUCCESS	Attributes: D	
1172	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\System32\Drivers\AC97.sys	SUCCESS	Attributes: A	
1173	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\System32\Drivers\AC97.sys	SUCCESS	Options: Open  Access: 00100020	
1174	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\System32\Drivers\AC97.sys	SUCCESS	Length: 125152	
1175	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\System32\Drivers\AC97.sys	SUCCESS		
1176	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\System32\Drivers\AC97.sys	SUCCESS	Attributes: A	
1177	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\System32\Drivers\AC97.sys	SUCCESS	Options: Open  Access: Read	
1178	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\System32\Drivers\AC97.sys	SUCCESS	Length: 125152	
1179	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\System32\Drivers\AC97.sys	SUCCESS		
1180	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\System32\Drivers\AC97.sys	SUCCESS	Attributes: A	
1181	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\System32\Drivers\AC97.sys	SUCCESS	Options: Open  Access: 00100020	
1182	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\System32\Drivers\AC97.sys	SUCCESS	Length: 125152	
1183	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\System32\Drivers\AC97.sys	SUCCESS		
1184	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\System32\Drivers\AC97.sys	SUCCESS	Attributes: A	
1185	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\System32\Drivers\AC97.sys	SUCCESS	Options: Open  Access: Read	
1186	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\System32\Drivers\AC97.sys	SUCCESS	Length: 125152	
1187	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\System32\Drivers\AC97.sys	SUCCESS		
1188	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\KsUser.dll	NOT FOUND	Attributes: Error	
1189	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\KsUser.dll	SUCCESS	Attributes: A	
1190	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\KsUser.dll	SUCCESS	Options: Open  Access: 00100021	
1191	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\KsUser.dll	SUCCESS		
1192	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\GFACT.INI	NOT FOUND	Options: Open  Access: Read	
1193	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\GFACT.INI	NOT FOUND	Options: Open  Access: Read	
1194	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\CNCS32.dll	SUCCESS	Attributes: A	
1195	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\MSCTF.dll	SUCCESS	Attributes: A	
1196	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\MSCTF.dll	SUCCESS	Options: Open  Access: 00100020	
1197	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\MSCTF.dll	SUCCESS	Length: 317952	
1198	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\MSCTF.dll	SUCCESS		
1199	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\MSCTF.dll	SUCCESS	Attributes: A	
1200	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\MSCTF.dll	SUCCESS	Options: Open  Access: 00100021	
1201	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\MSCTF.dll	SUCCESS		
1202	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\ntdll.dll	SUCCESS	Attributes: A	
1203	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\imm32.dll	SUCCESS	Attributes: A	
1204	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\KERNEL32.dll	SUCCESS	Attributes: A	
1205	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\msctfime.ime	SUCCESS	Attributes: A	
1206	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\msctfime.ime	SUCCESS	Options: Open  Access: 00100020	
1207	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\msctfime.ime	SUCCESS	Length: 177152	
1208	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\msctfime.ime	SUCCESS		
1209	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\msctfime.ime	SUCCESS	Attributes: A	
1210	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\msctfime.ime	SUCCESS	Options: Open  Access: Read	
1211	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\msctfime.ime	SUCCESS	Length: 177152	
1212	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\msctfime.ime	SUCCESS		
1213	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\msctfime.ime	SUCCESS	Attributes: A	
1214	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\msctfime.ime	SUCCESS	Options: Open  Access: 00100020	
1215	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\msctfime.ime	SUCCESS	Length: 177152	
1216	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\msctfime.ime	SUCCESS		
1217	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\msctfime.ime	SUCCESS	Attributes: A	
1218	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\msctfime.ime	SUCCESS	Options: Open  Access: Read	
1219	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\msctfime.ime	SUCCESS	Length: 177152	
1220	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\msctfime.ime	SUCCESS		
1221	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\apphelp.dll	NOT FOUND	Attributes: Error	
1222	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\apphelp.dll	SUCCESS	Attributes: A	
1223	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\apphelp.dll	SUCCESS	Options: Open  Access: 00100021	
1224	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\apphelp.dll	SUCCESS		
1225	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\AppPatch\sysmain.sdb	SUCCESS	Options: Open  Access: Read	
1226	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\AppPatch\sysmain.sdb	SUCCESS	Length: 1364226	
1227	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\AppPatch\sysmain.sdb	SUCCESS	Length: 1364226	
1228	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\AppPatch\sysmain.sdb	SUCCESS	Length: 1364226	
1229	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\AppPatch\systest.sdb	NOT FOUND	Options: Open  Access: Read	
1230	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\	SUCCESS	Options: Open Directory  Access: 00100001	
1231	3:38:15 PM	orgplay.exe:136	DIRECTORY	C:\WINDOWS\system32\	SUCCESS	FileBothDirectoryInformation: msctfime.ime	
1232	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\	SUCCESS		
1233	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\msctfime.ime	SUCCESS	Attributes: A	
1234	3:38:15 PM	orgplay.exe:136	OPEN	C:\	SUCCESS	Options: Open Directory  Access: 00100001	
1235	3:38:15 PM	orgplay.exe:136	DIRECTORY	C:\	SUCCESS	FileBothDirectoryInformation: WINDOWS	
1236	3:38:15 PM	orgplay.exe:136	CLOSE	C:\	SUCCESS		
1237	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\	SUCCESS	Options: Open Directory  Access: 00100001	
1238	3:38:15 PM	orgplay.exe:136	DIRECTORY	C:\WINDOWS\	SUCCESS	FileBothDirectoryInformation: system32	
1239	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\	SUCCESS		
1240	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\	SUCCESS	Options: Open Directory  Access: 00100001	
1241	3:38:15 PM	orgplay.exe:136	DIRECTORY	C:\WINDOWS\system32\	SUCCESS	FileBothDirectoryInformation: msctfime.ime	
1242	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\	SUCCESS		
1243	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\AppPatch\sysmain.sdb	SUCCESS		
1244	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\msctfime.ime	SUCCESS	Attributes: A	
1245	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\msctfime.ime	SUCCESS	Options: Open  Access: 00100020	
1246	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\msctfime.ime	SUCCESS	Length: 177152	
1247	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\msctfime.ime	SUCCESS		
1248	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\msctfime.ime	SUCCESS	Attributes: A	
1249	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\msctfime.ime	SUCCESS	Options: Open  Access: 00100021	
1250	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\msctfime.ime	SUCCESS		
1251	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\ole32.dll	SUCCESS	Attributes: A	
1252	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\ntdll.dll	SUCCESS	Attributes: A	
1253	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\AppPatch\sysmain.sdb	SUCCESS	Options: Open  Access: Read	
1254	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\AppPatch\sysmain.sdb	SUCCESS	Length: 1364226	
1255	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\AppPatch\sysmain.sdb	SUCCESS	Length: 1364226	
1256	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\AppPatch\sysmain.sdb	SUCCESS	Length: 1364226	
1257	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\AppPatch\systest.sdb	NOT FOUND	Options: Open  Access: Read	
1258	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\	SUCCESS	Options: Open Directory  Access: 00100001	
1259	3:38:15 PM	orgplay.exe:136	DIRECTORY	C:\WINDOWS\system32\	SUCCESS	FileBothDirectoryInformation: msctfime.ime	
1260	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\	SUCCESS		
1261	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\msctfime.ime	SUCCESS	Attributes: A	
1262	3:38:15 PM	orgplay.exe:136	OPEN	C:\	SUCCESS	Options: Open Directory  Access: 00100001	
1263	3:38:15 PM	orgplay.exe:136	DIRECTORY	C:\	SUCCESS	FileBothDirectoryInformation: WINDOWS	
1264	3:38:15 PM	orgplay.exe:136	CLOSE	C:\	SUCCESS		
1265	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\	SUCCESS	Options: Open Directory  Access: 00100001	
1266	3:38:15 PM	orgplay.exe:136	DIRECTORY	C:\WINDOWS\	SUCCESS	FileBothDirectoryInformation: system32	
1267	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\	SUCCESS		
1268	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\	SUCCESS	Options: Open Directory  Access: 00100001	
1269	3:38:15 PM	orgplay.exe:136	DIRECTORY	C:\WINDOWS\system32\	SUCCESS	FileBothDirectoryInformation: msctfime.ime	
1270	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\	SUCCESS		
1271	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\AppPatch\sysmain.sdb	SUCCESS		
1272	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\msctfime.ime	SUCCESS	Attributes: A	
1273	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\Msimtf.dll	SUCCESS	Attributes: A	
1274	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\Msimtf.dll	SUCCESS	Options: Open  Access: 00100020	
1275	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\Msimtf.dll	SUCCESS	Length: 162816	
1276	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\Msimtf.dll	SUCCESS		
1277	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\Msimtf.dll	SUCCESS	Attributes: A	
1278	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\Msimtf.dll	SUCCESS	Options: Open  Access: 00100020	
1279	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\Msimtf.dll	SUCCESS	Length: 162816	
1280	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\Msimtf.dll	SUCCESS		
1281	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF17.GOX	SUCCESS	Attributes: A	
1282	3:38:15 PM	orgplay.exe:136	OPEN	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF17.GOX	SUCCESS	Options: Open  Access: 00100020	
1283	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF17.GOX	SUCCESS	Length: 46592	
1284	3:38:15 PM	orgplay.exe:136	CLOSE	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF17.GOX	SUCCESS		
1285	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF17.GOX	SUCCESS	Attributes: A	
1286	3:38:15 PM	orgplay.exe:136	OPEN	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF17.GOX	SUCCESS	Options: Open  Access: 00100021	
1287	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF17.GOX	SUCCESS	Length: 46592	
1288	3:38:15 PM	orgplay.exe:136	CLOSE	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF17.GOX	SUCCESS		
1289	3:38:15 PM	orgplay.exe:136	READ 	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF17.GOX	SUCCESS	Offset: 44544 Length: 2048	
1290	3:38:15 PM	orgplay.exe:136	READ 	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF17.GOX	SUCCESS	Offset: 1024 Length: 20480	
1291	3:38:15 PM	orgplay.exe:136	READ 	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF17.GOX	SUCCESS	Offset: 24064 Length: 11264	
1292	3:38:15 PM	orgplay.exe:136	READ 	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF17.GOX	SUCCESS	Offset: 37376 Length: 7168	
1293	3:38:15 PM	orgplay.exe:136	READ 	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF17.GOX	SUCCESS	Offset: 35328 Length: 2048	
1294	3:38:15 PM	orgplay.exe:136	READ 	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF17.GOX	SUCCESS	Offset: 21504 Length: 2560	
1295	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF18.GOX	SUCCESS	Attributes: A	
1296	3:38:15 PM	orgplay.exe:136	OPEN	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF18.GOX	SUCCESS	Options: Open  Access: 00100020	
1297	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF18.GOX	SUCCESS	Length: 49152	
1298	3:38:15 PM	orgplay.exe:136	CLOSE	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF18.GOX	SUCCESS		
1299	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF18.GOX	SUCCESS	Attributes: A	
1300	3:38:15 PM	orgplay.exe:136	OPEN	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF18.GOX	SUCCESS	Options: Open  Access: 00100021	
1301	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF18.GOX	SUCCESS	Length: 49152	
1302	3:38:15 PM	orgplay.exe:136	CLOSE	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF18.GOX	SUCCESS		
1303	3:38:15 PM	orgplay.exe:136	READ 	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF18.GOX	SUCCESS	Offset: 45056 Length: 4096	
1304	3:38:15 PM	orgplay.exe:136	READ 	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF18.GOX	SUCCESS	Offset: 4096 Length: 16384	
1305	3:38:15 PM	orgplay.exe:136	READ 	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF18.GOX	SUCCESS	Offset: 20480 Length: 8192	
1306	3:38:15 PM	orgplay.exe:136	READ 	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF18.GOX	SUCCESS	Offset: 28672 Length: 4096	
1307	3:38:15 PM	orgplay.exe:136	READ 	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF18.GOX	SUCCESS	Offset: 32768 Length: 8192	
1308	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\SHELL32.dll	SUCCESS	Options: Open  Access: 001200A9	
1309	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\SHELL32.dll	SUCCESS	Length: 8363008	
1310	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\SHELL32.dll.124.Config	NOT FOUND	Options: Open  Access: 001200A9	
1311	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\SHELL32.dll	SUCCESS		
1312	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\orgplay.exe.Local\	NOT FOUND	Attributes: Error	
1313	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_319264BE	SUCCESS	Attributes: D	
1314	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_319264BE	SUCCESS	Options: Open Directory  Access: 00100020	
1315	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_319264BE\comctl32.dll	SUCCESS	Options: Open  Access: 00100020	
1316	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_319264BE\comctl32.dll	SUCCESS	Length: 1052160	
1317	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_319264BE\comctl32.dll	SUCCESS		
1318	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_319264BE\comctl32.dll	SUCCESS	Options: Open  Access: 00100021	
1319	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.3790.5190_x-ww_319264BE\comctl32.dll	SUCCESS		
1320	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\WindowsShell.Manifest	SUCCESS	Attributes: RHA	
1321	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\WindowsShell.Manifest	SUCCESS	Options: Open  Access: 00100020	
1322	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\WindowsShell.Manifest	SUCCESS	Length: 749	
1323	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\WindowsShell.Manifest	SUCCESS		
1324	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\WindowsShell.Manifest	SUCCESS	Attributes: RHA	
1325	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\WindowsShell.Manifest	SUCCESS	Options: Open  Access: Read	
1326	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\WindowsShell.Manifest	SUCCESS	Length: 749	
1327	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\WindowsShell.Manifest	SUCCESS		
1328	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\WindowsShell.Manifest	SUCCESS	Options: Open  Access: 001200A9	
1329	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\WindowsShell.Manifest	SUCCESS	Length: 749	
1330	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\WindowsShell.Manifest	SUCCESS	Length: 749	
1331	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\WindowsShell.Config	NOT FOUND	Options: Open  Access: 001200A9	
1332	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\WindowsShell.Manifest	SUCCESS		
1333	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF19.GOX	SUCCESS	Attributes: A	
1334	3:38:15 PM	orgplay.exe:136	OPEN	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF19.GOX	SUCCESS	Options: Open  Access: 00100020	
1335	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF19.GOX	SUCCESS	Length: 64512	
1336	3:38:15 PM	orgplay.exe:136	CLOSE	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF19.GOX	SUCCESS		
1337	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF19.GOX	SUCCESS	Attributes: A	
1338	3:38:15 PM	orgplay.exe:136	OPEN	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF19.GOX	SUCCESS	Options: Open  Access: 00100021	
1339	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF19.GOX	SUCCESS	Length: 64512	
1340	3:38:15 PM	orgplay.exe:136	CLOSE	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF19.GOX	SUCCESS		
1341	3:38:15 PM	orgplay.exe:136	READ 	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF19.GOX	SUCCESS	Offset: 60928 Length: 3584	
1342	3:38:15 PM	orgplay.exe:136	READ 	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF19.GOX	SUCCESS	Offset: 1024 Length: 31232	
1343	3:38:15 PM	orgplay.exe:136	READ 	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF19.GOX	SUCCESS	Offset: 36352 Length: 14336	
1344	3:38:15 PM	orgplay.exe:136	READ 	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF19.GOX	SUCCESS	Offset: 53248 Length: 7680	
1345	3:38:15 PM	orgplay.exe:136	READ 	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF19.GOX	SUCCESS	Offset: 50688 Length: 2560	
1346	3:38:15 PM	orgplay.exe:136	READ 	C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\gfcFF19.GOX	SUCCESS	Offset: 32256 Length: 4096	
1347	3:38:15 PM	orgplay.exe:136	OPEN	C:\orgplay02b\orgplay.cca	SUCCESS	Options: Open  Access: Read	
1348	3:38:15 PM	orgplay.exe:136	READ 	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 0 Length: 358	
1349	3:38:15 PM	orgplay.exe:136	CLOSE	C:\orgplay02b\orgplay.cca	SUCCESS		
1350	3:38:15 PM	orgplay.exe:136	OPEN	C:\orgplay02b	SUCCESS	Options: Open Directory  Access: 00100020	
1351	3:38:15 PM	orgplay.exe:136	CLOSE	C:\orgplay02b	SUCCESS		
1352	3:38:15 PM	orgplay.exe:136	OPEN	C:\orgplay02b	SUCCESS	Options: Open Directory  Access: 00100020	
1353	3:38:15 PM	orgplay.exe:136	CLOSE	C:\orgplay02b	SUCCESS		
1354	3:38:15 PM	orgplay.exe:136	OPEN	C:\orgplay02b\orgplay.cca	SUCCESS	Options: Open  Access: Read	
1355	3:38:15 PM	orgplay.exe:136	READ 	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 0 Length: 358	
1356	3:38:15 PM	orgplay.exe:136	CLOSE	C:\orgplay02b\orgplay.cca	SUCCESS		
1357	3:38:15 PM	orgplay.exe:136	OPEN	C:\orgplay02b\orgplay.cca	SUCCESS	Options: Open  Access: Read	
1358	3:38:15 PM	orgplay.exe:136	READ 	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 0 Length: 358	
1359	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 358 Length: 4	
1360	3:38:15 PM	orgplay.exe:136	CLOSE	C:\orgplay02b\orgplay.cca	SUCCESS		
1361	3:38:15 PM	orgplay.exe:136	OPEN	C:\orgplay02b\orgplay.cca	SUCCESS	Options: Open  Access: Read	
1362	3:38:15 PM	orgplay.exe:136	READ 	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 358 Length: 4	
1363	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 362 Length: 6	
1364	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 368 Length: 2	
1365	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 370 Length: 6	
1366	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 1208 Length: 6	
1367	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 14566 Length: 6	
1368	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 14572 Length: 6	
1369	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 14578 Length: 2	
1370	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 14580 Length: 828	
1371	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 15408 Length: 6	
1372	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 16442 Length: 6	
1373	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 16448 Length: 6	
1374	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 16454 Length: 6	
1375	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 16460 Length: 184	
1376	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 29583 Length: 6	
1377	3:38:15 PM	orgplay.exe:136	OPEN	C:\orgplay02b\orgplay.cca	SUCCESS	Options: Open  Access: Read	
1378	3:38:15 PM	orgplay.exe:136	READ 	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 29589 Length: 4	
1379	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 29593 Length: 112	
1380	3:38:15 PM	orgplay.exe:136	CLOSE	C:\orgplay02b\orgplay.cca	SUCCESS		
1381	3:38:15 PM	explorer.exe:1776	QUERY INFORMATION	C:\orgplay02b\orgplay.exe	SUCCESS	Attributes: A	
1382	3:38:15 PM	explorer.exe:1776	QUERY INFORMATION	C:\orgplay02b\orgplay.exe	SUCCESS	Attributes: A	
1383	3:38:15 PM	explorer.exe:1776	QUERY INFORMATION	C:\orgplay02b\orgplay.exe	SUCCESS	Attributes: A	
1384	3:38:15 PM	explorer.exe:1776	OPEN	C:\orgplay02b\orgplay.exe	SUCCESS	Options: Open  Access: 00100020	
1385	3:38:15 PM	explorer.exe:1776	QUERY INFORMATION	C:\orgplay02b\orgplay.exe	SUCCESS	Length: 341278	
1386	3:38:15 PM	explorer.exe:1776	CLOSE	C:\orgplay02b\orgplay.exe	SUCCESS		
1387	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 16460 Length: 184	
1388	3:38:15 PM	orgplay.exe:136	CLOSE	C:\orgplay02b\orgplay.cca	SUCCESS		
1389	3:38:15 PM	orgplay.exe:136	OPEN	C:\orgplay02b\orgplay.cca	SUCCESS	Options: Open  Access: Read	
1390	3:38:15 PM	orgplay.exe:136	READ 	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 29589 Length: 4	
1391	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 29593 Length: 112	
1392	3:38:15 PM	orgplay.exe:136	OPEN	C:\orgplay02b\orgplay.cca	SUCCESS	Options: Open  Access: Read	
1393	3:38:15 PM	orgplay.exe:136	READ 	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 358 Length: 4	
1394	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 16460 Length: 184	
1395	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 16644 Length: 6	
1396	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 16644 Length: 6	
1397	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 17678 Length: 6	
1398	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 21820 Length: 6	
1399	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 21826 Length: 4	
1400	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 21830 Length: 68	
1401	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 21898 Length: 6	
1402	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 21904 Length: 58	
1403	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 21962 Length: 6	
1404	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 21968 Length: 24	
1405	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 22589 Length: 68	
1406	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 22657 Length: 6	
1407	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 22663 Length: 274	
1408	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 22937 Length: 6	
1409	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 22943 Length: 24	
1410	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 23140 Length: 68	
1411	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 23208 Length: 6	
1412	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 23214 Length: 274	
1413	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 23488 Length: 6	
1414	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 23494 Length: 24	
1415	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 23661 Length: 68	
1416	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 23729 Length: 6	
1417	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 23735 Length: 274	
1418	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 24009 Length: 6	
1419	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 24015 Length: 24	
1420	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 24178 Length: 68	
1421	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 24246 Length: 6	
1422	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 24252 Length: 58	
1423	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 24310 Length: 6	
1424	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 24316 Length: 24	
1425	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 24599 Length: 68	
1426	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 24667 Length: 6	
1427	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 24673 Length: 76	
1428	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 24749 Length: 6	
1429	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 24755 Length: 24	
1430	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 24950 Length: 68	
1431	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 25018 Length: 6	
1432	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 25024 Length: 68	
1433	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 25092 Length: 6	
1434	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 25098 Length: 24	
1435	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 25316 Length: 68	
1436	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 25384 Length: 6	
1437	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 25390 Length: 70	
1438	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 25460 Length: 6	
1439	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 25466 Length: 24	
1440	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 25686 Length: 68	
1441	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 25754 Length: 6	
1442	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 25760 Length: 70	
1443	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 25830 Length: 6	
1444	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 25836 Length: 24	
1445	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 26056 Length: 68	
1446	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 26124 Length: 6	
1447	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 26130 Length: 1084	
1448	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 27214 Length: 6	
1449	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 27220 Length: 24	
1450	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 16650 Length: 1028	
1451	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 29705 Length: 24	
1452	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 29729 Length: 640	
1453	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 30369 Length: 24	
1454	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 30393 Length: 592	
1455	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 30985 Length: 24	
1456	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 31009 Length: 588	
1457	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 31597 Length: 24	
1458	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 31621 Length: 243	
1459	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 31864 Length: 24	
1460	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 31888 Length: 225	
1461	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 32113 Length: 24	
1462	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 32137 Length: 227	
1463	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 32364 Length: 24	
1464	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 32388 Length: 231	
1465	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 32619 Length: 24	
1466	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 32643 Length: 229	
1467	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 32872 Length: 24	
1468	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 32896 Length: 229	
1469	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 33125 Length: 24	
1470	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 33149 Length: 237	
1471	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 33386 Length: 24	
1472	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 33410 Length: 221	
1473	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 33631 Length: 24	
1474	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 33655 Length: 237	
1475	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 33892 Length: 24	
1476	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 33916 Length: 237	
1477	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 34153 Length: 24	
1478	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 34177 Length: 193	
1479	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 27449 Length: 6	
1480	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 27455 Length: 2	
1481	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 27457 Length: 40	
1482	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 27497 Length: 320	
1483	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 27449 Length: 6	
1484	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 27817 Length: 6	
1485	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 27823 Length: 4	
1486	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 27827 Length: 2	
1487	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 27829 Length: 4	
1488	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 27833 Length: 1566	
1489	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 29399 Length: 2	
1490	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 29401 Length: 30	
1491	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 29431 Length: 2	
1492	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 29523 Length: 2	
1493	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 29525 Length: 2	
1494	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 29527 Length: 2	
1495	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.cca	SUCCESS	Offset: 29529 Length: 2	
1496	3:38:15 PM	orgplay.exe:136	CLOSE	C:\orgplay02b\orgplay.cca	SUCCESS		
1497	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\org001.dll	SUCCESS	Attributes: A	
1498	3:38:15 PM	orgplay.exe:136	OPEN	C:\orgplay02b\org001.dll	SUCCESS	Options: Open  Access: 00100020	
1499	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\org001.dll	SUCCESS	Length: 122880	
1500	3:38:15 PM	orgplay.exe:136	CLOSE	C:\orgplay02b\org001.dll	SUCCESS		
1501	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\org001.dll	SUCCESS	Attributes: A	
1502	3:38:15 PM	orgplay.exe:136	OPEN	C:\orgplay02b\org001.dll	SUCCESS	Options: Open  Access: 00100021	
1503	3:38:15 PM	orgplay.exe:136	CLOSE	C:\orgplay02b\org001.dll	SUCCESS		
1504	3:38:15 PM	orgplay.exe:136	READ 	C:	SUCCESS	Offset: 118784 Length: 4096	
1505	3:38:15 PM	orgplay.exe:136	READ 	C:	SUCCESS	Offset: 4096 Length: 24576	
1506	3:38:15 PM	orgplay.exe:136	READ 	C:	SUCCESS	Offset: 28672 Length: 4096	
1507	3:38:15 PM	orgplay.exe:136	READ 	C:	SUCCESS	Offset: 32768 Length: 4096	
1508	3:38:15 PM	orgplay.exe:136	READ 	C:	SUCCESS	Offset: 36864 Length: 16384	
1509	3:38:15 PM	orgplay.exe:136	OPEN	C:\orgplay02b\orgplay.exe	SUCCESS	Options: Open  Access: Read	
1510	3:38:15 PM	orgplay.exe:136	READ 	C:\orgplay02b\orgplay.exe	SUCCESS	Offset: 0 Length: 64	
1511	3:38:15 PM	orgplay.exe:136	READ	C:\orgplay02b\orgplay.exe	SUCCESS	Offset: 128 Length: 248	
1512	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\orgplay.exe	SUCCESS	Length: 341278	
1513	3:38:15 PM	orgplay.exe:136	CLOSE	C:\orgplay02b\orgplay.exe	SUCCESS		
1514	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\orgplay02b\setupapi.dll	NOT FOUND	Attributes: Error	
1515	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\setupapi.dll	SUCCESS	Attributes: A	
1516	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\system32\setupapi.dll	SUCCESS	Options: Open  Access: 00100021	
1517	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\system32\setupapi.dll	SUCCESS		
1518	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\	SUCCESS	Attributes: D	
1519	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\System32\Drivers\AC97.sys	SUCCESS	Attributes: A	
1520	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\System32\Drivers\AC97.sys	SUCCESS	Options: Open  Access: 00100020	
1521	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\System32\Drivers\AC97.sys	SUCCESS	Length: 125152	
1522	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\System32\Drivers\AC97.sys	SUCCESS		
1523	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\System32\Drivers\AC97.sys	SUCCESS	Attributes: A	
1524	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\System32\Drivers\AC97.sys	SUCCESS	Options: Open  Access: Read	
1525	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\System32\Drivers\AC97.sys	SUCCESS	Length: 125152	
1526	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\System32\Drivers\AC97.sys	SUCCESS		
1527	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\System32\Drivers\AC97.sys	SUCCESS	Attributes: A	
1528	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\System32\Drivers\AC97.sys	SUCCESS	Options: Open  Access: 00100020	
1529	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\System32\Drivers\AC97.sys	SUCCESS	Length: 125152	
1530	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\System32\Drivers\AC97.sys	SUCCESS		
1531	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\System32\Drivers\AC97.sys	SUCCESS	Attributes: A	
1532	3:38:15 PM	orgplay.exe:136	OPEN	C:\WINDOWS\System32\Drivers\AC97.sys	SUCCESS	Options: Open  Access: Read	
1533	3:38:15 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\System32\Drivers\AC97.sys	SUCCESS	Length: 125152	
1534	3:38:15 PM	orgplay.exe:136	CLOSE	C:\WINDOWS\System32\Drivers\AC97.sys	SUCCESS		
1535	3:38:15 PM	orgplay.exe:136	READ 	C:	SUCCESS	Offset: 53248 Length: 16384	
1536	3:38:16 PM	wmiprvse.exe:1964	QUERY INFORMATION	C:\orgplay02b\orgplay.exe	BUFFER OVERFLOW	FileNameInformation	
1537	3:38:16 PM	wmiprvse.exe:1964	QUERY INFORMATION	C:\orgplay02b\orgplay.exe	SUCCESS	FileNameInformation	
1538	3:38:16 PM	orgplay.exe:136	READ 	C:	SUCCESS	Offset: 102400 Length: 16384	
1539	3:38:16 PM	orgplay.exe:136	QUERY INFORMATION	C:\WINDOWS\system32\ntdll.dll	SUCCESS	Attributes: A	
1540	3:38:16 PM	explorer.exe:1776	QUERY INFORMATION	C:\orgplay02b\orgplay.exe	SUCCESS	Attributes: A	
1541	3:38:16 PM	explorer.exe:1776	OPEN	C:\orgplay02b\orgplay.exe	SUCCESS	Options: Open  Access: 00100020	
1542	3:38:16 PM	explorer.exe:1776	QUERY INFORMATION	C:\orgplay02b\orgplay.exe	SUCCESS	Length: 341278	
1543	3:38:16 PM	explorer.exe:1776	CLOSE	C:\orgplay02b\orgplay.exe	SUCCESS		
1544	3:38:52 PM	svchost.exe:884	QUERY INFORMATION	C:\ORGPLAY02B\ORGPLAY.EXE	SUCCESS	Attributes: A	
1545	3:38:52 PM	svchost.exe:884	OPEN	C:\ORGPLAY02B\ORGPLAY.EXE	SUCCESS	Options: Open  Access: 00020088	
1546	3:38:52 PM	svchost.exe:884	QUERY INFORMATION	C:\ORGPLAY02B\ORGPLAY.EXE	SUCCESS	FileInternalInformation	
1547	3:38:52 PM	svchost.exe:884	CLOSE	C:\ORGPLAY02B\ORGPLAY.EXE	SUCCESS