"Time of Day","Process Name","PID","Operation","Path","Result","Detail"
"10:49:50.7079536","LFS.exe","1976","FASTIO_NETWORK_QUERY_OPEN","C:\LFS\LFSORDLL.dll","FAST IO DISALLOWED",""
"10:49:50.7080414","LFS.exe","1976","IRP_MJ_CREATE","C:\LFS\LFSORDLL.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"10:49:50.7081511","LFS.exe","1976","FASTIO_QUERY_INFORMATION","C:\LFS\LFSORDLL.dll","SUCCESS","Type: QueryBasicInformationFile, CreationTime: 08/11/2013 17:36:54, LastAccessTime: 13/08/2014 10:47:29, LastWriteTime: 10/08/2014 15:14:13, ChangeTime: 13/08/2014 10:47:29, FileAttributes: ANCI"
"10:49:50.7081733","LFS.exe","1976","IRP_MJ_CLEANUP","C:\LFS\LFSORDLL.dll","SUCCESS",""
"10:49:50.7081980","LFS.exe","1976","IRP_MJ_CLOSE","C:\LFS\LFSORDLL.dll","SUCCESS",""
"10:49:50.7083013","LFS.exe","1976","IRP_MJ_CREATE","C:\LFS\LFSORDLL.dll","SUCCESS","Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"10:49:50.7083367","LFS.exe","1976","FASTIO_ACQUIRE_FOR_SECTION_SYNCHRONIZATION","C:\LFS\LFSORDLL.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
"10:49:50.7083623","LFS.exe","1976","FASTIO_ACQUIRE_FOR_CC_FLUSH","C:\LFS\LFSORDLL.dll","SUCCESS",""
"10:49:50.7086447","LFS.exe","1976","FASTIO_RELEASE_FOR_CC_FLUSH","C:\LFS\LFSORDLL.dll","SUCCESS",""
"10:49:50.7086618","LFS.exe","1976","FASTIO_RELEASE_FOR_SECTION_SYNCHRONIZATION","C:\LFS\LFSORDLL.dll","SUCCESS",""
"10:49:50.7087117","LFS.exe","1976","FASTIO_ACQUIRE_FOR_SECTION_SYNCHRONIZATION","C:\LFS\LFSORDLL.dll","SUCCESS","SyncType: SyncTypeOther"
"10:49:50.7087347","LFS.exe","1976","FASTIO_RELEASE_FOR_SECTION_SYNCHRONIZATION","C:\LFS\LFSORDLL.dll","SUCCESS",""
"10:49:50.7087813","LFS.exe","1976","Load Image","C:\LFS\LFSORDLL.dll","SUCCESS","Image Base: 0x662a0000, Image Size: 0x856000"
"10:49:50.7088150","LFS.exe","1976","IRP_MJ_CLEANUP","C:\LFS\LFSORDLL.dll","SUCCESS",""
"10:49:50.7088389","LFS.exe","1976","IRP_MJ_CLOSE","C:\LFS\LFSORDLL.dll","SUCCESS",""
"10:49:50.7090193","LFS.exe","1976","IRP_MJ_CREATE","C:\LFS\LFSORDLL.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"10:49:50.7090505","LFS.exe","1976","FASTIO_QUERY_INFORMATION","C:\LFS\LFSORDLL.dll","SUCCESS","Type: QueryBasicInformationFile, CreationTime: 08/11/2013 17:36:54, LastAccessTime: 13/08/2014 10:47:29, LastWriteTime: 10/08/2014 15:14:13, ChangeTime: 13/08/2014 10:47:29, FileAttributes: ANCI"
"10:49:50.7091661","LFS.exe","1976","IRP_MJ_CLEANUP","C:\LFS\LFSORDLL.dll","SUCCESS",""
"10:49:50.7091874","LFS.exe","1976","IRP_MJ_CLOSE","C:\LFS\LFSORDLL.dll","SUCCESS",""
"10:49:50.7613105","Procmon64.exe","3448","FASTIO_NETWORK_QUERY_OPEN","C:\LFS\LFSORDLL.dll","FAST IO DISALLOWED",""
"10:49:50.7613988","Procmon64.exe","3448","IRP_MJ_CREATE","C:\LFS\LFSORDLL.dll","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
"10:49:50.7614346","Procmon64.exe","3448","FASTIO_QUERY_INFORMATION","C:\LFS\LFSORDLL.dll","SUCCESS","Type: QueryBasicInformationFile, CreationTime: 08/11/2013 17:36:54, LastAccessTime: 13/08/2014 10:47:29, LastWriteTime: 10/08/2014 15:14:13, ChangeTime: 13/08/2014 10:47:29, FileAttributes: ANCI"
"10:49:50.7614572","Procmon64.exe","3448","IRP_MJ_CLEANUP","C:\LFS\LFSORDLL.dll","SUCCESS",""
"10:49:50.7614837","Procmon64.exe","3448","IRP_MJ_CLOSE","C:\LFS\LFSORDLL.dll","SUCCESS",""
"10:49:50.7615840","Procmon64.exe","3448","IRP_MJ_CREATE","C:\LFS\LFSORDLL.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
"10:49:50.7616198","Procmon64.exe","3448","FASTIO_ACQUIRE_FOR_SECTION_SYNCHRONIZATION","C:\LFS\LFSORDLL.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
"10:49:50.7616424","Procmon64.exe","3448","FASTIO_ACQUIRE_FOR_CC_FLUSH","C:\LFS\LFSORDLL.dll","SUCCESS",""
"10:49:50.7618933","Procmon64.exe","3448","FASTIO_RELEASE_FOR_CC_FLUSH","C:\LFS\LFSORDLL.dll","SUCCESS",""
"10:49:50.7619116","Procmon64.exe","3448","FASTIO_RELEASE_FOR_SECTION_SYNCHRONIZATION","C:\LFS\LFSORDLL.dll","SUCCESS",""
"10:49:50.7619517","Procmon64.exe","3448","FASTIO_ACQUIRE_FOR_SECTION_SYNCHRONIZATION","C:\LFS\LFSORDLL.dll","SUCCESS","SyncType: SyncTypeOther"
"10:49:50.7619692","Procmon64.exe","3448","FASTIO_RELEASE_FOR_SECTION_SYNCHRONIZATION","C:\LFS\LFSORDLL.dll","SUCCESS",""
"10:49:50.7620025","Procmon64.exe","3448","IRP_MJ_CLEANUP","C:\LFS\LFSORDLL.dll","SUCCESS",""
"10:49:50.7620264","Procmon64.exe","3448","IRP_MJ_CLOSE","C:\LFS\LFSORDLL.dll","SUCCESS",""
"10:49:50.7621770","Procmon64.exe","3448","IRP_MJ_CREATE","C:\LFS\LFSORDLL.dll","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
"10:49:50.7622154","Procmon64.exe","3448","FASTIO_ACQUIRE_FOR_SECTION_SYNCHRONIZATION","C:\LFS\LFSORDLL.dll","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
"10:49:50.7622342","Procmon64.exe","3448","FASTIO_QUERY_INFORMATION","C:\LFS\LFSORDLL.dll","SUCCESS","Type: QueryStandardInformationFile, AllocationSize: 8,724,480, EndOfFile: 8,720,896, NumberOfLinks: 1, DeletePending: False, Directory: False"
"10:49:50.7622542","Procmon64.exe","3448","FASTIO_RELEASE_FOR_SECTION_SYNCHRONIZATION","C:\LFS\LFSORDLL.dll","SUCCESS",""
"10:49:50.7622730","Procmon64.exe","3448","FASTIO_ACQUIRE_FOR_SECTION_SYNCHRONIZATION","C:\LFS\LFSORDLL.dll","SUCCESS","SyncType: SyncTypeOther"
"10:49:50.7622909","Procmon64.exe","3448","FASTIO_RELEASE_FOR_SECTION_SYNCHRONIZATION","C:\LFS\LFSORDLL.dll","SUCCESS",""
"10:49:50.7623327","Procmon64.exe","3448","IRP_MJ_CLEANUP","C:\LFS\LFSORDLL.dll","SUCCESS",""
"10:49:50.7623566","Procmon64.exe","3448","IRP_MJ_CLOSE","C:\LFS\LFSORDLL.dll","SUCCESS",""