18:06:33    cmd.exe:3564    IRP_MJ_READ*    E:    SUCCESS    Offset: 7
+7824 Length: 4096    
18:06:33    cmd.exe:3564    IRP_MJ_READ*    E:    SUCCESS    Offset: 0
+ Length: 4096    
18:06:33    cmd.exe:3564    IRP_MJ_READ*    E:    SUCCESS    Offset: 0
+ Length: 4096    
18:06:33    cmd.exe:3564    FASTIO_QUERY_OPEN    E:\test.txt    SUCCES
+S    Attributes: A    
18:06:33    cmd.exe:3564    IRP_MJ_CREATE     E:\    SUCCESS    Option
+s: Open Directory  Access: All    
18:06:33    cmd.exe:3564    IRP_MJ_DIRECTORY_CONTROL    E:\    SUCCESS
+    FileBothDirectoryInformation: test.txt    
18:06:33    cmd.exe:3564    IRP_MJ_CLEANUP    E:\    SUCCESS        
18:06:33    cmd.exe:3564    IRP_MJ_CLOSE     E:\    SUCCESS        
18:06:33    cmd.exe:3564    IRP_MJ_CREATE     E:\test.txt    SUCCESS  
+  Options: Open  Access: All    
18:06:33    System:3564    IRP_MJ_CLEANUP    E:    SUCCESS        
18:06:33    cmd.exe:3564    IRP_MJ_READ*    E:    SUCCESS    Offset: 0
+ Length: 4096    
18:06:33    cmd.exe:3564    FASTIO_QUERY_STANDARD_INFO    E:\test.txt 
+   SUCCESS    Length: 512    
18:06:33    cmd.exe:3564    IRP_MJ_CREATE     E:\    SUCCESS    Option
+s: Open Directory  Access: All    
18:06:33    cmd.exe:3564    IRP_MJ_DIRECTORY_CONTROL    E:\    SUCCESS
+    FileBothDirectoryInformation: test.txt    
18:06:33    cmd.exe:3564    IRP_MJ_CLEANUP    E:\    SUCCESS        
18:06:33    cmd.exe:3564    IRP_MJ_CLOSE     E:\    SUCCESS        
18:06:33    cmd.exe:3564    FASTIO_QUERY_OPEN    E:\test.txt    SUCCES
+S    Attributes: A    
18:06:33    cmd.exe:3564    IRP_MJ_CREATE     E:\    SUCCESS    Option
+s: Open Directory  Access: All    
18:06:33    cmd.exe:3564    IRP_MJ_DIRECTORY_CONTROL    E:\    SUCCESS
+    FileBothDirectoryInformation: test.txt    
18:06:33    cmd.exe:3564    IRP_MJ_CLEANUP    E:\    SUCCESS        
18:06:33    cmd.exe:3564    IRP_MJ_CLOSE     E:\    SUCCESS        
18:06:33    cmd.exe:3564    FASTIO_QUERY_OPEN    E:\test.txt    SUCCES
+S    Attributes: A    
18:06:33    cmd.exe:3564    IRP_MJ_CREATE     E:\    SUCCESS    Option
+s: Open Directory  Access: All    
18:06:33    cmd.exe:3564    IRP_MJ_DIRECTORY_CONTROL    E:\    SUCCESS
+    FileBothDirectoryInformation: test.txt    
18:06:33    cmd.exe:3564    IRP_MJ_CLEANUP    E:\    SUCCESS        
18:06:33    cmd.exe:3564    IRP_MJ_CLOSE     E:\    SUCCESS        
18:06:33    cmd.exe:3564    FASTIO_QUERY_BASIC_INFO    E:\test.txt    
+SUCCESS    Attributes: A    
18:06:33    cmd.exe:3564    FASTIO_QUERY_STANDARD_INFO    E:\test.txt 
+   SUCCESS    Length: 512    
18:06:33    cmd.exe:3564    IRP_MJ_QUERY_INFORMATION    E:\test.txt   
+ SUCCESS    FileNameInformation    
18:06:33    cmd.exe:3564    FASTIO_QUERY_OPEN    E:\test.txt    SUCCES
+S    Attributes: A    
18:06:33    cmd.exe:3564    IRP_MJ_CREATE     E:\    SUCCESS    Option
+s: Open Directory  Access: All    
18:06:33    cmd.exe:3564    IRP_MJ_DIRECTORY_CONTROL    E:\    SUCCESS
+    FileBothDirectoryInformation: test.txt    
18:06:33    cmd.exe:3564    IRP_MJ_CLEANUP    E:\    SUCCESS        
18:06:33    cmd.exe:3564    IRP_MJ_CLOSE     E:\    SUCCESS        
18:06:33    cmd.exe:3564    FASTIO_QUERY_STANDARD_INFO    E:\test.txt 
+   SUCCESS    Length: 512    
18:06:33    cmd.exe:3564    FASTIO_QUERY_STANDARD_INFO    E:\test.txt 
+   SUCCESS    Length: 512    
18:06:33    cmd.exe:3564    IRP_MJ_CLEANUP    E:\test.txt    SUCCESS  
+      
18:06:33    cmd.exe:3564    IRP_MJ_CLOSE     E:\test.txt    SUCCESS   
+     
18:06:33    cmd.exe:3564    FASTIO_QUERY_OPEN    E:\    SUCCESS    Att
+ributes: DHSA    
18:06:33    cmd.exe:3564    FASTIO_QUERY_OPEN    E:\test.txt    SUCCES
+S    Attributes: A    
18:06:33    cmd.exe:3564    FASTIO_QUERY_OPEN    E:\    SUCCESS    Att
+ributes: DHSA    
18:06:33    notepad.exe:4008    IRP_MJ_CREATE     E:    SUCCESS    Opt
+ions: Open  Access: All    
18:06:33    notepad.exe:4008    IRP_MJ_QUERY_VOLUME_INFORMATION    E: 
+   BUFFER OVERFLOW    FileFsVolumeInformation    
18:06:33    notepad.exe:4008    IOCTL: 0x90120    E:    SUCCESS       
+ 
18:06:33    notepad.exe:4008    IRP_MJ_CREATE     E:\    SUCCESS    Op
+tions: Open Directory  Access: All    
18:06:33    notepad.exe:4008    IRP_MJ_DIRECTORY_CONTROL    E:\    SUC
+CESS    FileNamesInformation    
18:06:33    notepad.exe:4008    IRP_MJ_DIRECTORY_CONTROL    E:\    NO 
+MORE FILES    FileNamesInformation    
18:06:33    System:4008    IRP_MJ_CLEANUP    E:\    SUCCESS        
18:06:33    System:4008    IRP_MJ_CLOSE     E:\    SUCCESS        
18:06:33    System:4008    IRP_MJ_CLEANUP    E:    SUCCESS        
18:06:33    System:4008    IRP_MJ_CLOSE     E:    SUCCESS        
18:06:33    notepad.exe:4008    IRP_MJ_CREATE     E:\    SUCCESS    Op
+tions: Open Directory  Access: Traverse    
18:06:33    notepad.exe:4008    FSCTL_IS_VOLUME_MOUNTED    E:\    SUCC
+ESS        
18:06:33    notepad.exe:4008    IRP_MJ_CREATE     E:\    SUCCESS    Op
+tions: Open Directory  Access: All    
18:06:33    notepad.exe:4008    IRP_MJ_DIRECTORY_CONTROL    E:\    SUC
+CESS    FileBothDirectoryInformation: test.txt    
18:06:33    notepad.exe:4008    IRP_MJ_CLEANUP    E:\    SUCCESS      
+  
18:06:33    notepad.exe:4008    IRP_MJ_CLOSE     E:\    SUCCESS       
+ 
18:06:33    notepad.exe:4008    IRP_MJ_CREATE     E:\test.txt    SUCCE
+SS    Options: Open  Access: All    
18:06:33    System:4008    IRP_MJ_CLEANUP    E:    SUCCESS        
18:06:33    notepad.exe:4008    IRP_MJ_CLOSE     E:\test.txt    SUCCES
+S        
18:06:33    notepad.exe:4008    IRP_MJ_QUERY_VOLUME_INFORMATION    E:\
+test.txt    BUFFER OVERFLOW    FileFsVolumeInformation    
18:06:33    notepad.exe:4008    IRP_MJ_QUERY_INFORMATION    E:\test.tx
+t    BUFFER OVERFLOW    FileAllInformation    
18:06:33    notepad.exe:4008    FASTIO_QUERY_STANDARD_INFO    E:\test.
+txt    SUCCESS    Length: 512    
18:06:33    notepad.exe:4008    IRP_MJ_CLEANUP    E:\test.txt    SUCCE
+SS        
18:06:33    notepad.exe:4008    IRP_MJ_CLOSE     E:\test.txt    SUCCES
+S        
18:06:33    System:4    IRP_MJ_QUERY_INFORMATION    E:\test.txt    SUC
+CESS    FileNameInformation    
18:06:33    System:4    IRP_MJ_CREATE     E:    SUCCESS    Options: Op
+en  Access: All    
18:06:33    System:4    IRP_MJ_QUERY_VOLUME_INFORMATION    E:    BUFFE
+R OVERFLOW    FileFsVolumeInformation    
18:06:33    System:4    IRP_MJ_CLEANUP    E:    SUCCESS        
18:06:33    System:4    IRP_MJ_CLOSE     E:    SUCCESS        
18:06:33    notepad.exe:4008    FASTIO_QUERY_OPEN    E:\test.txt    SU
+CCESS    Attributes: A    
18:06:33    notepad.exe:4008    IRP_MJ_CREATE     E:\    SUCCESS    Op
+tions: Open Directory  Access: All    
18:06:33    notepad.exe:4008    IRP_MJ_DIRECTORY_CONTROL    E:\    SUC
+CESS    FileBothDirectoryInformation: test.txt    
18:06:33    notepad.exe:4008    IRP_MJ_CLEANUP    E:\    SUCCESS      
+  
18:06:33    notepad.exe:4008    IRP_MJ_CLOSE     E:\    SUCCESS       
+ 
18:06:35    notepad.exe:4008    IRP_MJ_CLEANUP    E:\    SUCCESS      
+  
18:06:35    notepad.exe:4008    IRP_MJ_CLOSE     E:\    SUCCESS
[download]