Skip to content

Install from .exe freezes, some commands won't run #1374

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
fredbutters opened this issue Nov 22, 2017 · 23 comments
Closed

Install from .exe freezes, some commands won't run #1374

fredbutters opened this issue Nov 22, 2017 · 23 comments
Labels
pending-answer unclear

Comments

@fredbutters
Copy link

fredbutters commented Nov 22, 2017
edited
Loading

  • [x ] I was not able to find an open or closed issue matching what I'm seeing

There is a ticket (581) for the installer freezing, but I'm unsure if it's related to some of the commands not working

Setup

  • Which version of Git for Windows are you using? Is it 32-bit or 64-bit?
$ git --version --build-options

git 2.15.0 and 2.14.2 (I tried both, same issue) 64-bit 
git version 2.14.2.windows.1
built from commit: 788debdfb6b794425a3b949dd1a0eb2425a72e96
sizeof-long: 4
machine: x86_64
  • Which version of Windows are you running? Vista, 7, 8, 10? Is it 32-bit or 64-bit?
$ cmd.exe /c ver

Windows 10 (64 bit)
Microsoft Windows [Version 10.0.14393]
  • What options did you set as part of the installation? Or did you choose the
    defaults?
# One of the following:
> type "C:\Program Files\Git\etc\install-options.txt"
> type "C:\Program Files (x86)\Git\etc\install-options.txt"
> type "%USERPROFILE%\AppData\Local\Programs\Git\etc\install-options.txt"
$ cat /etc/install-options.txt

Path Option: Cmd
SSH Option: OpenSSH
CURL Option: OpenSSL
CRLF Option: CRLFAlways
Bash Terminal Option: MinTTY
Performance Tweaks FSCache: Enabled
Use Credential Manager: Enabled
Enable Symlinks: Disabled
  • Any other interesting things about your environment that might be related
    to the issue you're seeing?
None that I know of

Details

  • Which terminal/shell are you running Git from? e.g Bash/CMD/PowerShell/other
CMD

These commands do not work. 
`git-push`
`git-stash`

These commands do work 
`git-status, branch, checkout, add, commit`
  • What did you expect to occur after running these commands?
Just expected them to work
  • What actually happened instead?
Hitting enter, the cursor just goes to the next line and sits there. I've waited up to 10 minutes without anything happening
  • If the problem was occurring with a specific repository, can you provide the
    URL to that repository to help us with testing?
Local repo and react have the same symptoms (https://github.com/facebook/react.git)
@dscho
Copy link
Member

dscho commented Nov 25, 2017

Thank you for your report.

Sadly, these instructions do not repeat the issue here (and hence the V in MVCE is not fulfilled).

Could you try again after setting the environment variable GIT_TRACE=1, and possibly monitoring what is going on using Process Monitor?

@dscho dscho added the unclear label Nov 25, 2017
@fredbutters
Copy link
Author

I ran set GIT_TRACE=1 from a Windows admin cmd window then tried running git stash again with Process Monitor running with a filter for process name = git.exe. The output in the cmd window is below, but process monitor is showing around 1,800 lines - is there anything I should be looking for? Thanks

C:\Users\<username>\Source\Repos\>git stash
09:22:37.893518 git.c:572               trace: exec: 'git-stash'
09:22:37.897032 run-command.c:626       trace: run_command: 'git-stash'

@fredbutters
Copy link
Author

fredbutters commented Nov 27, 2017
edited
Loading

If it helps, when I try to open git bash a window pops up with the title /usr/bin/bash --login -i but I'm not able to run any commands and there's not real cmd prompt. I can type text into the window but it almost acts like a text editor. I can type stuff and hit enter, which just moves the cursor to the next line and I can keep typing. That's all it does.

If I close the window it takes about 10 seconds before finally closing

@dscho
Copy link
Member

dscho commented Nov 27, 2017

process monitor is showing around 1,800 lines - is there anything I should be looking for?

You would be looking for suspicious activity during the time that git stash freezes. It may even be an antivirus taking too long...

@fredbutters
Copy link
Author

fredbutters commented Nov 28, 2017
edited
Loading

I think I'm having the same issue as #815 . The resolution on #815 was to use 2.11.0 but I tried that version and had the same problems. So far I've tried 2.11.0, 2.14.1, 2.14.2 and 2.15.0. I don't have any anti-virus running and I've disabled Windows Defender (just in case)

After the install freezes I see two instances of bash.exe and one mkdir.exe that are "stuck." If I kill he bash exe's in Task Manager the installer finishes but git-bash still doesn't work and git stash still freezes.

On another install I killed the installer and tried to uninstall but got a warning that bash.exe and mkdir.exe are in use and I need to stop them before uninstalling.

I looked at the process mon log but I honestly have no idea what I'm seeing. I could paste the whole thing in here if someone is willing to check it out but it's usually over 1,100 lines

@fredbutters
Copy link
Author

git pull isn't working either, I just noticed that. I think I pulled from within Visual Studio 2017. I enabled GIT_TRACE and it just freezes at this point.

C:\Users\<username>\Source\Repos\>git pull
16:31:18.347103 git.c:340               trace: built-in: git 'pull'
16:31:18.350600 run-command.c:626       trace: run_command: 'fetch' '--update-head-ok'
16:31:18.370820 git.c:340               trace: built-in: git 'fetch' '--update-head-ok'
16:31:18.377324 run-command.c:626       trace: run_command: 'remote-http' 'origin' 'http://tfs:8080/tfs/_git/branch'
16:31:18.395812 git.c:572               trace: exec: 'git-remote-http' 'origin' 'http://tfs:8080/tfs/_git/branch'
16:31:18.397312 run-command.c:626       trace: run_command: 'git-remote-http' 'origin' 'http://tfs:8080/tfs/_git/branch'
16:31:18.441021 run-command.c:626       trace: run_command: 'git credential-manager get'

@dscho
Copy link
Member

dscho commented Nov 29, 2017

It looks like your Bash freezes somewhere during startup (yes, Bash is used to launch credential-manager...).

Could you download the portable Git (which does not install into your Start Menu) and verify that the problem persists when you double-click git-bash.exe in the unpacked directory?

If it does, could you insert the line set -x somewhere early in the file etc\profile and then start git-bash.exe again? This should give us an idea where in the startup things get stuck.

@dori4n
Copy link

dori4n commented Nov 29, 2017

Microsoft Windows [Version 10.0.14393]

That's Windows 10 1607 (Anniversary Update), two major releases behind the current released stable version. Is there a particular reason, you are still running that and not 1703 (Creators Update) or the recently released 1709 (Fall Creators Update)? Did you run into problems upgrading? Are you installing updates at all?
Running dism /online /Cleanup-Image /RestoreHealth from an elevated command prompt may resolve the issue.

git-bash does also not work with DEP or ASLR enabled, causing similar behavior (see #1196), because the Windows binaries are built using MSYS2 or MinGW derivative build systems, which do not provide PE executables with relocatable base addresses. Normally, this would be as easy as passing the --dynamicbase command line option to MinGW when building, but that has been broken for years.

@dscho
Copy link
Member

dscho commented Nov 29, 2017

The Windows version, as well as the Address Space Layout Randomization, are unlikely to be the culprit: @fredbutters mentioned that Bash's startup process manages to execute all the way to a mkdir.exe. That means that the MSYS2 runtime is starting up, and mkdir.exe is not a program calling fork() (which would trigger the problem with ASLR reported elsewhere).

@fredbutters if you would not mind inserting that set -x, that will bring us farther along in finding out what is happening and how to fix it.

@AlphaZuluLima
Copy link

I am having what seems to be exactly the same problem that @fredbutters was having.

These are the settings I have:
set GIT_TRACE=1
set x added to etc\profile

This is the output that I see:

+ MSYS2_PATH=/usr/local/bin:/usr/bin:/bin
+ MANPATH=/usr/local/man:/usr/share/man:/usr/man:/share/man
+ INFOPATH=/usr/local/info:/usr/share/info:/usr/info:/share/info
+ case "${MSYS2_PATH_TYPE:-inherit}" in
+ ORIGINAL_PATH='/mingw64/bin:/usr/bin:/h/bin:/cmd:/c/Windows/system32:/c/Windows:/c/Windows/System32/Wbem:/c/Windows/System32/WindowsPowerShell/v1.0:/c/Program Files/COMPANY/cfn-bootstrap:/c/Program Files (x86)/Quarantine:/c/Program Files/PuTTY:/cmd:/d/Users/USERNAME/AppData/Local/Microsoft/WindowsApps'
+ unset MINGW_MOUNT_POINT
+ source /etc/msystem
++ export MSYSTEM=MINGW64
++ MSYSTEM=MINGW64
++ unset MSYSTEM_PREFIX
++ unset MSYSTEM_CARCH
++ unset MSYSTEM_CHOST
++ unset MINGW_CHOST
++ unset MINGW_PREFIX
++ unset MINGW_PACKAGE_PREFIX
++ unset CONFIG_SITE
++ case "${MSYSTEM}" in
++ MSYSTEM_PREFIX=/mingw64
++ MSYSTEM_CARCH=x86_64
++ MSYSTEM_CHOST=x86_64-w64-mingw32
++ MINGW_CHOST=x86_64-w64-mingw32
++ MINGW_PREFIX=/mingw64
++ MINGW_PACKAGE_PREFIX=mingw-w64-x86_64
++ CONFIG_SITE=/mingw64/etc/config.site
++ export MSYSTEM_PREFIX MSYSTEM_CARCH MSYSTEM_CHOST MINGW_CHOST MINGW_PREFIX MINGW_PACKAGE_PREFIX CONFIG_SITE
+ case "${MSYSTEM}" in
+ MINGW_MOUNT_POINT=/mingw64
+ PATH='/mingw64/bin:/usr/local/bin:/usr/bin:/bin:/mingw64/bin:/usr/bin:/h/bin:/cmd:/c/Windows/system32:/c/Windows:/c/Windows/System32/Wbem:/c/Windows/System32/WindowsPowerShell/v1.0:/c/Program Files/COMPANY/cfn-bootstrap:/c/Program Files (x86)/Quarantine:/c/Program Files/PuTTY:/cmd:/d/Users/USERNAME/AppData/Local/Microsoft/WindowsApps'
+ PKG_CONFIG_PATH=/mingw64/lib/pkgconfig:/mingw64/share/pkgconfig
+ ACLOCAL_PATH=/mingw64/share/aclocal:/usr/share/aclocal
+ MANPATH=/mingw64/share/man:/usr/local/man:/usr/share/man:/usr/man:/share/man
+ MAYBE_FIRST_START=false
+ SYSCONFDIR=/etc
+ ORIGINAL_TMP=/tmp
+ ORIGINAL_TEMP=/tmp
+ case "$TMP" in
+ case "$TEMP" in
+ test -d ''
+ test '!' -d /tmp
+ TMPDIR=/tmp
+ export TMPDIR
++ export LC_COLLATE=C
++ LC_COLLATE=C
++ echo /etc/post-install/01-devices.post /etc/post-install/03-mtab.post /etc/post-install/06-windows-files.post /etc/post-install/99-post-install-cleanup.post
+ for postinst in $(export LC_COLLATE=C; echo /etc/post-install/*.post)
+ '[' -e /etc/post-install/01-devices.post ']'
+ . /etc/post-install/01-devices.post
++ maybe_create_devs
++ local DEVDIR=/dev
++ '[' -e /dev -a '!' -d /dev ']'
++ mkdir -m 755 /dev

@AlphaZuluLima
Copy link

Nothing has changed in the /usr/bin/bash --login -i window in hours.

@dscho
Copy link
Member

dscho commented Dec 1, 2017

@AlphaZuluLima thanks for testing this. Does the directory C:\Program Files\Git\dev exist at that stage? What file system do you use on C:? Does it work if you edit C:\Program Files\Git\etc\post-install'01-devices.post (as administrator) and delete the -m 755 in mkdir -m 755 /dev?

@AlphaZuluLima
Copy link

Does the directory C:\Program Files\Git\dev exist at that stage?
No

What file system do you use on C:?
NTFS

Does it work if you edit C:\Program Files\Git\etc\post-install\01-devices.post (as administrator) and delete the -m 755 in mkdir -m 755 /dev?
No. I still hangs here:

++ maybe_create_devs
++ local DEVDIR=/dev
++ '[' -e /dev -a '!' -d /dev ']'
++ mkdir /dev

@dscho
Copy link
Member

dscho commented Dec 1, 2017

Hm. Sorry. I hoped this would shed some light into the issue.

Would you kindly try again while running ProcMon? I hope to find out what is happening there...

@fredbutters
Copy link
Author

Apologies for the late reply. I can run ProcMon and paste the output here. Can I filter it by ProcessName=git.exe or do you need more than that?

@dscho
Copy link
Member

dscho commented Dec 7, 2017

Can I filter it by ProcessName=git.exe or do you need more than that?

I think the best would be to filter by C:\Program Files\Git, and to see whether there are notable lags (i.e. differences between consecutive timestamps) in the log.

@fredbutters
Copy link
Author

fredbutters commented Dec 8, 2017
edited
Loading

Filtering by that path C:\Program Files\Git gave me no results. Here is the log filtered by ProcessName=git.exe when I run git stash. I can try something else if this doesn't help.

10:11:00.2499139 AM	git.exe	22684	Process Start		SUCCESS	Parent PID: 4000, Command line: git  stash, Current directory: C:\Users\<username>\Source\Repos\WebSite\, Environment: 
	=C:=C:\Users\<username>\Source\Repos\WebSite
	=ExitCode=C000013A
	ALLUSERSPROFILE=C:\ProgramData
	APPDATA=C:\Users\<username>\AppData\Roaming
	CommonProgramFiles=C:\Program Files (x86)\Common Files
	CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files
	CommonProgramW6432=C:\Program Files\Common Files
	COMPLUS_InstallRoot=
	COMPLUS_Version=
	COMPUTERNAME=<MACHINENAME>
	ComSpec=C:\WINDOWS\system32\cmd.exe
	FPS_BROWSER_APP_PROFILE_STRING=Internet Explorer
	FPS_BROWSER_USER_PROFILE_STRING=Default
	HOMEDRIVE=C:
	HOMEPATH=\Users\<username>
	IIS_BIN=C:\Program Files (x86)\Microsoft Visual Studio\2017\Professional\Common7\IDE
	IIS_DRIVE=C:
	IIS_SITES_HOME=C:\Users\<username>\Documents\My Web Sites
	IIS_USER_HOME=C:\Users\<username>\Documents\IISExpress
	LOCALAPPDATA=C:\Users\<username>\AppData\Local
	LOGONSERVER=\\<DOMAINCONTROLLER>
	MSBuildLoadMicrosoftTargetsReadOnly=true
	NUMBER_OF_PROCESSORS=8
	OS=Windows_NT
	Path=.\node_modules\.bin;C:\Program Files (x86)\iis express\PHP\v5.6;C:\WINDOWS\system32\inetsrv;C:\Program Files (x86)\iis express\PHP\v5.5;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Users\<username>\.dnx\bin;C:\Program Files\Microsoft DNX\Dnvm\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\Client SDK\ODBC\130\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\130\DTS\Binn\;C:\Program Files (x86)\Microsoft SQL Server\130\Tools\Binn\ManagementStudio\;C:\CompanyNameDev\Tools\tf.exe;C:\Program Files\nodejs;C:\Program Files (x86)\Bitvise SSH Client;C:\batch;C:\Program Files\nodejs\;C:\Program Files\dotnet\;C:\Program Files (x86)\Microsoft Team Foundation Server 2015 Power Tools\;C:\Program Files (x86)\Microsoft Visual Studio\2017\Professional\Common7\IDE\CommonExtensions\Microsoft\TeamFoundation\Team Explorer;C:\Program Files (x86)\GitExtensions\;C:\Program Files\Git\cmd;C:\Program Files (x86)\Microsoft VS Code\bin;C:\Users\<username>\AppData\Local\Microsoft\WindowsApps;C:\Users\<username>\AppData\Local\Programs\Fiddler;C:\Users\<username>\AppData\Local\Yarn\bin;C:\Users\<username>\AppData\Roaming\npm;C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\Extensions\Microsoft\Web Tools\External
	PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
	PkgDefApplicationConfigFile=C:\Users\<username>\AppData\Local\Microsoft\VisualStudio\15.0_fd8d9c66\devenv.exe.config
	PROCESSOR_ARCHITECTURE=x86
	PROCESSOR_ARCHITEW6432=AMD64
	PROCESSOR_IDENTIFIER=Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
	PROCESSOR_LEVEL=6
	PROCESSOR_REVISION=3c03
	ProgramData=C:\ProgramData
	ProgramFiles=C:\Program Files (x86)
	ProgramFiles(x86)=C:\Program Files (x86)
	ProgramW6432=C:\Program Files
	PROMPT=$P$G
	PSModulePath=C:\Program Files\WindowsPowerShell\Modules;C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules;C:\Program Files (x86)\Microsoft SQL Server\130\Tools\PowerShell\Modules\
	PUBLIC=C:\Users\Public
	QT_DEVICE_PIXEL_RATIO=auto
	SystemDrive=C:
	SystemRoot=C:\WINDOWS
	TEMP=C:\Users\<user>~1.<user>\AppData\Local\Temp
	TFSPowerToolDir=C:\Program Files (x86)\Microsoft Team Foundation Server 2015 Power Tools\
	TMP=C:\Users\<user>~1.<user>\AppData\Local\Temp
	USERDNSDOMAIN=CompanyName.NET
	USERDOMAIN=CompanyName
	USERDOMAIN_ROAMINGPROFILE=CompanyName
	USERNAME=<username>
	USERPROFILE=C:\Users\<username>
	VisualStudioDir=C:\Users\<username>\Documents\Visual Studio 2017
	VisualStudioEdition=Microsoft Visual Studio Professional 2017
	VisualStudioVersion=15.0
	VS140COMNTOOLS=C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\Tools\
	VSAPPIDDIR=C:\Program Files (x86)\Microsoft Visual Studio\2017\Professional\Common7\IDE\
	VSAPPIDNAME=devenv.exe
	VSLANG=1033
	VSSKUEDITION=Professional
	windir=C:\WINDOWS
	__COMPAT_LAYER=Installer
10:11:00.2499461 AM	git.exe	22684	Thread Create		SUCCESS	Thread ID: 23200
10:11:00.2550203 AM	git.exe	22684	Load Image	C:\Program Files\Git\cmd\git.exe	SUCCESS	Image Base: 0xa90000, Image Size: 0x51000
10:11:00.2550922 AM	git.exe	22684	Load Image	C:\Windows\System32\ntdll.dll	SUCCESS	Image Base: 0x7ffb28290000, Image Size: 0x1d2000
10:11:00.2552783 AM	git.exe	22684	CreateFile	C:\Windows\Prefetch\GIT.EXE-52A8D03B.pf	SUCCESS	Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: None, AllocationSize: n/a, OpenResult: Opened
10:11:00.2554215 AM	git.exe	22684	QuerySecurityFile	C:\Windows\Prefetch\GIT.EXE-52A8D03B.pf	SUCCESS	Information: Attribute
10:11:00.2554371 AM	git.exe	22684	QueryStandardInformationFile	C:\Windows\Prefetch\GIT.EXE-52A8D03B.pf	SUCCESS	AllocationSize: 8,192, EndOfFile: 4,898, NumberOfLinks: 1, DeletePending: False, Directory: False
10:11:00.2554657 AM	git.exe	22684	ReadFile	C:\Windows\Prefetch\GIT.EXE-52A8D03B.pf	SUCCESS	Offset: 0, Length: 4,898, Priority: Normal
10:11:00.2555973 AM	git.exe	22684	CloseFile	C:\Windows\Prefetch\GIT.EXE-52A8D03B.pf	SUCCESS	
10:11:00.2643875 AM	git.exe	22684	RegOpenKey	HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Segment Heap	REPARSE	Desired Access: Query Value
10:11:00.2645410 AM	git.exe	22684	RegOpenKey	HKLM\System\CurrentControlSet\Control\Session Manager\Segment Heap	NAME NOT FOUND	Desired Access: Query Value
10:11:00.2650814 AM	git.exe	22684	CreateFile	C:\Users\<username>\Source\Repos\WebSite	SUCCESS	Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened
10:11:00.2651390 AM	git.exe	22684	QuerySecurityFile	C:\Users\<username>\Source\Repos\WebSite	SUCCESS	Information: Attribute
10:11:00.2653077 AM	git.exe	22684	Load Image	C:\Windows\System32\kernel32.dll	SUCCESS	Image Base: 0x7ffb281e0000, Image Size: 0xac000
10:11:00.2654304 AM	git.exe	22684	Load Image	C:\Windows\System32\KernelBase.dll	SUCCESS	Image Base: 0x7ffb24a30000, Image Size: 0x21d000
10:11:00.2669561 AM	git.exe	22684	RegQueryValue	HKLM\System\CurrentControlSet\Control\WMI\Security\05f95efe-7f75-49c7-a994-60a55cc09571	NAME NOT FOUND	Length: 524
10:11:00.2672636 AM	git.exe	22684	RegOpenKey	HKLM\System\CurrentControlSet\Control\Terminal Server	REPARSE	Desired Access: Read
10:11:00.2673537 AM	git.exe	22684	RegOpenKey	HKLM\System\CurrentControlSet\Control\Terminal Server	SUCCESS	Desired Access: Read
10:11:00.2674586 AM	git.exe	22684	RegQueryValue	HKLM\System\CurrentControlSet\Control\Terminal Server\TSAppCompat	NAME NOT FOUND	Length: 548
10:11:00.2675023 AM	git.exe	22684	RegQueryValue	HKLM\System\CurrentControlSet\Control\Terminal Server\TSUserEnabled	SUCCESS	Type: REG_DWORD, Length: 4, Data: 0
10:11:00.2675594 AM	git.exe	22684	RegCloseKey	HKLM\System\CurrentControlSet\Control\Terminal Server	SUCCESS	
10:11:00.2678325 AM	git.exe	22684	RegOpenKey	HKLM\System\CurrentControlSet\Control\SafeBoot\Option	REPARSE	Desired Access: Query Value, Set Value
10:11:00.2678914 AM	git.exe	22684	RegOpenKey	HKLM\System\CurrentControlSet\Control\SafeBoot\Option	NAME NOT FOUND	Desired Access: Query Value, Set Value
10:11:00.2679472 AM	git.exe	22684	RegOpenKey	HKLM\System\CurrentControlSet\Control\Srp\GP\DLL	REPARSE	Desired Access: Read
10:11:00.2679869 AM	git.exe	22684	RegOpenKey	HKLM\System\CurrentControlSet\Control\Srp\GP\DLL	NAME NOT FOUND	Desired Access: Read
10:11:00.2680347 AM	git.exe	22684	RegOpenKey	HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers	SUCCESS	Desired Access: Query Value
10:11:00.2681520 AM	git.exe	22684	RegQueryValue	HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\TransparentEnabled	NAME NOT FOUND	Length: 80
10:11:00.2681837 AM	git.exe	22684	RegCloseKey	HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers	SUCCESS	
10:11:00.2682350 AM	git.exe	22684	RegOpenKey	HKCU\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers	NAME NOT FOUND	Desired Access: Query Value
10:11:00.2688459 AM	git.exe	22684	CreateFile	C:\Windows\System32\apphelp.dll	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.2689321 AM	git.exe	22684	QueryBasicInformationFile	C:\Windows\System32\apphelp.dll	SUCCESS	CreationTime: 7/16/2016 3:42:16 AM, LastAccessTime: 12/8/2017 10:10:59 AM, LastWriteTime: 7/16/2016 3:42:16 AM, ChangeTime: 12/5/2016 8:24:49 AM, FileAttributes: A
10:11:00.2689553 AM	git.exe	22684	CloseFile	C:\Windows\System32\apphelp.dll	SUCCESS	
10:11:00.2691721 AM	git.exe	22684	CreateFile	C:\Windows\System32\apphelp.dll	SUCCESS	Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.2694314 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\apphelp.dll	SUCCESS	Information: Attribute
10:11:00.2694667 AM	git.exe	22684	ReadFile	C:\Windows\System32\apphelp.dll	SUCCESS	Offset: 0, Length: 64
10:11:00.2695327 AM	git.exe	22684	ReadFile	C:\Windows\System32\apphelp.dll	SUCCESS	Offset: 248, Length: 26
10:11:00.2695858 AM	git.exe	22684	QueryStandardInformationFile	C:\Windows\System32\apphelp.dll	SUCCESS	AllocationSize: 483,328, EndOfFile: 481,280, NumberOfLinks: 2, DeletePending: False, Directory: False
10:11:00.2696202 AM	git.exe	22684	QueryFileInternalInformationFile	C:\Windows\System32\apphelp.dll	SUCCESS	IndexNumber: 0x500000007bbfa
10:11:00.2696470 AM	git.exe	22684	QueryInformationVolume	C:\Windows\System32\apphelp.dll	SUCCESS	VolumeCreationTime: 1/29/2016 10:36:22 PM, VolumeSerialNumber: A889-8181, SupportsObjects: True, VolumeLabel: OS
10:11:00.2696880 AM	git.exe	22684	CreateFileMapping	C:\Windows\System32\apphelp.dll	FILE LOCKED WITH ONLY READERS	SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE|PAGE_NOCACHE
10:11:00.2697219 AM	git.exe	22684	CreateFileMapping	C:\Windows\System32\apphelp.dll	SUCCESS	SyncType: SyncTypeOther
10:11:00.2698014 AM	git.exe	22684	Load Image	C:\Windows\System32\apphelp.dll	SUCCESS	Image Base: 0x7ffb22b30000, Image Size: 0x7a000
10:11:00.2701619 AM	git.exe	22684	CreateFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.2702431 AM	git.exe	22684	QueryBasicInformationFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	CreationTime: 7/13/2016 10:30:20 PM, LastAccessTime: 12/8/2017 10:10:59 AM, LastWriteTime: 7/13/2016 10:30:20 PM, ChangeTime: 12/6/2017 4:03:04 PM, FileAttributes: A
10:11:00.2702663 AM	git.exe	22684	CloseFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	
10:11:00.2704399 AM	git.exe	22684	CreateFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.2705087 AM	git.exe	22684	QuerySecurityFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	Information: Attribute
10:11:00.2705475 AM	git.exe	22684	ReadFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	Offset: 0, Length: 64
10:11:00.2706010 AM	git.exe	22684	ReadFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	Offset: 240, Length: 26
10:11:00.2706278 AM	git.exe	22684	QueryStandardInformationFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	AllocationSize: 86,016, EndOfFile: 85,816, NumberOfLinks: 1, DeletePending: False, Directory: False
10:11:00.2706698 AM	git.exe	22684	QueryFileInternalInformationFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	IndexNumber: 0x140000000ed999
10:11:00.2707028 AM	git.exe	22684	QueryInformationVolume	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	VolumeCreationTime: 1/29/2016 10:36:22 PM, VolumeSerialNumber: A889-8181, SupportsObjects: True, VolumeLabel: OS
10:11:00.2707362 AM	git.exe	22684	CreateFileMapping	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	FILE LOCKED WITH ONLY READERS	SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE|PAGE_NOCACHE
10:11:00.2707777 AM	git.exe	22684	CreateFileMapping	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	SyncType: SyncTypeOther
10:11:00.2708474 AM	git.exe	22684	Load Image	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	Image Base: 0x7ffb21990000, Image Size: 0x17000
10:11:00.2709513 AM	git.exe	22684	RegOpenKey	HKCU	SUCCESS	Desired Access: Maximum Allowed, Granted Access: All Access
10:11:00.2710187 AM	git.exe	22684	RegOpenKey	HKCU\Control Panel\Desktop\MuiCached\MachineLanguageConfiguration	NAME NOT FOUND	Desired Access: Read
10:11:00.2710584 AM	git.exe	22684	RegCloseKey	HKCU	SUCCESS	
10:11:00.2710892 AM	git.exe	22684	RegOpenKey	HKLM\Software\Policies\Microsoft\MUI\Settings	NAME NOT FOUND	Desired Access: Read
10:11:00.2711486 AM	git.exe	22684	RegOpenKey	HKCU	SUCCESS	Desired Access: Maximum Allowed, Granted Access: All Access
10:11:00.2712271 AM	git.exe	22684	RegOpenKey	HKCU\Software\Policies\Microsoft\Control Panel\Desktop	NAME NOT FOUND	Desired Access: Read
10:11:00.2712771 AM	git.exe	22684	RegOpenKey	HKCU\Control Panel\Desktop\LanguageConfiguration	SUCCESS	Desired Access: Read
10:11:00.2713338 AM	git.exe	22684	RegEnumValue	HKCU\Control Panel\Desktop\LanguageConfiguration	NO MORE ENTRIES	Index: 0, Length: 512
10:11:00.2713637 AM	git.exe	22684	RegCloseKey	HKCU\Control Panel\Desktop\LanguageConfiguration	SUCCESS	
10:11:00.2713775 AM	git.exe	22684	RegCloseKey	HKCU	SUCCESS	
10:11:00.2713971 AM	git.exe	22684	RegOpenKey	HKLM\Software\Policies\Microsoft\MUI\Settings	NAME NOT FOUND	Desired Access: Read
10:11:00.2714373 AM	git.exe	22684	RegOpenKey	HKCU	SUCCESS	Desired Access: Maximum Allowed, Granted Access: All Access
10:11:00.2714739 AM	git.exe	22684	RegOpenKey	HKCU\Software\Policies\Microsoft\Control Panel\Desktop	NAME NOT FOUND	Desired Access: Read
10:11:00.2715007 AM	git.exe	22684	RegOpenKey	HKCU\Control Panel\Desktop	SUCCESS	Desired Access: Read
10:11:00.2715431 AM	git.exe	22684	RegQueryValue	HKCU\Control Panel\Desktop\PreferredUILanguages	BUFFER OVERFLOW	Length: 12
10:11:00.2715707 AM	git.exe	22684	RegQueryValue	HKCU\Control Panel\Desktop\PreferredUILanguages	SUCCESS	Type: REG_MULTI_SZ, Length: 12, Data: en-US
10:11:00.2715966 AM	git.exe	22684	RegCloseKey	HKCU\Control Panel\Desktop	SUCCESS	
10:11:00.2716087 AM	git.exe	22684	RegCloseKey	HKCU	SUCCESS	
10:11:00.2716261 AM	git.exe	22684	RegOpenKey	HKLM\Software\Policies\Microsoft\MUI\Settings	NAME NOT FOUND	Desired Access: Read
10:11:00.2716604 AM	git.exe	22684	RegOpenKey	HKCU	SUCCESS	Desired Access: Maximum Allowed, Granted Access: All Access
10:11:00.2717046 AM	git.exe	22684	RegOpenKey	HKCU\Control Panel\Desktop\MuiCached	SUCCESS	Desired Access: Read
10:11:00.2717666 AM	git.exe	22684	RegQueryValue	HKCU\Control Panel\Desktop\MuiCached\MachinePreferredUILanguages	BUFFER OVERFLOW	Length: 12
10:11:00.2718028 AM	git.exe	22684	RegQueryValue	HKCU\Control Panel\Desktop\MuiCached\MachinePreferredUILanguages	SUCCESS	Type: REG_MULTI_SZ, Length: 12, Data: en-US
10:11:00.2718452 AM	git.exe	22684	RegCloseKey	HKCU\Control Panel\Desktop\MuiCached	SUCCESS	
10:11:00.2718684 AM	git.exe	22684	RegCloseKey	HKCU	SUCCESS	
10:11:00.2719692 AM	git.exe	22684	RegOpenKey	HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide	SUCCESS	Desired Access: Read
10:11:00.2720362 AM	git.exe	22684	RegQueryValue	HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\PreferExternalManifest	NAME NOT FOUND	Length: 20
10:11:00.2721031 AM	git.exe	22684	RegCloseKey	HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide	SUCCESS	
10:11:00.2723499 AM	git.exe	22684	CreateFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.2724556 AM	git.exe	22684	QuerySecurityFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	Information: Attribute
10:11:00.2724833 AM	git.exe	22684	QueryBasicInformationFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	CreationTime: 7/13/2016 10:30:20 PM, LastAccessTime: 12/8/2017 10:10:59 AM, LastWriteTime: 7/13/2016 10:30:20 PM, ChangeTime: 12/6/2017 4:03:04 PM, FileAttributes: A
10:11:00.2726408 AM	git.exe	22684	CloseFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	
10:11:00.2727832 AM	git.exe	22684	CloseFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	
10:11:00.2731143 AM	git.exe	22684	RegOpenKey	HKLM\SYSTEM\CurrentControlSet\Control\Lsa	REPARSE	Desired Access: Query Value
10:11:00.2731754 AM	git.exe	22684	RegOpenKey	HKLM\System\CurrentControlSet\Control\Lsa	SUCCESS	Desired Access: Query Value
10:11:00.2732424 AM	git.exe	22684	RegQueryValue	HKLM\System\CurrentControlSet\Control\Lsa\LsaPid	SUCCESS	Type: REG_DWORD, Length: 4, Data: 900
10:11:00.2732892 AM	git.exe	22684	RegCloseKey	HKLM\System\CurrentControlSet\Control\Lsa	SUCCESS	
10:11:00.2873594 AM	git.exe	22684	CloseFile	C:\Windows\System32\apphelp.dll	SUCCESS	
10:11:00.2874718 AM	git.exe	22684	RegQueryValue	HKLM\System\CurrentControlSet\Control\WMI\Security\8ccca27d-f1d8-4dda-b5dd-339aee937731	NAME NOT FOUND	Length: 524
10:11:00.2876120 AM	git.exe	22684	RegOpenKey	HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags	SUCCESS	Desired Access: Query Value
10:11:00.2876999 AM	git.exe	22684	RegQueryValue	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\LogFlags	NAME NOT FOUND	Length: 20
10:11:00.2877360 AM	git.exe	22684	RegCloseKey	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags	SUCCESS	
10:11:00.2877954 AM	git.exe	22684	RegQueryValue	HKLM\System\CurrentControlSet\Control\WMI\Security\18608e62-a628-49d9-8c02-55972e097d24	NAME NOT FOUND	Length: 524
10:11:00.2879520 AM	git.exe	22684	RegOpenKey	HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags	SUCCESS	Desired Access: Query Value
10:11:00.2880189 AM	git.exe	22684	RegQueryValue	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\ShowDebugInfo	NAME NOT FOUND	Length: 20
10:11:00.2880488 AM	git.exe	22684	RegCloseKey	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags	SUCCESS	
10:11:00.2884647 AM	git.exe	22684	CreateFile	C:\Program Files\Git\cmd\git.exe	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.2886678 AM	git.exe	22684	QuerySecurityFile	C:\Program Files\Git\cmd\git.exe	SUCCESS	Information: Attribute
10:11:00.2887503 AM	git.exe	22684	QuerySecurityFile	C:\Program Files\Git\cmd\git.exe	BUFFER OVERFLOW	Information: Owner
10:11:00.2887829 AM	git.exe	22684	QuerySecurityFile	C:\Program Files\Git\cmd\git.exe	SUCCESS	Information: Owner
10:11:00.2888213 AM	git.exe	22684	CloseFile	C:\Program Files\Git\cmd\git.exe	SUCCESS	
10:11:00.2891105 AM	git.exe	22684	CreateFile	C:\Windows\System32\ntdll.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.2892247 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\ntdll.dll	SUCCESS	Information: Attribute
10:11:00.2892528 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\ntdll.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.2892773 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\ntdll.dll	SUCCESS	Information: Owner
10:11:00.2893251 AM	git.exe	22684	CloseFile	C:\Windows\System32\ntdll.dll	SUCCESS	
10:11:00.2896513 AM	git.exe	22684	CreateFile	C:\Windows\System32\kernel32.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.2897655 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\kernel32.dll	SUCCESS	Information: Attribute
10:11:00.2897950 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\kernel32.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.2898463 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\kernel32.dll	SUCCESS	Information: Owner
10:11:00.2898936 AM	git.exe	22684	CloseFile	C:\Windows\System32\kernel32.dll	SUCCESS	
10:11:00.2902417 AM	git.exe	22684	CreateFile	C:\Windows\System32\KernelBase.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.2903434 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\KernelBase.dll	SUCCESS	Information: Attribute
10:11:00.2903818 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\KernelBase.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.2904144 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\KernelBase.dll	SUCCESS	Information: Owner
10:11:00.2904425 AM	git.exe	22684	CloseFile	C:\Windows\System32\KernelBase.dll	SUCCESS	
10:11:00.2908040 AM	git.exe	22684	CreateFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.2909070 AM	git.exe	22684	QuerySecurityFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	Information: Attribute
10:11:00.2909597 AM	git.exe	22684	QuerySecurityFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.2909887 AM	git.exe	22684	QuerySecurityFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	Information: Owner
10:11:00.2910155 AM	git.exe	22684	CloseFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	
10:11:00.2913752 AM	git.exe	22684	CreateFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened
10:11:00.2916746 AM	git.exe	22684	QuerySecurityFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	Information: Attribute
10:11:00.2917045 AM	git.exe	22684	QueryStandardInformationFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	AllocationSize: 557,056, EndOfFile: 554,138, NumberOfLinks: 2, DeletePending: False, Directory: False
10:11:00.2917451 AM	git.exe	22684	QueryStandardInformationFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	AllocationSize: 557,056, EndOfFile: 554,138, NumberOfLinks: 2, DeletePending: False, Directory: False
10:11:00.2918031 AM	git.exe	22684	CreateFileMapping	C:\Windows\AppPatch\apppatch64\sysmain.sdb	FILE LOCKED WITH ONLY READERS	SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE|PAGE_NOCACHE
10:11:00.2918299 AM	git.exe	22684	QueryStandardInformationFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	AllocationSize: 557,056, EndOfFile: 554,138, NumberOfLinks: 2, DeletePending: False, Directory: False
10:11:00.2919173 AM	git.exe	22684	CreateFileMapping	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	SyncType: SyncTypeOther
10:11:00.2923636 AM	git.exe	22684	CreateFile	C:\Program Files\Git\cmd\git.exe	SUCCESS	Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened
10:11:00.2924876 AM	git.exe	22684	QuerySecurityFile	C:\Program Files\Git\cmd\git.exe	SUCCESS	Information: Attribute
10:11:00.2925448 AM	git.exe	22684	RegOpenKey	HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders	SUCCESS	Desired Access: Query Value
10:11:00.2926554 AM	git.exe	22684	RegQueryValue	HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache	SUCCESS	Type: REG_SZ, Length: 154, Data: C:\Users\<username>\AppData\Local\Microsoft\Windows\Temporary Internet Files
10:11:00.2927170 AM	git.exe	22684	RegCloseKey	HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders	SUCCESS	
10:11:00.2927692 AM	git.exe	22684	QuerySecurityFile	C:\Program Files\Git\cmd\git.exe	SUCCESS	Information: Owner, Group, DACL, SACL, Label, Process Trust Label
10:11:00.2930986 AM	git.exe	22684	CreateFile	C:\Windows\AppPatch\sysmain.sdb	SUCCESS	Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened
10:11:00.2933993 AM	git.exe	22684	QuerySecurityFile	C:\Windows\AppPatch\sysmain.sdb	SUCCESS	Information: Attribute
10:11:00.2934328 AM	git.exe	22684	QueryBasicInformationFile	C:\Windows\AppPatch\sysmain.sdb	SUCCESS	CreationTime: 10/17/2017 2:26:31 PM, LastAccessTime: 10/17/2017 2:26:31 PM, LastWriteTime: 9/17/2017 5:09:15 PM, ChangeTime: 10/18/2017 12:44:21 PM, FileAttributes: A
10:11:00.2934993 AM	git.exe	22684	CloseFile	C:\Windows\AppPatch\sysmain.sdb	SUCCESS	
10:11:00.2937831 AM	git.exe	22684	CreateFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened
10:11:00.2940392 AM	git.exe	22684	QuerySecurityFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	Information: Attribute
10:11:00.2940941 AM	git.exe	22684	QueryBasicInformationFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	CreationTime: 10/17/2017 2:25:46 PM, LastAccessTime: 10/17/2017 2:25:46 PM, LastWriteTime: 9/17/2017 5:15:39 PM, ChangeTime: 10/18/2017 12:44:21 PM, FileAttributes: A
10:11:00.2941544 AM	git.exe	22684	CloseFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	
10:11:00.2942534 AM	git.exe	22684	QueryBasicInformationFile	C:\Program Files\Git\cmd\git.exe	SUCCESS	CreationTime: 12/4/2017 10:28:45 AM, LastAccessTime: 12/8/2017 10:11:00 AM, LastWriteTime: 10/30/2017 10:19:00 AM, ChangeTime: 12/4/2017 10:28:45 AM, FileAttributes: A
10:11:00.2943248 AM	git.exe	22684	CloseFile	C:\Program Files\Git\cmd\git.exe	SUCCESS	
10:11:00.2946412 AM	git.exe	22684	CreateFile	C:\Program Files\Git\cmd\git.exe	SUCCESS	Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened
10:11:00.2947564 AM	git.exe	22684	QuerySecurityFile	C:\Program Files\Git\cmd\git.exe	SUCCESS	Information: Attribute
10:11:00.2948237 AM	git.exe	22684	RegOpenKey	HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders	SUCCESS	Desired Access: Query Value
10:11:00.2949541 AM	git.exe	22684	RegQueryValue	HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache	SUCCESS	Type: REG_SZ, Length: 154, Data: C:\Users\<username>\AppData\Local\Microsoft\Windows\Temporary Internet Files
10:11:00.2950009 AM	git.exe	22684	RegCloseKey	HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders	SUCCESS	
10:11:00.2950375 AM	git.exe	22684	QuerySecurityFile	C:\Program Files\Git\cmd\git.exe	SUCCESS	Information: Owner, Group, DACL, SACL, Label, Process Trust Label
10:11:00.2950678 AM	git.exe	22684	QueryBasicInformationFile	C:\Program Files\Git\cmd\git.exe	SUCCESS	CreationTime: 12/4/2017 10:28:45 AM, LastAccessTime: 12/8/2017 10:11:00 AM, LastWriteTime: 10/30/2017 10:19:00 AM, ChangeTime: 12/4/2017 10:28:45 AM, FileAttributes: A
10:11:00.2951468 AM	git.exe	22684	CloseFile	C:\Program Files\Git\cmd\git.exe	SUCCESS	
10:11:00.2954030 AM	git.exe	22684	RegOpenKey	HKLM\SYSTEM\CurrentControlSet\Control\Session Manager	REPARSE	Desired Access: Query Value, Enumerate Sub Keys
10:11:00.2954637 AM	git.exe	22684	RegOpenKey	HKLM\System\CurrentControlSet\Control\Session Manager	SUCCESS	Desired Access: Query Value, Enumerate Sub Keys
10:11:00.2955342 AM	git.exe	22684	RegQueryValue	HKLM\System\CurrentControlSet\Control\Session Manager\ResourcePolicies	NAME NOT FOUND	Length: 24
10:11:00.2956676 AM	git.exe	22684	RegCloseKey	HKLM\System\CurrentControlSet\Control\Session Manager	SUCCESS	
10:11:00.2957734 AM	git.exe	22684	CloseFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	
10:11:00.2963325 AM	git.exe	22684	CreateFile	C:\Windows\System32\apphelp.dll	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.2964561 AM	git.exe	22684	QueryBasicInformationFile	C:\Windows\System32\apphelp.dll	SUCCESS	CreationTime: 7/16/2016 3:42:16 AM, LastAccessTime: 12/8/2017 10:11:00 AM, LastWriteTime: 7/16/2016 3:42:16 AM, ChangeTime: 12/5/2016 8:24:49 AM, FileAttributes: A
10:11:00.2965079 AM	git.exe	22684	CloseFile	C:\Windows\System32\apphelp.dll	SUCCESS	
10:11:00.2972286 AM	git.exe	22684	CreateFile	C:\Windows\System32\apphelp.dll	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.2974231 AM	git.exe	22684	QueryBasicInformationFile	C:\Windows\System32\apphelp.dll	SUCCESS	CreationTime: 7/16/2016 3:42:16 AM, LastAccessTime: 12/8/2017 10:11:00 AM, LastWriteTime: 7/16/2016 3:42:16 AM, ChangeTime: 12/5/2016 8:24:49 AM, FileAttributes: A
10:11:00.2975235 AM	git.exe	22684	CloseFile	C:\Windows\System32\apphelp.dll	SUCCESS	
10:11:00.2982224 AM	git.exe	22684	Load Image	C:\Windows\System32\msvcrt.dll	SUCCESS	Image Base: 0x7ffb258b0000, Image Size: 0x9e000
10:11:00.2984227 AM	git.exe	22684	Load Image	C:\Windows\System32\shell32.dll	SUCCESS	Image Base: 0x7ffb26ae0000, Image Size: 0x1508000
10:11:00.2993706 AM	git.exe	22684	Load Image	C:\Windows\System32\cfgmgr32.dll	SUCCESS	Image Base: 0x7ffb24dd0000, Image Size: 0x42000
10:11:00.2998815 AM	git.exe	22684	Load Image	C:\Windows\System32\windows.storage.dll	SUCCESS	Image Base: 0x7ffb24e20000, Image Size: 0x6d8000
10:11:00.3002755 AM	git.exe	22684	Load Image	C:\Windows\System32\combase.dll	SUCCESS	Image Base: 0x7ffb26510000, Image Size: 0x2c8000
10:11:00.3004295 AM	git.exe	22684	Load Image	C:\Windows\System32\ucrtbase.dll	SUCCESS	Image Base: 0x7ffb25680000, Image Size: 0xf5000
10:11:00.3014144 AM	git.exe	22684	Load Image	C:\Windows\System32\rpcrt4.dll	SUCCESS	Image Base: 0x7ffb280b0000, Image Size: 0x121000
10:11:00.3017562 AM	git.exe	22684	Load Image	C:\Windows\System32\bcryptprimitives.dll	SUCCESS	Image Base: 0x7ffb24790000, Image Size: 0x6a000
10:11:00.3022426 AM	git.exe	22684	Load Image	C:\Windows\System32\powrprof.dll	SUCCESS	Image Base: 0x7ffb24730000, Image Size: 0x4c000
10:11:00.3024296 AM	git.exe	22684	Load Image	C:\Windows\System32\advapi32.dll	SUCCESS	Image Base: 0x7ffb26270000, Image Size: 0xa2000
10:11:00.3025639 AM	git.exe	22684	Load Image	C:\Windows\System32\sechost.dll	SUCCESS	Image Base: 0x7ffb25820000, Image Size: 0x59000
10:11:00.3027790 AM	git.exe	22684	Load Image	C:\Windows\System32\shlwapi.dll	SUCCESS	Image Base: 0x7ffb259c0000, Image Size: 0x52000
10:11:00.3029852 AM	git.exe	22684	Load Image	C:\Windows\System32\gdi32.dll	SUCCESS	Image Base: 0x7ffb25950000, Image Size: 0x34000
10:11:00.3032489 AM	git.exe	22684	Load Image	C:\Windows\System32\gdi32full.dll	SUCCESS	Image Base: 0x7ffb25500000, Image Size: 0x180000
10:11:00.3035773 AM	git.exe	22684	Load Image	C:\Windows\System32\user32.dll	SUCCESS	Image Base: 0x7ffb26100000, Image Size: 0x165000
10:11:00.3037322 AM	git.exe	22684	Load Image	C:\Windows\System32\win32u.dll	SUCCESS	Image Base: 0x7ffb24db0000, Image Size: 0x1e000
10:11:00.3039044 AM	git.exe	22684	Load Image	C:\Windows\System32\kernel.appcore.dll	SUCCESS	Image Base: 0x7ffb24780000, Image Size: 0xf000
10:11:00.3041003 AM	git.exe	22684	Load Image	C:\Windows\System32\SHCore.dll	SUCCESS	Image Base: 0x7ffb24d00000, Image Size: 0xa9000
10:11:00.3042913 AM	git.exe	22684	Load Image	C:\Windows\System32\profapi.dll	SUCCESS	Image Base: 0x7ffb24710000, Image Size: 0x14000
10:11:00.3068019 AM	git.exe	22684	CreateFile	C:\Windows\System32\msvcrt.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3069331 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\msvcrt.dll	SUCCESS	Information: Attribute
10:11:00.3069621 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\msvcrt.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3069898 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\msvcrt.dll	SUCCESS	Information: Owner
10:11:00.3070223 AM	git.exe	22684	CloseFile	C:\Windows\System32\msvcrt.dll	SUCCESS	
10:11:00.3073932 AM	git.exe	22684	CreateFile	C:\Windows\System32\cfgmgr32.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3075181 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\cfgmgr32.dll	SUCCESS	Information: Attribute
10:11:00.3075480 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\cfgmgr32.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3075819 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\cfgmgr32.dll	SUCCESS	Information: Owner
10:11:00.3076109 AM	git.exe	22684	CloseFile	C:\Windows\System32\cfgmgr32.dll	SUCCESS	
10:11:00.3079769 AM	git.exe	22684	CreateFile	C:\Windows\System32\ucrtbase.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3081067 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\ucrtbase.dll	SUCCESS	Information: Attribute
10:11:00.3081630 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\ucrtbase.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3081897 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\ucrtbase.dll	SUCCESS	Information: Owner
10:11:00.3082553 AM	git.exe	22684	CloseFile	C:\Windows\System32\ucrtbase.dll	SUCCESS	
10:11:00.3086212 AM	git.exe	22684	CreateFile	C:\Windows\System32\rpcrt4.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3087386 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\rpcrt4.dll	SUCCESS	Information: Attribute
10:11:00.3087672 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\rpcrt4.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3087935 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\rpcrt4.dll	SUCCESS	Information: Owner
10:11:00.3088198 AM	git.exe	22684	CloseFile	C:\Windows\System32\rpcrt4.dll	SUCCESS	
10:11:00.3091902 AM	git.exe	22684	CreateFile	C:\Windows\System32\bcryptprimitives.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3092777 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\bcryptprimitives.dll	SUCCESS	Information: Attribute
10:11:00.3093174 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\bcryptprimitives.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3093477 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\bcryptprimitives.dll	SUCCESS	Information: Owner
10:11:00.3093883 AM	git.exe	22684	CloseFile	C:\Windows\System32\bcryptprimitives.dll	SUCCESS	
10:11:00.3098939 AM	git.exe	22684	CreateFile	C:\Windows\System32\combase.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3100167 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\combase.dll	SUCCESS	Information: Attribute
10:11:00.3100475 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\combase.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3100751 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\combase.dll	SUCCESS	Information: Owner
10:11:00.3101126 AM	git.exe	22684	CloseFile	C:\Windows\System32\combase.dll	SUCCESS	
10:11:00.3105495 AM	git.exe	22684	CreateFile	C:\Windows\System32\powrprof.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3107106 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\powrprof.dll	SUCCESS	Information: Attribute
10:11:00.3107570 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\powrprof.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3107842 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\powrprof.dll	SUCCESS	Information: Owner
10:11:00.3108119 AM	git.exe	22684	CloseFile	C:\Windows\System32\powrprof.dll	SUCCESS	
10:11:00.3111916 AM	git.exe	22684	CreateFile	C:\Windows\System32\sechost.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3112938 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\sechost.dll	SUCCESS	Information: Attribute
10:11:00.3113242 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\sechost.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3113496 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\sechost.dll	SUCCESS	Information: Owner
10:11:00.3113773 AM	git.exe	22684	CloseFile	C:\Windows\System32\sechost.dll	SUCCESS	
10:11:00.3116923 AM	git.exe	22684	CreateFile	C:\Windows\System32\advapi32.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3118204 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\advapi32.dll	SUCCESS	Information: Attribute
10:11:00.3118507 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\advapi32.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3118980 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\advapi32.dll	SUCCESS	Information: Owner
10:11:00.3119212 AM	git.exe	22684	CloseFile	C:\Windows\System32\advapi32.dll	SUCCESS	
10:11:00.3122992 AM	git.exe	22684	CreateFile	C:\Windows\System32\win32u.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3124317 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\win32u.dll	SUCCESS	Information: Attribute
10:11:00.3124612 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\win32u.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3124866 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\win32u.dll	SUCCESS	Information: Owner
10:11:00.3125197 AM	git.exe	22684	CloseFile	C:\Windows\System32\win32u.dll	SUCCESS	
10:11:00.3128646 AM	git.exe	22684	CreateFile	C:\Windows\System32\user32.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3129788 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\user32.dll	SUCCESS	Information: Attribute
10:11:00.3130110 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\user32.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3130364 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\user32.dll	SUCCESS	Information: Owner
10:11:00.3130636 AM	git.exe	22684	CloseFile	C:\Windows\System32\user32.dll	SUCCESS	
10:11:00.3137062 AM	git.exe	22684	CreateFile	C:\Windows\System32\gdi32full.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3138771 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\gdi32full.dll	SUCCESS	Information: Attribute
10:11:00.3139302 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\gdi32full.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3140583 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\gdi32full.dll	SUCCESS	Information: Owner
10:11:00.3140887 AM	git.exe	22684	CloseFile	C:\Windows\System32\gdi32full.dll	SUCCESS	
10:11:00.3145291 AM	git.exe	22684	CreateFile	C:\Windows\System32\gdi32.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3147081 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\gdi32.dll	SUCCESS	Information: Attribute
10:11:00.3147888 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\gdi32.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3148174 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\gdi32.dll	SUCCESS	Information: Owner
10:11:00.3148451 AM	git.exe	22684	CloseFile	C:\Windows\System32\gdi32.dll	SUCCESS	
10:11:00.3155524 AM	git.exe	22684	CreateFile	C:\Windows\System32\shlwapi.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3157996 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\shlwapi.dll	SUCCESS	Information: Attribute
10:11:00.3158281 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\shlwapi.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3158683 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\shlwapi.dll	SUCCESS	Information: Owner
10:11:00.3159013 AM	git.exe	22684	CloseFile	C:\Windows\System32\shlwapi.dll	SUCCESS	
10:11:00.3163038 AM	git.exe	22684	CreateFile	C:\Windows\System32\kernel.appcore.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3164105 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\kernel.appcore.dll	SUCCESS	Information: Attribute
10:11:00.3164404 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\kernel.appcore.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3164739 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\kernel.appcore.dll	SUCCESS	Information: Owner
10:11:00.3165033 AM	git.exe	22684	CloseFile	C:\Windows\System32\kernel.appcore.dll	SUCCESS	
10:11:00.3168831 AM	git.exe	22684	CreateFile	C:\Windows\System32\SHCore.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3170553 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\SHCore.dll	SUCCESS	Information: Attribute
10:11:00.3171089 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\SHCore.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3171481 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\SHCore.dll	SUCCESS	Information: Owner
10:11:00.3171749 AM	git.exe	22684	CloseFile	C:\Windows\System32\SHCore.dll	SUCCESS	
10:11:00.3176287 AM	git.exe	22684	CreateFile	C:\Windows\System32\profapi.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3178786 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\profapi.dll	SUCCESS	Information: Attribute
10:11:00.3179076 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\profapi.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3179349 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\profapi.dll	SUCCESS	Information: Owner
10:11:00.3179661 AM	git.exe	22684	CloseFile	C:\Windows\System32\profapi.dll	SUCCESS	
10:11:00.3183753 AM	git.exe	22684	CreateFile	C:\Windows\System32\windows.storage.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3184766 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\windows.storage.dll	SUCCESS	Information: Attribute
10:11:00.3185114 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\windows.storage.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3185462 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\windows.storage.dll	SUCCESS	Information: Owner
10:11:00.3185757 AM	git.exe	22684	CloseFile	C:\Windows\System32\windows.storage.dll	SUCCESS	
10:11:00.3189934 AM	git.exe	22684	CreateFile	C:\Windows\System32\shell32.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3191299 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\shell32.dll	SUCCESS	Information: Attribute
10:11:00.3191629 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\shell32.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3191995 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\shell32.dll	SUCCESS	Information: Owner
10:11:00.3192317 AM	git.exe	22684	CloseFile	C:\Windows\System32\shell32.dll	SUCCESS	
10:11:00.3196725 AM	git.exe	22684	RegOpenKey	HKLM\SYSTEM\CurrentControlSet\Control\Session Manager	REPARSE	Desired Access: Query Value, Enumerate Sub Keys
10:11:00.3197413 AM	git.exe	22684	RegOpenKey	HKLM\System\CurrentControlSet\Control\Session Manager	SUCCESS	Desired Access: Query Value, Enumerate Sub Keys
10:11:00.3198100 AM	git.exe	22684	RegQueryValue	HKLM\System\CurrentControlSet\Control\Session Manager\ResourcePolicies	NAME NOT FOUND	Length: 24
10:11:00.3198479 AM	git.exe	22684	RegCloseKey	HKLM\System\CurrentControlSet\Control\Session Manager	SUCCESS	
10:11:00.3199274 AM	git.exe	22684	RegOpenKey	HKLM\System\CurrentControlSet\Control\Nls\Sorting\Versions	REPARSE	Desired Access: Read
10:11:00.3199992 AM	git.exe	22684	RegOpenKey	HKLM\System\CurrentControlSet\Control\Nls\Sorting\Versions	SUCCESS	Desired Access: Read
10:11:00.3201059 AM	git.exe	22684	RegQueryValue	HKLM\System\CurrentControlSet\Control\Nls\Sorting\Versions\(Default)	SUCCESS	Type: REG_SZ, Length: 18, Data: 0006020E
10:11:00.3206280 AM	git.exe	22684	RegOpenKey	HKLM\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy	REPARSE	Desired Access: Query Value
10:11:00.3207904 AM	git.exe	22684	RegOpenKey	HKLM\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy	SUCCESS	Desired Access: Query Value
10:11:00.3209310 AM	git.exe	22684	RegQueryValue	HKLM\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy\Enabled	SUCCESS	Type: REG_DWORD, Length: 4, Data: 0
10:11:00.3209948 AM	git.exe	22684	RegOpenKey	HKLM\System\CurrentControlSet\Control\Lsa	REPARSE	Desired Access: Query Value
10:11:00.3210599 AM	git.exe	22684	RegOpenKey	HKLM\System\CurrentControlSet\Control\Lsa	SUCCESS	Desired Access: Query Value
10:11:00.3211184 AM	git.exe	22684	RegQueryValue	HKLM\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy	NAME NOT FOUND	Length: 20
10:11:00.3211492 AM	git.exe	22684	RegQueryValue	HKLM\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy\MDMEnabled	NAME NOT FOUND	Length: 20
10:11:00.3211777 AM	git.exe	22684	RegCloseKey	HKLM\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy	SUCCESS	
10:11:00.3212001 AM	git.exe	22684	RegCloseKey	HKLM\System\CurrentControlSet\Control\Lsa	SUCCESS	
10:11:00.3212331 AM	git.exe	22684	RegOpenKey	HKLM\SYSTEM\CurrentControlSet\Policies\Microsoft\Cryptography\Configuration	REPARSE	Desired Access: Query Value
10:11:00.3212889 AM	git.exe	22684	RegOpenKey	HKLM\System\CurrentControlSet\Policies\Microsoft\Cryptography\Configuration	NAME NOT FOUND	Desired Access: Query Value
10:11:00.3214807 AM	git.exe	22684	RegOpenKey	HKLM	SUCCESS	Desired Access: Maximum Allowed, Granted Access: All Access
10:11:00.3215615 AM	git.exe	22684	RegQueryKey	HKLM	SUCCESS	Query: HandleTags, HandleTags: 0x0
10:11:00.3216137 AM	git.exe	22684	RegOpenKey	HKLM\SOFTWARE\Microsoft\OLE	SUCCESS	Desired Access: Read
10:11:00.3216807 AM	git.exe	22684	RegQueryValue	HKLM\SOFTWARE\Microsoft\Ole\PageAllocatorUseSystemHeap	NAME NOT FOUND	Length: 144
10:11:00.3217199 AM	git.exe	22684	RegCloseKey	HKLM\SOFTWARE\Microsoft\Ole	SUCCESS	
10:11:00.3217610 AM	git.exe	22684	RegQueryKey	HKLM	SUCCESS	Query: HandleTags, HandleTags: 0x0
10:11:00.3218310 AM	git.exe	22684	RegOpenKey	HKLM\SOFTWARE\Microsoft\OLE	SUCCESS	Desired Access: Read
10:11:00.3218980 AM	git.exe	22684	RegQueryValue	HKLM\SOFTWARE\Microsoft\Ole\PageAllocatorSystemHeapIsPrivate	NAME NOT FOUND	Length: 144
10:11:00.3219337 AM	git.exe	22684	RegCloseKey	HKLM\SOFTWARE\Microsoft\Ole	SUCCESS	
10:11:00.3219582 AM	git.exe	22684	RegQueryKey	HKLM	SUCCESS	Query: HandleTags, HandleTags: 0x0
10:11:00.3219935 AM	git.exe	22684	RegOpenKey	HKLM\SOFTWARE\Microsoft\OLE	SUCCESS	Desired Access: Read
10:11:00.3220537 AM	git.exe	22684	RegQueryValue	HKLM\SOFTWARE\Microsoft\Ole\AggressiveMTATesting	NAME NOT FOUND	Length: 144
10:11:00.3220841 AM	git.exe	22684	RegCloseKey	HKLM\SOFTWARE\Microsoft\Ole	SUCCESS	
10:11:00.3221755 AM	git.exe	22684	RegQueryKey	HKLM	SUCCESS	Query: HandleTags, HandleTags: 0x0
10:11:00.3222233 AM	git.exe	22684	RegOpenKey	HKLM\Software\Microsoft\OLE\Tracing	NAME NOT FOUND	Desired Access: Read
10:11:00.3224968 AM	git.exe	22684	RegQueryValue	HKLM\System\CurrentControlSet\Control\WMI\Security\1aff6089-e863-4d36-bdfd-3581f07440be	NAME NOT FOUND	Length: 524
10:11:00.3234656 AM	git.exe	22684	CreateFile	C:\Windows\System32\imm32.dll	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3236200 AM	git.exe	22684	QueryBasicInformationFile	C:\Windows\System32\imm32.dll	SUCCESS	CreationTime: 7/16/2016 3:42:23 AM, LastAccessTime: 12/7/2017 11:00:23 AM, LastWriteTime: 7/16/2016 3:42:23 AM, ChangeTime: 12/5/2016 8:24:40 AM, FileAttributes: A
10:11:00.3237164 AM	git.exe	22684	CloseFile	C:\Windows\System32\imm32.dll	SUCCESS	
10:11:00.3242180 AM	git.exe	22684	CreateFile	C:\Windows\System32\imm32.dll	SUCCESS	Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3244719 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\imm32.dll	SUCCESS	Information: Attribute
10:11:00.3245058 AM	git.exe	22684	CreateFileMapping	C:\Windows\System32\imm32.dll	FILE LOCKED WITH ONLY READERS	SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE|PAGE_NOCACHE
10:11:00.3245389 AM	git.exe	22684	QueryStandardInformationFile	C:\Windows\System32\imm32.dll	SUCCESS	AllocationSize: 176,128, EndOfFile: 175,672, NumberOfLinks: 2, DeletePending: False, Directory: False
10:11:00.3246076 AM	git.exe	22684	CreateFileMapping	C:\Windows\System32\imm32.dll	SUCCESS	SyncType: SyncTypeOther
10:11:00.3247040 AM	git.exe	22684	CloseFile	C:\Windows\System32\imm32.dll	SUCCESS	
10:11:00.3248923 AM	git.exe	22684	Load Image	C:\Windows\System32\imm32.dll	SUCCESS	Image Base: 0x7ffb25880000, Image Size: 0x2e000
10:11:00.3253738 AM	git.exe	22684	CreateFile	C:\Windows\System32\imm32.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3254934 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\imm32.dll	SUCCESS	Information: Attribute
10:11:00.3255269 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\imm32.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3255576 AM	git.exe	22684	QuerySecurityFile	C:\Windows\System32\imm32.dll	SUCCESS	Information: Owner
10:11:00.3256045 AM	git.exe	22684	CloseFile	C:\Windows\System32\imm32.dll	SUCCESS	
10:11:00.3263065 AM	git.exe	22684	CreateFile	C:\Windows\System32\imm32.dll	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3264136 AM	git.exe	22684	QueryBasicInformationFile	C:\Windows\System32\imm32.dll	SUCCESS	CreationTime: 7/16/2016 3:42:23 AM, LastAccessTime: 12/7/2017 11:00:23 AM, LastWriteTime: 7/16/2016 3:42:23 AM, ChangeTime: 12/5/2016 8:24:40 AM, FileAttributes: A
10:11:00.3264421 AM	git.exe	22684	CloseFile	C:\Windows\System32\imm32.dll	SUCCESS	
10:11:00.3273467 AM	git.exe	22684	CreateFile	C:\Windows\System32\imm32.dll	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3274564 AM	git.exe	22684	QueryBasicInformationFile	C:\Windows\System32\imm32.dll	SUCCESS	CreationTime: 7/16/2016 3:42:23 AM, LastAccessTime: 12/7/2017 11:00:23 AM, LastWriteTime: 7/16/2016 3:42:23 AM, ChangeTime: 12/5/2016 8:24:40 AM, FileAttributes: A
10:11:00.3274970 AM	git.exe	22684	CloseFile	C:\Windows\System32\imm32.dll	SUCCESS	
10:11:00.3276345 AM	git.exe	22684	RegOpenKey	HKLM\System\CurrentControlSet\Control\Error Message Instrument\	REPARSE	Desired Access: Read
10:11:00.3277041 AM	git.exe	22684	RegOpenKey	HKLM\System\CurrentControlSet\Control\Error Message Instrument	NAME NOT FOUND	Desired Access: Read
10:11:00.3278014 AM	git.exe	22684	RegQueryValue	HKLM\System\CurrentControlSet\Control\WMI\Security\f25bcd2e-2690-55dc-3bc4-07b65b1b41c9	NAME NOT FOUND	Length: 524
10:11:00.3279067 AM	git.exe	22684	RegOpenKey	HKLM\Software\Microsoft\Windows NT\CurrentVersion\GRE_Initialize	SUCCESS	Desired Access: Read
10:11:00.3279937 AM	git.exe	22684	RegQueryValue	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize\DisableMetaFiles	NAME NOT FOUND	Length: 20
10:11:00.3280357 AM	git.exe	22684	RegCloseKey	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize	SUCCESS	
10:11:00.3281521 AM	git.exe	22684	RegOpenKey	HKLM\Software\Microsoft\Windows NT\CurrentVersion\Compatibility32	SUCCESS	Desired Access: Read
10:11:00.3282284 AM	git.exe	22684	RegQueryValue	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Compatibility32\git	NAME NOT FOUND	Length: 172
10:11:00.3282655 AM	git.exe	22684	RegCloseKey	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Compatibility32	SUCCESS	
10:11:00.3283137 AM	git.exe	22684	RegOpenKey	HKLM\Software\Microsoft\Windows NT\CurrentVersion\IME Compatibility	NAME NOT FOUND	Desired Access: Read
10:11:00.3290540 AM	git.exe	22684	RegQueryKey	HKLM	SUCCESS	Query: HandleTags, HandleTags: 0x0
10:11:00.3291718 AM	git.exe	22684	RegOpenKey	HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows	SUCCESS	Desired Access: Read
10:11:00.3294391 AM	git.exe	22684	RegQueryValue	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\LoadAppInit_DLLs	SUCCESS	Type: REG_DWORD, Length: 4, Data: 0
10:11:00.3295408 AM	git.exe	22684	RegCloseKey	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows	SUCCESS	
10:11:00.3296346 AM	git.exe	22684	RegOpenKey	HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options	SUCCESS	Desired Access: Query Value, Enumerate Sub Keys
10:11:00.3297135 AM	git.exe	22684	RegOpenKey	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\git.exe	NAME NOT FOUND	Desired Access: Query Value, Enumerate Sub Keys
10:11:00.3300763 AM	git.exe	22684	RegQueryValue	HKLM\System\CurrentControlSet\Control\WMI\Security\30336ed4-e327-447c-9de0-51b652c86108	NAME NOT FOUND	Length: 524
10:11:00.3302629 AM	git.exe	22684	RegQueryValue	HKLM\System\CurrentControlSet\Control\WMI\Security\b87cf16b-0bf8-4492-a510-d5f59626b033	NAME NOT FOUND	Length: 524
10:11:00.3306190 AM	git.exe	22684	RegQueryValue	HKLM\System\CurrentControlSet\Control\WMI\Security\30336ed4-e327-447c-9de0-51b652c86108	NAME NOT FOUND	Length: 524
10:11:00.3307069 AM	git.exe	22684	RegQueryValue	HKLM\System\CurrentControlSet\Control\WMI\Security\b87cf16b-0bf8-4492-a510-d5f59626b033	NAME NOT FOUND	Length: 524
10:11:00.3308475 AM	git.exe	22684	QueryNameInformationFile	C:\Program Files\Git\cmd\git.exe	SUCCESS	Name: \Program Files\Git\cmd\git.exe
10:11:00.3312089 AM	git.exe	22684	CreateFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3312857 AM	git.exe	22684	QueryBasicInformationFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	CreationTime: 12/4/2017 10:28:45 AM, LastAccessTime: 12/8/2017 10:09:27 AM, LastWriteTime: 10/30/2017 10:18:46 AM, ChangeTime: 12/4/2017 10:28:45 AM, FileAttributes: A
10:11:00.3313075 AM	git.exe	22684	CloseFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	
10:11:00.3317516 AM	git.exe	22684	CreateFile	C:\Users\<username>	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3318096 AM	git.exe	22684	QueryBasicInformationFile	C:\Users\<username>	SUCCESS	CreationTime: 12/5/2016 8:42:27 AM, LastAccessTime: 12/8/2017 10:10:55 AM, LastWriteTime: 12/8/2017 10:09:47 AM, ChangeTime: 12/8/2017 10:09:47 AM, FileAttributes: D
10:11:00.3318421 AM	git.exe	22684	CloseFile	C:\Users\<username>	SUCCESS	
10:11:00.3322116 AM	git.exe	22684	CreateFile	C:\Program Files\Git\mingw64\bin	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3322612 AM	git.exe	22684	QueryBasicInformationFile	C:\Program Files\Git\mingw64\bin	SUCCESS	CreationTime: 12/4/2017 10:28:45 AM, LastAccessTime: 12/8/2017 10:11:00 AM, LastWriteTime: 12/4/2017 10:29:16 AM, ChangeTime: 12/4/2017 10:29:16 AM, FileAttributes: D
10:11:00.3322924 AM	git.exe	22684	CloseFile	C:\Program Files\Git\mingw64\bin	SUCCESS	
10:11:00.3327217 AM	git.exe	22684	CreateFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3328217 AM	git.exe	22684	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	Information: Attribute
10:11:00.3328502 AM	git.exe	22684	ReadFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	Offset: 0, Length: 64
10:11:00.3328980 AM	git.exe	22684	ReadFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	Offset: 128, Length: 26
10:11:00.3329207 AM	git.exe	22684	QueryStandardInformationFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	AllocationSize: 2,289,664, EndOfFile: 2,288,280, NumberOfLinks: 1, DeletePending: False, Directory: False
10:11:00.3329493 AM	git.exe	22684	QueryFileInternalInformationFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	IndexNumber: 0x350000000a88f4
10:11:00.3329689 AM	git.exe	22684	QueryInformationVolume	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	VolumeCreationTime: 1/29/2016 10:36:22 PM, VolumeSerialNumber: A889-8181, SupportsObjects: True, VolumeLabel: OS
10:11:00.3329885 AM	git.exe	22684	CreateFileMapping	C:\Program Files\Git\mingw64\bin\git.exe	FILE LOCKED WITH ONLY READERS	SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE|PAGE_NOCACHE
10:11:00.3330184 AM	git.exe	22684	CreateFileMapping	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	SyncType: SyncTypeOther
10:11:00.3330622 AM	git.exe	22684	RegOpenKey	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\git.exe	NAME NOT FOUND	Desired Access: Query Value, Enumerate Sub Keys
10:11:00.3332559 AM	git.exe	22684	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	Information: Owner, Group, DACL, SACL, Label, Process Trust Label
10:11:00.3332889 AM	git.exe	22684	QueryNameInformationFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	Name: \Program Files\Git\mingw64\bin\git.exe
10:11:00.3338074 AM	git.exe	22684	CreateFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	Desired Access: Generic Read, Disposition: Open, Options: , Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened
10:11:00.3339167 AM	git.exe	22684	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	Information: Attribute
10:11:00.3339948 AM	git.exe	22684	QueryNameInformationFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	Name: \Program Files\Git\mingw64\bin\git.exe
10:11:00.3340328 AM	git.exe	22684	CloseFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	
10:11:00.3341176 AM	git.exe	22684	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	Information: Owner, Group, DACL, SACL, Label, Process Trust Label
10:11:00.3341823 AM	git.exe	22684	FileSystemControl	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	Control: FSCTL_READ_FILE_USN_DATA
10:11:00.3342095 AM	git.exe	22684	QueryStandardInformationFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	AllocationSize: 2,289,664, EndOfFile: 2,288,280, NumberOfLinks: 1, DeletePending: False, Directory: False
10:11:00.3342501 AM	git.exe	22684	RegOpenKey	HKLM\System\CurrentControlSet\Control\AppID\Configuration\SMARTLOCKER	REPARSE	Desired Access: Read
10:11:00.3342965 AM	git.exe	22684	RegOpenKey	HKLM\System\CurrentControlSet\Control\AppID\Configuration\SMARTLOCKER	NAME NOT FOUND	Desired Access: Read
10:11:00.3343353 AM	git.exe	22684	RegOpenKey	HKLM\System\CurrentControlSet\Control\AppID\Configuration\SMARTLOCKER	REPARSE	Desired Access: Read
10:11:00.3343728 AM	git.exe	22684	RegOpenKey	HKLM\System\CurrentControlSet\Control\AppID\Configuration\SMARTLOCKER	NAME NOT FOUND	Desired Access: Read
10:11:00.3346290 AM	git.exe	22684	CreateFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened
10:11:00.3347285 AM	git.exe	22684	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	Information: Attribute
10:11:00.3347610 AM	git.exe	22684	CloseFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	
10:11:00.3348436 AM	git.exe	22684	QueryNameInformationFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	Name: \Program Files\Git\mingw64\bin\git.exe
10:11:00.3350533 AM	git.exe	22684	CreateFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	Desired Access: Read Data/List Directory, Read Attributes, Disposition: Open, Options: Sequential Access, Non-Directory File, Attributes: N, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3351622 AM	git.exe	22684	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	Information: Attribute
10:11:00.3351997 AM	git.exe	22684	QueryAllInformationFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	CreationTime: 12/4/2017 10:28:45 AM, LastAccessTime: 12/8/2017 10:09:27 AM, LastWriteTime: 10/30/2017 10:18:46 AM, ChangeTime: 12/4/2017 10:28:45 AM, FileAttributes: A, AllocationSize: 2,289,664, EndOfFile: 2,288,280, NumberOfLinks: 1, DeletePending: False, Directory: False, IndexNumber: 0x350000000a88f4, EaSize: 0, Access: None 0x0, Position: 0, Mode: , AlignmentRequirement: Byte
10:11:00.3352367 AM	git.exe	22684	CloseFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	
10:11:00.3353229 AM	git.exe	22684	Process Create	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	PID: 24388, Command line: git.exe  stash
10:11:00.3353296 AM	git.exe	24388	Process Start		SUCCESS	Parent PID: 22684, Command line: git.exe  stash, Current directory: C:\Users\<username>\Source\Repos\WebSite\, Environment: 
	=C:=C:\Users\<username>\Source\Repos\WebSite
	=ExitCode=C000013A
	ALLUSERSPROFILE=C:\ProgramData
	APPDATA=C:\Users\<username>\AppData\Roaming
	CommonProgramFiles=C:\Program Files\Common Files
	CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files
	CommonProgramW6432=C:\Program Files\Common Files
	COMPLUS_InstallRoot=
	COMPLUS_Version=
	COMPUTERNAME=<MACHINENAME>
	ComSpec=C:\WINDOWS\system32\cmd.exe
	FPS_BROWSER_APP_PROFILE_STRING=Internet Explorer
	FPS_BROWSER_USER_PROFILE_STRING=Default
	HOME=C:\Users\<username>
	HOMEDRIVE=C:
	HOMEPATH=\Users\<username>
	IIS_BIN=C:\Program Files (x86)\Microsoft Visual Studio\2017\Professional\Common7\IDE
	IIS_DRIVE=C:
	IIS_SITES_HOME=C:\Users\<username>\Documents\My Web Sites
	IIS_USER_HOME=C:\Users\<username>\Documents\IISExpress
	LOCALAPPDATA=C:\Users\<username>\AppData\Local
	LOGONSERVER=\\<DOMAINCONTROLLER>
	MSBuildLoadMicrosoftTargetsReadOnly=true
	MSYSTEM=MINGW64
	NUMBER_OF_PROCESSORS=8
	OS=Windows_NT
	Path=C:\Program Files\Git\mingw64\bin;C:\Program Files\Git\usr\bin;C:\Users\<username>\bin;.\node_modules\.bin;C:\Program Files (x86)\iis express\PHP\v5.6;C:\WINDOWS\system32\inetsrv;C:\Program Files (x86)\iis express\PHP\v5.5;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Users\<username>\.dnx\bin;C:\Program Files\Microsoft DNX\Dnvm\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\Client SDK\ODBC\130\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\130\DTS\Binn\;C:\Program Files (x86)\Microsoft SQL Server\130\Tools\Binn\ManagementStudio\;C:\CompanyNameDev\Tools\tf.exe;C:\Program Files\nodejs;C:\Program Files (x86)\Bitvise SSH Client;C:\batch;C:\Program Files\nodejs\;C:\Program Files\dotnet\;C:\Program Files (x86)\Microsoft Team Foundation Server 2015 Power Tools\;C:\Program Files (x86)\Microsoft Visual Studio\2017\Professional\Common7\IDE\CommonExtensions\Microsoft\TeamFoundation\Team Explorer;C:\Program Files (x86)\GitExtensions\;C:\Program Files\Git\cmd;C:\Program Files (x86)\Microsoft VS Code\bin;C:\Users\<username>\AppData\Local\Microsoft\WindowsApps;C:\Users\<username>\AppData\Local\Programs\Fiddler;C:\Users\<username>\AppData\Local\Yarn\bin;C:\Users\<username>\AppData\Roaming\npm;C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\Extensions\Microsoft\Web Tools\External
	PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
	PkgDefApplicationConfigFile=C:\Users\<username>\AppData\Local\Microsoft\VisualStudio\15.0_fd8d9c66\devenv.exe.config
	PLINK_PROTOCOL=ssh
	PROCESSOR_ARCHITECTURE=AMD64
	PROCESSOR_IDENTIFIER=Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
	PROCESSOR_LEVEL=6
	PROCESSOR_REVISION=3c03
	ProgramData=C:\ProgramData
	ProgramFiles=C:\Program Files
	ProgramFiles(x86)=C:\Program Files (x86)
	ProgramW6432=C:\Program Files
	PROMPT=$P$G
	PSModulePath=C:\Program Files\WindowsPowerShell\Modules;C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules;C:\Program Files (x86)\Microsoft SQL Server\130\Tools\PowerShell\Modules\
	PUBLIC=C:\Users\Public
	QT_DEVICE_PIXEL_RATIO=auto
	SystemDrive=C:
	SystemRoot=C:\WINDOWS
	TEMP=C:\Users\<user>~1.<user>\AppData\Local\Temp
	TFSPowerToolDir=C:\Program Files (x86)\Microsoft Team Foundation Server 2015 Power Tools\
	TMP=C:\Users\<user>~1.<user>\AppData\Local\Temp
	USERDNSDOMAIN=CompanyName.NET
	USERDOMAIN=CompanyName
	USERDOMAIN_ROAMINGPROFILE=CompanyName
	USERNAME=<username>
	USERPROFILE=C:\Users\<username>
	VisualStudioDir=C:\Users\<username>\Documents\Visual Studio 2017
	VisualStudioEdition=Microsoft Visual Studio Professional 2017
	VisualStudioVersion=15.0
	VS140COMNTOOLS=C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\Tools\
	VSAPPIDDIR=C:\Program Files (x86)\Microsoft Visual Studio\2017\Professional\Common7\IDE\
	VSAPPIDNAME=devenv.exe
	VSLANG=1033
	VSSKUEDITION=Professional
	windir=C:\WINDOWS
	__COMPAT_LAYER=Installer
10:11:00.3353662 AM	git.exe	24388	Thread Create		SUCCESS	Thread ID: 16400
10:11:00.3354246 AM	git.exe	22684	RegOpenKey	HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls	REPARSE	Desired Access: Query Value
10:11:00.3354924 AM	git.exe	22684	RegOpenKey	HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls	NAME NOT FOUND	Desired Access: Query Value
10:11:00.3355540 AM	git.exe	22684	RegOpenKey	HKLM\System\CurrentControlSet\Control\SafeBoot\Option	REPARSE	Desired Access: Query Value, Set Value
10:11:00.3356049 AM	git.exe	22684	RegOpenKey	HKLM\System\CurrentControlSet\Control\SafeBoot\Option	NAME NOT FOUND	Desired Access: Query Value, Set Value
10:11:00.3356549 AM	git.exe	22684	RegOpenKey	HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers	SUCCESS	Desired Access: Query Value
10:11:00.3357298 AM	git.exe	22684	RegQueryValue	HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\TransparentEnabled	NAME NOT FOUND	Length: 80
10:11:00.3357504 AM	git.exe	22684	RegQueryValue	HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\AuthenticodeEnabled	SUCCESS	Type: REG_DWORD, Length: 4, Data: 0
10:11:00.3357749 AM	git.exe	22684	RegCloseKey	HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers	SUCCESS	
10:11:00.3358017 AM	git.exe	22684	RegOpenKey	HKCU\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers	NAME NOT FOUND	Desired Access: Query Value
10:11:00.3358892 AM	git.exe	22684	RegOpenKey	HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders	SUCCESS	Desired Access: Query Value
10:11:00.3359440 AM	git.exe	22684	RegQueryValue	HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache	SUCCESS	Type: REG_SZ, Length: 154, Data: C:\Users\<username>\AppData\Local\Microsoft\Windows\Temporary Internet Files
10:11:00.3359699 AM	git.exe	22684	RegCloseKey	HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders	SUCCESS	
10:11:00.3359949 AM	git.exe	22684	RegOpenKey	HKCU\Software\Microsoft\Windows NT\CurrentVersion	SUCCESS	Desired Access: Enumerate Sub Keys
10:11:00.3360636 AM	git.exe	22684	RegOpenKey	HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers	SUCCESS	Desired Access: Query Value
10:11:00.3361141 AM	git.exe	22684	RegQueryValue	HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\C:\Program Files\Git\mingw64\bin\git.exe	NAME NOT FOUND	Length: 16
10:11:00.3361399 AM	git.exe	22684	RegCloseKey	HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers	SUCCESS	
10:11:00.3361694 AM	git.exe	22684	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	Information: Owner, Group, DACL, SACL, Label, Process Trust Label
10:11:00.3363649 AM	git.exe	22684	CreateFile	C:\Windows\AppPatch\sysmain.sdb	SUCCESS	Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened
10:11:00.3365518 AM	git.exe	22684	QuerySecurityFile	C:\Windows\AppPatch\sysmain.sdb	SUCCESS	Information: Attribute
10:11:00.3365719 AM	git.exe	22684	QueryBasicInformationFile	C:\Windows\AppPatch\sysmain.sdb	SUCCESS	CreationTime: 10/17/2017 2:26:31 PM, LastAccessTime: 10/17/2017 2:26:31 PM, LastWriteTime: 9/17/2017 5:09:15 PM, ChangeTime: 10/18/2017 12:44:21 PM, FileAttributes: A
10:11:00.3365947 AM	git.exe	22684	CloseFile	C:\Windows\AppPatch\sysmain.sdb	SUCCESS	
10:11:00.3367825 AM	git.exe	22684	CreateFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened
10:11:00.3369691 AM	git.exe	22684	QuerySecurityFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	Information: Attribute
10:11:00.3369878 AM	git.exe	22684	QueryBasicInformationFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	CreationTime: 10/17/2017 2:25:46 PM, LastAccessTime: 10/17/2017 2:25:46 PM, LastWriteTime: 9/17/2017 5:15:39 PM, ChangeTime: 10/18/2017 12:44:21 PM, FileAttributes: A
10:11:00.3370083 AM	git.exe	22684	CloseFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	
10:11:00.3370512 AM	git.exe	22684	QueryBasicInformationFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	CreationTime: 12/4/2017 10:28:45 AM, LastAccessTime: 12/8/2017 10:09:27 AM, LastWriteTime: 10/30/2017 10:18:46 AM, ChangeTime: 12/4/2017 10:28:45 AM, FileAttributes: A
10:11:00.3371186 AM	git.exe	22684	QueryBasicInformationFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	CreationTime: 12/4/2017 10:28:45 AM, LastAccessTime: 12/8/2017 10:09:27 AM, LastWriteTime: 10/30/2017 10:18:46 AM, ChangeTime: 12/4/2017 10:28:45 AM, FileAttributes: A
10:11:00.3371520 AM	git.exe	22684	QueryNameInformationFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	Name: \Program Files\Git\mingw64\bin\git.exe
10:11:00.3373636 AM	git.exe	22684	CreateFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened
10:11:00.3375148 AM	git.exe	22684	QuerySecurityFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	Information: Attribute
10:11:00.3375327 AM	git.exe	22684	QueryStandardInformationFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	AllocationSize: 557,056, EndOfFile: 554,138, NumberOfLinks: 2, DeletePending: False, Directory: False
10:11:00.3375550 AM	git.exe	22684	QueryStandardInformationFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	AllocationSize: 557,056, EndOfFile: 554,138, NumberOfLinks: 2, DeletePending: False, Directory: False
10:11:00.3375795 AM	git.exe	22684	CreateFileMapping	C:\Windows\AppPatch\apppatch64\sysmain.sdb	FILE LOCKED WITH ONLY READERS	SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE_READ|PAGE_NOCACHE
10:11:00.3375996 AM	git.exe	22684	QueryStandardInformationFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	AllocationSize: 557,056, EndOfFile: 554,138, NumberOfLinks: 2, DeletePending: False, Directory: False
10:11:00.3376416 AM	git.exe	22684	CreateFileMapping	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	SyncType: SyncTypeOther
10:11:00.3377147 AM	git.exe	22684	QueryStandardInformationFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	AllocationSize: 2,289,664, EndOfFile: 2,288,280, NumberOfLinks: 1, DeletePending: False, Directory: False
10:11:00.3377781 AM	git.exe	22684	RegOpenKey	HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers	NAME NOT FOUND	Desired Access: Read
10:11:00.3378343 AM	git.exe	22684	RegOpenKey	HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers	SUCCESS	Desired Access: Read
10:11:00.3378941 AM	git.exe	22684	RegQueryValue	HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\C:\Program Files\Git\mingw64\bin\git.exe	NAME NOT FOUND	Length: 1,024
10:11:00.3379249 AM	git.exe	22684	RegCloseKey	HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers	SUCCESS	
10:11:00.3379481 AM	git.exe	22684	RegOpenKey	HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\git.exe	NAME NOT FOUND	Desired Access: Read
10:11:00.3380003 AM	git.exe	22684	QueryStandardInformationFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	AllocationSize: 2,289,664, EndOfFile: 2,288,280, NumberOfLinks: 1, DeletePending: False, Directory: False
10:11:00.3380329 AM	git.exe	22684	CreateFileMapping	C:\Program Files\Git\mingw64\bin\git.exe	FILE LOCKED WITH ONLY READERS	SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE|PAGE_NOCACHE
10:11:00.3380508 AM	git.exe	22684	QueryStandardInformationFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	AllocationSize: 2,289,664, EndOfFile: 2,288,280, NumberOfLinks: 1, DeletePending: False, Directory: False
10:11:00.3380896 AM	git.exe	22684	CreateFileMapping	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	SyncType: SyncTypeOther
10:11:00.3385162 AM	git.exe	22684	CloseFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	
10:11:00.3386429 AM	git.exe	22684	RegOpenKey	HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide	SUCCESS	Desired Access: Read
10:11:00.3386965 AM	git.exe	22684	RegQueryValue	HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\PreferExternalManifest	NAME NOT FOUND	Length: 20
10:11:00.3387179 AM	git.exe	22684	RegCloseKey	HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide	SUCCESS	
10:11:00.3399915 AM	git.exe	22684	RegQueryValue	HKLM\System\CurrentControlSet\Control\{7746D80F-97E0-4E26-9543-26B41FC22F79}\{59AEE675-B203-4D61-9A1F-04518A20F359}\4B00650072006E0065006C002D004F006E00650043006F00720065002D00440065007600690063006500460061006D0069006C007900490044000000	NAME NOT FOUND	Length: 0
10:11:00.3401843 AM	git.exe	22684	CreateFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened
10:11:00.3403543 AM	git.exe	22684	QuerySecurityFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	Information: Attribute
10:11:00.3403829 AM	git.exe	22684	QueryStandardInformationFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	AllocationSize: 557,056, EndOfFile: 554,138, NumberOfLinks: 2, DeletePending: False, Directory: False
10:11:00.3404177 AM	git.exe	22684	QueryStandardInformationFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	AllocationSize: 557,056, EndOfFile: 554,138, NumberOfLinks: 2, DeletePending: False, Directory: False
10:11:00.3404435 AM	git.exe	22684	CreateFileMapping	C:\Windows\AppPatch\apppatch64\sysmain.sdb	FILE LOCKED WITH ONLY READERS	SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE|PAGE_NOCACHE
10:11:00.3404578 AM	git.exe	22684	QueryStandardInformationFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	AllocationSize: 557,056, EndOfFile: 554,138, NumberOfLinks: 2, DeletePending: False, Directory: False
10:11:00.3404895 AM	git.exe	22684	CreateFileMapping	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	SyncType: SyncTypeOther
10:11:00.3405377 AM	git.exe	22684	CloseFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	
10:11:00.3407100 AM	git.exe	22684	CloseFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	
10:11:00.3407501 AM	git.exe	24388	Load Image	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	Image Base: 0x840000, Image Size: 0x27d000
10:11:00.3408108 AM	git.exe	24388	Load Image	C:\Windows\System32\ntdll.dll	SUCCESS	Image Base: 0x7ffb28290000, Image Size: 0x1d2000
10:11:00.3409710 AM	git.exe	24388	CreateFile	C:\Windows\Prefetch\GIT.EXE-49C87D8C.pf	SUCCESS	Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: None, AllocationSize: n/a, OpenResult: Opened
10:11:00.3411058 AM	git.exe	24388	QuerySecurityFile	C:\Windows\Prefetch\GIT.EXE-49C87D8C.pf	SUCCESS	Information: Attribute
10:11:00.3411227 AM	git.exe	24388	QueryStandardInformationFile	C:\Windows\Prefetch\GIT.EXE-49C87D8C.pf	SUCCESS	AllocationSize: 8,192, EndOfFile: 6,463, NumberOfLinks: 1, DeletePending: False, Directory: False
10:11:00.3411790 AM	git.exe	24388	ReadFile	C:\Windows\Prefetch\GIT.EXE-49C87D8C.pf	SUCCESS	Offset: 0, Length: 6,463, Priority: Normal
10:11:00.3413093 AM	git.exe	24388	CloseFile	C:\Windows\Prefetch\GIT.EXE-49C87D8C.pf	SUCCESS	
10:11:00.3512494 AM	git.exe	24388	RegOpenKey	HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Segment Heap	REPARSE	Desired Access: Query Value
10:11:00.3513092 AM	git.exe	24388	RegOpenKey	HKLM\System\CurrentControlSet\Control\Session Manager\Segment Heap	NAME NOT FOUND	Desired Access: Query Value
10:11:00.3518916 AM	git.exe	24388	CreateFile	C:\Users\<username>\Source\Repos\WebSite	SUCCESS	Desired Access: Execute/Traverse, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened
10:11:00.3519469 AM	git.exe	24388	QuerySecurityFile	C:\Users\<username>\Source\Repos\WebSite	SUCCESS	Information: Attribute
10:11:00.3520852 AM	git.exe	24388	Load Image	C:\Windows\System32\kernel32.dll	SUCCESS	Image Base: 0x7ffb281e0000, Image Size: 0xac000
10:11:00.3522419 AM	git.exe	24388	Load Image	C:\Windows\System32\KernelBase.dll	SUCCESS	Image Base: 0x7ffb24a30000, Image Size: 0x21d000
10:11:00.3530174 AM	git.exe	24388	RegQueryValue	HKLM\System\CurrentControlSet\Control\WMI\Security\05f95efe-7f75-49c7-a994-60a55cc09571	NAME NOT FOUND	Length: 524
10:11:00.3531281 AM	git.exe	24388	RegOpenKey	HKLM\System\CurrentControlSet\Control\Terminal Server	REPARSE	Desired Access: Read
10:11:00.3531692 AM	git.exe	24388	RegOpenKey	HKLM\System\CurrentControlSet\Control\Terminal Server	SUCCESS	Desired Access: Read
10:11:00.3532227 AM	git.exe	24388	RegQueryValue	HKLM\System\CurrentControlSet\Control\Terminal Server\TSAppCompat	NAME NOT FOUND	Length: 548
10:11:00.3532557 AM	git.exe	24388	RegQueryValue	HKLM\System\CurrentControlSet\Control\Terminal Server\TSUserEnabled	SUCCESS	Type: REG_DWORD, Length: 4, Data: 0
10:11:00.3532816 AM	git.exe	24388	RegCloseKey	HKLM\System\CurrentControlSet\Control\Terminal Server	SUCCESS	
10:11:00.3534258 AM	git.exe	24388	RegOpenKey	HKLM\System\CurrentControlSet\Control\SafeBoot\Option	REPARSE	Desired Access: Query Value, Set Value
10:11:00.3534628 AM	git.exe	24388	RegOpenKey	HKLM\System\CurrentControlSet\Control\SafeBoot\Option	NAME NOT FOUND	Desired Access: Query Value, Set Value
10:11:00.3534972 AM	git.exe	24388	RegOpenKey	HKLM\System\CurrentControlSet\Control\Srp\GP\DLL	REPARSE	Desired Access: Read
10:11:00.3535404 AM	git.exe	24388	RegOpenKey	HKLM\System\CurrentControlSet\Control\Srp\GP\DLL	NAME NOT FOUND	Desired Access: Read
10:11:00.3535757 AM	git.exe	24388	RegOpenKey	HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers	SUCCESS	Desired Access: Query Value
10:11:00.3536435 AM	git.exe	24388	RegQueryValue	HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\TransparentEnabled	NAME NOT FOUND	Length: 80
10:11:00.3536725 AM	git.exe	24388	RegCloseKey	HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers	SUCCESS	
10:11:00.3537288 AM	git.exe	24388	RegOpenKey	HKCU\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers	NAME NOT FOUND	Desired Access: Query Value
10:11:00.3542384 AM	git.exe	24388	CreateFile	C:\Windows\System32\apphelp.dll	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3543307 AM	git.exe	24388	QueryBasicInformationFile	C:\Windows\System32\apphelp.dll	SUCCESS	CreationTime: 7/16/2016 3:42:16 AM, LastAccessTime: 12/8/2017 10:11:00 AM, LastWriteTime: 7/16/2016 3:42:16 AM, ChangeTime: 12/5/2016 8:24:49 AM, FileAttributes: A
10:11:00.3544079 AM	git.exe	24388	CloseFile	C:\Windows\System32\apphelp.dll	SUCCESS	
10:11:00.3547083 AM	git.exe	24388	CreateFile	C:\Windows\System32\apphelp.dll	SUCCESS	Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3549033 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\apphelp.dll	SUCCESS	Information: Attribute
10:11:00.3549417 AM	git.exe	24388	ReadFile	C:\Windows\System32\apphelp.dll	SUCCESS	Offset: 0, Length: 64
10:11:00.3550019 AM	git.exe	24388	ReadFile	C:\Windows\System32\apphelp.dll	SUCCESS	Offset: 248, Length: 26
10:11:00.3550322 AM	git.exe	24388	QueryStandardInformationFile	C:\Windows\System32\apphelp.dll	SUCCESS	AllocationSize: 483,328, EndOfFile: 481,280, NumberOfLinks: 2, DeletePending: False, Directory: False
10:11:00.3550608 AM	git.exe	24388	QueryFileInternalInformationFile	C:\Windows\System32\apphelp.dll	SUCCESS	IndexNumber: 0x500000007bbfa
10:11:00.3550987 AM	git.exe	24388	QueryInformationVolume	C:\Windows\System32\apphelp.dll	SUCCESS	VolumeCreationTime: 1/29/2016 10:36:22 PM, VolumeSerialNumber: A889-8181, SupportsObjects: True, VolumeLabel: OS
10:11:00.3551402 AM	git.exe	24388	CreateFileMapping	C:\Windows\System32\apphelp.dll	FILE LOCKED WITH ONLY READERS	SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE|PAGE_NOCACHE
10:11:00.3551795 AM	git.exe	24388	CreateFileMapping	C:\Windows\System32\apphelp.dll	SUCCESS	SyncType: SyncTypeOther
10:11:00.3552692 AM	git.exe	24388	Load Image	C:\Windows\System32\apphelp.dll	SUCCESS	Image Base: 0x7ffb22b30000, Image Size: 0x7a000
10:11:00.3556244 AM	git.exe	24388	CreateFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3556936 AM	git.exe	24388	QueryBasicInformationFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	CreationTime: 7/13/2016 10:30:20 PM, LastAccessTime: 12/8/2017 10:11:00 AM, LastWriteTime: 7/13/2016 10:30:20 PM, ChangeTime: 12/6/2017 4:03:04 PM, FileAttributes: A
10:11:00.3557257 AM	git.exe	24388	CloseFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	
10:11:00.3559158 AM	git.exe	24388	CreateFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3560167 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	Information: Attribute
10:11:00.3560430 AM	git.exe	24388	ReadFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	Offset: 0, Length: 64
10:11:00.3561037 AM	git.exe	24388	ReadFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	Offset: 240, Length: 26
10:11:00.3561430 AM	git.exe	24388	QueryStandardInformationFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	AllocationSize: 86,016, EndOfFile: 85,816, NumberOfLinks: 1, DeletePending: False, Directory: False
10:11:00.3561742 AM	git.exe	24388	QueryFileInternalInformationFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	IndexNumber: 0x140000000ed999
10:11:00.3561952 AM	git.exe	24388	QueryInformationVolume	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	VolumeCreationTime: 1/29/2016 10:36:22 PM, VolumeSerialNumber: A889-8181, SupportsObjects: True, VolumeLabel: OS
10:11:00.3562175 AM	git.exe	24388	CreateFileMapping	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	FILE LOCKED WITH ONLY READERS	SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE|PAGE_NOCACHE
10:11:00.3562554 AM	git.exe	24388	CreateFileMapping	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	SyncType: SyncTypeOther
10:11:00.3563143 AM	git.exe	24388	Load Image	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	Image Base: 0x7ffb21990000, Image Size: 0x17000
10:11:00.3564250 AM	git.exe	24388	RegOpenKey	HKCU	SUCCESS	Desired Access: Maximum Allowed, Granted Access: All Access
10:11:00.3564723 AM	git.exe	24388	RegOpenKey	HKCU\Control Panel\Desktop\MuiCached\MachineLanguageConfiguration	NAME NOT FOUND	Desired Access: Read
10:11:00.3565049 AM	git.exe	24388	RegCloseKey	HKCU	SUCCESS	
10:11:00.3565258 AM	git.exe	24388	RegOpenKey	HKLM\Software\Policies\Microsoft\MUI\Settings	NAME NOT FOUND	Desired Access: Read
10:11:00.3565669 AM	git.exe	24388	RegOpenKey	HKCU	SUCCESS	Desired Access: Maximum Allowed, Granted Access: All Access
10:11:00.3566030 AM	git.exe	24388	RegOpenKey	HKCU\Software\Policies\Microsoft\Control Panel\Desktop	NAME NOT FOUND	Desired Access: Read
10:11:00.3566307 AM	git.exe	24388	RegOpenKey	HKCU\Control Panel\Desktop\LanguageConfiguration	SUCCESS	Desired Access: Read
10:11:00.3566776 AM	git.exe	24388	RegEnumValue	HKCU\Control Panel\Desktop\LanguageConfiguration	NO MORE ENTRIES	Index: 0, Length: 512
10:11:00.3567057 AM	git.exe	24388	RegCloseKey	HKCU\Control Panel\Desktop\LanguageConfiguration	SUCCESS	
10:11:00.3567195 AM	git.exe	24388	RegCloseKey	HKCU	SUCCESS	
10:11:00.3567458 AM	git.exe	24388	RegOpenKey	HKLM\Software\Policies\Microsoft\MUI\Settings	NAME NOT FOUND	Desired Access: Read
10:11:00.3567811 AM	git.exe	24388	RegOpenKey	HKCU	SUCCESS	Desired Access: Maximum Allowed, Granted Access: All Access
10:11:00.3568154 AM	git.exe	24388	RegOpenKey	HKCU\Software\Policies\Microsoft\Control Panel\Desktop	NAME NOT FOUND	Desired Access: Read
10:11:00.3568422 AM	git.exe	24388	RegOpenKey	HKCU\Control Panel\Desktop	SUCCESS	Desired Access: Read
10:11:00.3568793 AM	git.exe	24388	RegQueryValue	HKCU\Control Panel\Desktop\PreferredUILanguages	BUFFER OVERFLOW	Length: 12
10:11:00.3569078 AM	git.exe	24388	RegQueryValue	HKCU\Control Panel\Desktop\PreferredUILanguages	SUCCESS	Type: REG_MULTI_SZ, Length: 12, Data: en-US
10:11:00.3569444 AM	git.exe	24388	RegCloseKey	HKCU\Control Panel\Desktop	SUCCESS	
10:11:00.3569578 AM	git.exe	24388	RegCloseKey	HKCU	SUCCESS	
10:11:00.3569761 AM	git.exe	24388	RegOpenKey	HKLM\Software\Policies\Microsoft\MUI\Settings	NAME NOT FOUND	Desired Access: Read
10:11:00.3570113 AM	git.exe	24388	RegOpenKey	HKCU	SUCCESS	Desired Access: Maximum Allowed, Granted Access: All Access
10:11:00.3570520 AM	git.exe	24388	RegOpenKey	HKCU\Control Panel\Desktop\MuiCached	SUCCESS	Desired Access: Read
10:11:00.3570912 AM	git.exe	24388	RegQueryValue	HKCU\Control Panel\Desktop\MuiCached\MachinePreferredUILanguages	BUFFER OVERFLOW	Length: 12
10:11:00.3571323 AM	git.exe	24388	RegQueryValue	HKCU\Control Panel\Desktop\MuiCached\MachinePreferredUILanguages	SUCCESS	Type: REG_MULTI_SZ, Length: 12, Data: en-US
10:11:00.3571791 AM	git.exe	24388	RegCloseKey	HKCU\Control Panel\Desktop\MuiCached	SUCCESS	
10:11:00.3571988 AM	git.exe	24388	RegCloseKey	HKCU	SUCCESS	
10:11:00.3572626 AM	git.exe	24388	RegOpenKey	HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide	SUCCESS	Desired Access: Read
10:11:00.3573099 AM	git.exe	24388	RegQueryValue	HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\PreferExternalManifest	NAME NOT FOUND	Length: 20
10:11:00.3573282 AM	git.exe	24388	RegCloseKey	HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide	SUCCESS	
10:11:00.3575044 AM	git.exe	24388	CreateFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3575754 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	Information: Attribute
10:11:00.3575986 AM	git.exe	24388	QueryBasicInformationFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	CreationTime: 7/13/2016 10:30:20 PM, LastAccessTime: 12/8/2017 10:11:00 AM, LastWriteTime: 7/13/2016 10:30:20 PM, ChangeTime: 12/6/2017 4:03:04 PM, FileAttributes: A
10:11:00.3577419 AM	git.exe	24388	CloseFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	
10:11:00.3578360 AM	git.exe	24388	CloseFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	
10:11:00.3580850 AM	git.exe	24388	RegOpenKey	HKLM\SYSTEM\CurrentControlSet\Control\Lsa	REPARSE	Desired Access: Query Value
10:11:00.3581408 AM	git.exe	24388	RegOpenKey	HKLM\System\CurrentControlSet\Control\Lsa	SUCCESS	Desired Access: Query Value
10:11:00.3581921 AM	git.exe	24388	RegQueryValue	HKLM\System\CurrentControlSet\Control\Lsa\LsaPid	SUCCESS	Type: REG_DWORD, Length: 4, Data: 900
10:11:00.3582193 AM	git.exe	24388	RegCloseKey	HKLM\System\CurrentControlSet\Control\Lsa	SUCCESS	
10:11:00.3683322 AM	git.exe	24388	CloseFile	C:\Windows\System32\apphelp.dll	SUCCESS	
10:11:00.3684210 AM	git.exe	24388	RegQueryValue	HKLM\System\CurrentControlSet\Control\WMI\Security\8ccca27d-f1d8-4dda-b5dd-339aee937731	NAME NOT FOUND	Length: 524
10:11:00.3685120 AM	git.exe	24388	RegOpenKey	HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags	SUCCESS	Desired Access: Query Value
10:11:00.3685629 AM	git.exe	24388	RegQueryValue	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\LogFlags	NAME NOT FOUND	Length: 20
10:11:00.3685830 AM	git.exe	24388	RegCloseKey	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags	SUCCESS	
10:11:00.3686169 AM	git.exe	24388	RegQueryValue	HKLM\System\CurrentControlSet\Control\WMI\Security\18608e62-a628-49d9-8c02-55972e097d24	NAME NOT FOUND	Length: 524
10:11:00.3687106 AM	git.exe	24388	RegOpenKey	HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags	SUCCESS	Desired Access: Query Value
10:11:00.3687521 AM	git.exe	24388	RegQueryValue	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\ShowDebugInfo	NAME NOT FOUND	Length: 20
10:11:00.3687699 AM	git.exe	24388	RegCloseKey	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags	SUCCESS	
10:11:00.3689529 AM	git.exe	24388	CreateFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3690511 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	Information: Attribute
10:11:00.3690783 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\git.exe	BUFFER OVERFLOW	Information: Owner
10:11:00.3691011 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	Information: Owner
10:11:00.3691269 AM	git.exe	24388	CloseFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	
10:11:00.3693054 AM	git.exe	24388	CreateFile	C:\Windows\System32\ntdll.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3693764 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\ntdll.dll	SUCCESS	Information: Attribute
10:11:00.3693956 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\ntdll.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3694112 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\ntdll.dll	SUCCESS	Information: Owner
10:11:00.3694255 AM	git.exe	24388	CloseFile	C:\Windows\System32\ntdll.dll	SUCCESS	
10:11:00.3695982 AM	git.exe	24388	CreateFile	C:\Windows\System32\kernel32.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3696740 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\kernel32.dll	SUCCESS	Information: Attribute
10:11:00.3696892 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\kernel32.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3697022 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\kernel32.dll	SUCCESS	Information: Owner
10:11:00.3697155 AM	git.exe	24388	CloseFile	C:\Windows\System32\kernel32.dll	SUCCESS	
10:11:00.3698744 AM	git.exe	24388	CreateFile	C:\Windows\System32\KernelBase.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3699306 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\KernelBase.dll	SUCCESS	Information: Attribute
10:11:00.3699454 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\KernelBase.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3699583 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\KernelBase.dll	SUCCESS	Information: Owner
10:11:00.3699717 AM	git.exe	24388	CloseFile	C:\Windows\System32\KernelBase.dll	SUCCESS	
10:11:00.3701484 AM	git.exe	24388	CreateFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3702122 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	Information: Attribute
10:11:00.3702274 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3702403 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	Information: Owner
10:11:00.3702537 AM	git.exe	24388	CloseFile	C:\Program Files\DELL\Dell Data Protection\Advanced Threat Protection\CyMemDef64.dll	SUCCESS	
10:11:00.3704402 AM	git.exe	24388	CreateFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened
10:11:00.3705929 AM	git.exe	24388	QuerySecurityFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	Information: Attribute
10:11:00.3706094 AM	git.exe	24388	QueryStandardInformationFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	AllocationSize: 557,056, EndOfFile: 554,138, NumberOfLinks: 2, DeletePending: False, Directory: False
10:11:00.3706312 AM	git.exe	24388	QueryStandardInformationFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	AllocationSize: 557,056, EndOfFile: 554,138, NumberOfLinks: 2, DeletePending: False, Directory: False
10:11:00.3706518 AM	git.exe	24388	CreateFileMapping	C:\Windows\AppPatch\apppatch64\sysmain.sdb	FILE LOCKED WITH ONLY READERS	SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE|PAGE_NOCACHE
10:11:00.3706647 AM	git.exe	24388	QueryStandardInformationFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	AllocationSize: 557,056, EndOfFile: 554,138, NumberOfLinks: 2, DeletePending: False, Directory: False
10:11:00.3706937 AM	git.exe	24388	CreateFileMapping	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	SyncType: SyncTypeOther
10:11:00.3709976 AM	git.exe	24388	CreateFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened
10:11:00.3710695 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	Information: Attribute
10:11:00.3710971 AM	git.exe	24388	RegOpenKey	HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders	SUCCESS	Desired Access: Query Value
10:11:00.3711699 AM	git.exe	24388	RegQueryValue	HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache	SUCCESS	Type: REG_SZ, Length: 154, Data: C:\Users\<username>\AppData\Local\Microsoft\Windows\Temporary Internet Files
10:11:00.3712114 AM	git.exe	24388	RegCloseKey	HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders	SUCCESS	
10:11:00.3712471 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	Information: Owner, Group, DACL, SACL, Label, Process Trust Label
10:11:00.3713988 AM	git.exe	24388	CreateFile	C:\Windows\AppPatch\sysmain.sdb	SUCCESS	Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened
10:11:00.3715590 AM	git.exe	24388	QuerySecurityFile	C:\Windows\AppPatch\sysmain.sdb	SUCCESS	Information: Attribute
10:11:00.3715809 AM	git.exe	24388	QueryBasicInformationFile	C:\Windows\AppPatch\sysmain.sdb	SUCCESS	CreationTime: 10/17/2017 2:26:31 PM, LastAccessTime: 10/17/2017 2:26:31 PM, LastWriteTime: 9/17/2017 5:09:15 PM, ChangeTime: 10/18/2017 12:44:21 PM, FileAttributes: A
10:11:00.3716058 AM	git.exe	24388	CloseFile	C:\Windows\AppPatch\sysmain.sdb	SUCCESS	
10:11:00.3718107 AM	git.exe	24388	CreateFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened
10:11:00.3719642 AM	git.exe	24388	QuerySecurityFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	Information: Attribute
10:11:00.3719816 AM	git.exe	24388	QueryBasicInformationFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	CreationTime: 10/17/2017 2:25:46 PM, LastAccessTime: 10/17/2017 2:25:46 PM, LastWriteTime: 9/17/2017 5:15:39 PM, ChangeTime: 10/18/2017 12:44:21 PM, FileAttributes: A
10:11:00.3720008 AM	git.exe	24388	CloseFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	
10:11:00.3720458 AM	git.exe	24388	QueryBasicInformationFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	CreationTime: 12/4/2017 10:28:45 AM, LastAccessTime: 12/8/2017 10:11:00 AM, LastWriteTime: 10/30/2017 10:18:46 AM, ChangeTime: 12/4/2017 10:28:45 AM, FileAttributes: A
10:11:00.3721128 AM	git.exe	24388	CloseFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	
10:11:00.3723060 AM	git.exe	24388	CreateFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened
10:11:00.3723698 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	Information: Attribute
10:11:00.3723979 AM	git.exe	24388	RegOpenKey	HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders	SUCCESS	Desired Access: Query Value
10:11:00.3724751 AM	git.exe	24388	RegQueryValue	HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache	SUCCESS	Type: REG_SZ, Length: 154, Data: C:\Users\<username>\AppData\Local\Microsoft\Windows\Temporary Internet Files
10:11:00.3725019 AM	git.exe	24388	RegCloseKey	HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders	SUCCESS	
10:11:00.3725278 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	Information: Owner, Group, DACL, SACL, Label, Process Trust Label
10:11:00.3725479 AM	git.exe	24388	QueryBasicInformationFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	CreationTime: 12/4/2017 10:28:45 AM, LastAccessTime: 12/8/2017 10:11:00 AM, LastWriteTime: 10/30/2017 10:18:46 AM, ChangeTime: 12/4/2017 10:28:45 AM, FileAttributes: A
10:11:00.3725880 AM	git.exe	24388	CloseFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	
10:11:00.3728241 AM	git.exe	24388	RegOpenKey	HKLM\SYSTEM\CurrentControlSet\Control\Session Manager	REPARSE	Desired Access: Query Value, Enumerate Sub Keys
10:11:00.3728674 AM	git.exe	24388	RegOpenKey	HKLM\System\CurrentControlSet\Control\Session Manager	SUCCESS	Desired Access: Query Value, Enumerate Sub Keys
10:11:00.3729058 AM	git.exe	24388	RegQueryValue	HKLM\System\CurrentControlSet\Control\Session Manager\ResourcePolicies	NAME NOT FOUND	Length: 24
10:11:00.3729281 AM	git.exe	24388	RegCloseKey	HKLM\System\CurrentControlSet\Control\Session Manager	SUCCESS	
10:11:00.3729861 AM	git.exe	24388	CloseFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	
10:11:00.3734225 AM	git.exe	24388	CreateFile	C:\Windows\System32\apphelp.dll	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3734953 AM	git.exe	24388	QueryBasicInformationFile	C:\Windows\System32\apphelp.dll	SUCCESS	CreationTime: 7/16/2016 3:42:16 AM, LastAccessTime: 12/8/2017 10:11:00 AM, LastWriteTime: 7/16/2016 3:42:16 AM, ChangeTime: 12/5/2016 8:24:49 AM, FileAttributes: A
10:11:00.3735194 AM	git.exe	24388	CloseFile	C:\Windows\System32\apphelp.dll	SUCCESS	
10:11:00.3739085 AM	git.exe	24388	CreateFile	C:\Windows\System32\apphelp.dll	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3739817 AM	git.exe	24388	QueryBasicInformationFile	C:\Windows\System32\apphelp.dll	SUCCESS	CreationTime: 7/16/2016 3:42:16 AM, LastAccessTime: 12/8/2017 10:11:00 AM, LastWriteTime: 7/16/2016 3:42:16 AM, ChangeTime: 12/5/2016 8:24:49 AM, FileAttributes: A
10:11:00.3740067 AM	git.exe	24388	CloseFile	C:\Windows\System32\apphelp.dll	SUCCESS	
10:11:00.3743494 AM	git.exe	24388	Load Image	C:\Windows\System32\advapi32.dll	SUCCESS	Image Base: 0x7ffb26270000, Image Size: 0xa2000
10:11:00.3744391 AM	git.exe	24388	Load Image	C:\Windows\System32\msvcrt.dll	SUCCESS	Image Base: 0x7ffb258b0000, Image Size: 0x9e000
10:11:00.3745310 AM	git.exe	24388	Load Image	C:\Windows\System32\sechost.dll	SUCCESS	Image Base: 0x7ffb25820000, Image Size: 0x59000
10:11:00.3746131 AM	git.exe	24388	Load Image	C:\Windows\System32\rpcrt4.dll	SUCCESS	Image Base: 0x7ffb280b0000, Image Size: 0x121000
10:11:00.3747711 AM	git.exe	24388	Load Image	C:\Windows\System32\user32.dll	SUCCESS	Image Base: 0x7ffb26100000, Image Size: 0x165000
10:11:00.3748902 AM	git.exe	24388	Load Image	C:\Windows\System32\win32u.dll	SUCCESS	Image Base: 0x7ffb24db0000, Image Size: 0x1e000
10:11:00.3749763 AM	git.exe	24388	Load Image	C:\Windows\System32\gdi32.dll	SUCCESS	Image Base: 0x7ffb25950000, Image Size: 0x34000
10:11:00.3750647 AM	git.exe	24388	Load Image	C:\Windows\System32\gdi32full.dll	SUCCESS	Image Base: 0x7ffb25500000, Image Size: 0x180000
10:11:00.3751807 AM	git.exe	24388	Load Image	C:\Windows\System32\ws2_32.dll	SUCCESS	Image Base: 0x7ffb26480000, Image Size: 0x6a000
10:11:00.3752588 AM	git.exe	24388	RegOpenKey	HKLM\System\CurrentControlSet\Control\Session Manager	REPARSE	Desired Access: Query Value
10:11:00.3753017 AM	git.exe	24388	RegOpenKey	HKLM\System\CurrentControlSet\Control\Session Manager	SUCCESS	Desired Access: Query Value
10:11:00.3753441 AM	git.exe	24388	RegQueryValue	HKLM\System\CurrentControlSet\Control\Session Manager\SafeDllSearchMode	NAME NOT FOUND	Length: 16
10:11:00.3757974 AM	git.exe	24388	CreateFile	C:\Program Files\Git\mingw64\bin\libiconv-2.dll	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3760192 AM	git.exe	24388	QueryBasicInformationFile	C:\Program Files\Git\mingw64\bin\libiconv-2.dll	SUCCESS	CreationTime: 12/4/2017 10:28:46 AM, LastAccessTime: 12/8/2017 10:09:27 AM, LastWriteTime: 8/31/2017 12:24:20 PM, ChangeTime: 12/4/2017 10:28:46 AM, FileAttributes: A
10:11:00.3760567 AM	git.exe	24388	CloseFile	C:\Program Files\Git\mingw64\bin\libiconv-2.dll	SUCCESS	
10:11:00.3763267 AM	git.exe	24388	CreateFile	C:\Program Files\Git\mingw64\bin\libiconv-2.dll	SUCCESS	Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3764204 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\libiconv-2.dll	SUCCESS	Information: Attribute
10:11:00.3764561 AM	git.exe	24388	ReadFile	C:\Program Files\Git\mingw64\bin\libiconv-2.dll	SUCCESS	Offset: 0, Length: 64
10:11:00.3765217 AM	git.exe	24388	ReadFile	C:\Program Files\Git\mingw64\bin\libiconv-2.dll	SUCCESS	Offset: 128, Length: 26
10:11:00.3765601 AM	git.exe	24388	QueryStandardInformationFile	C:\Program Files\Git\mingw64\bin\libiconv-2.dll	SUCCESS	AllocationSize: 1,056,768, EndOfFile: 1,056,753, NumberOfLinks: 1, DeletePending: False, Directory: False
10:11:00.3766087 AM	git.exe	24388	QueryFileInternalInformationFile	C:\Program Files\Git\mingw64\bin\libiconv-2.dll	SUCCESS	IndexNumber: 0x270000000a8980
10:11:00.3766614 AM	git.exe	24388	QueryInformationVolume	C:\Program Files\Git\mingw64\bin\libiconv-2.dll	SUCCESS	VolumeCreationTime: 1/29/2016 10:36:22 PM, VolumeSerialNumber: A889-8181, SupportsObjects: True, VolumeLabel: OS
10:11:00.3766989 AM	git.exe	24388	CreateFileMapping	C:\Program Files\Git\mingw64\bin\libiconv-2.dll	FILE LOCKED WITH ONLY READERS	SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE|PAGE_NOCACHE
10:11:00.3767613 AM	git.exe	24388	CreateFileMapping	C:\Program Files\Git\mingw64\bin\libiconv-2.dll	SUCCESS	SyncType: SyncTypeOther
10:11:00.3768537 AM	git.exe	24388	Load Image	C:\Program Files\Git\mingw64\bin\libiconv-2.dll	SUCCESS	Image Base: 0x66000000, Image Size: 0x10b000
10:11:00.3769229 AM	git.exe	24388	CloseFile	C:\Program Files\Git\mingw64\bin\libiconv-2.dll	SUCCESS	
10:11:00.3774013 AM	git.exe	24388	CreateFile	C:\Program Files\Git\mingw64\bin\libintl-8.dll	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3775632 AM	git.exe	24388	QueryBasicInformationFile	C:\Program Files\Git\mingw64\bin\libintl-8.dll	SUCCESS	CreationTime: 12/4/2017 10:28:46 AM, LastAccessTime: 12/8/2017 10:09:27 AM, LastWriteTime: 8/31/2017 12:24:20 PM, ChangeTime: 12/4/2017 10:28:46 AM, FileAttributes: A
10:11:00.3776012 AM	git.exe	24388	CloseFile	C:\Program Files\Git\mingw64\bin\libintl-8.dll	SUCCESS	
10:11:00.3778761 AM	git.exe	24388	CreateFile	C:\Program Files\Git\mingw64\bin\libintl-8.dll	SUCCESS	Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3779649 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\libintl-8.dll	SUCCESS	Information: Attribute
10:11:00.3780166 AM	git.exe	24388	ReadFile	C:\Program Files\Git\mingw64\bin\libintl-8.dll	SUCCESS	Offset: 0, Length: 64
10:11:00.3780880 AM	git.exe	24388	ReadFile	C:\Program Files\Git\mingw64\bin\libintl-8.dll	SUCCESS	Offset: 128, Length: 26
10:11:00.3781260 AM	git.exe	24388	QueryStandardInformationFile	C:\Program Files\Git\mingw64\bin\libintl-8.dll	SUCCESS	AllocationSize: 135,168, EndOfFile: 133,779, NumberOfLinks: 1, DeletePending: False, Directory: False
10:11:00.3781683 AM	git.exe	24388	QueryFileInternalInformationFile	C:\Program Files\Git\mingw64\bin\libintl-8.dll	SUCCESS	IndexNumber: 0x280000000a89a0
10:11:00.3782045 AM	git.exe	24388	QueryInformationVolume	C:\Program Files\Git\mingw64\bin\libintl-8.dll	SUCCESS	VolumeCreationTime: 1/29/2016 10:36:22 PM, VolumeSerialNumber: A889-8181, SupportsObjects: True, VolumeLabel: OS
10:11:00.3782357 AM	git.exe	24388	CreateFileMapping	C:\Program Files\Git\mingw64\bin\libintl-8.dll	FILE LOCKED WITH ONLY READERS	SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE|PAGE_NOCACHE
10:11:00.3782853 AM	git.exe	24388	CreateFileMapping	C:\Program Files\Git\mingw64\bin\libintl-8.dll	SUCCESS	SyncType: SyncTypeOther
10:11:00.3783674 AM	git.exe	24388	Load Image	C:\Program Files\Git\mingw64\bin\libintl-8.dll	SUCCESS	Image Base: 0x61cc0000, Image Size: 0x28000
10:11:00.3784410 AM	git.exe	24388	CloseFile	C:\Program Files\Git\mingw64\bin\libintl-8.dll	SUCCESS	
10:11:00.3789604 AM	git.exe	24388	CreateFile	C:\Program Files\Git\mingw64\bin\libpcre-1.dll	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3791911 AM	git.exe	24388	QueryBasicInformationFile	C:\Program Files\Git\mingw64\bin\libpcre-1.dll	SUCCESS	CreationTime: 12/4/2017 10:28:46 AM, LastAccessTime: 12/8/2017 10:09:27 AM, LastWriteTime: 8/31/2017 12:24:22 PM, ChangeTime: 12/4/2017 10:28:46 AM, FileAttributes: A
10:11:00.3793308 AM	git.exe	24388	CloseFile	C:\Program Files\Git\mingw64\bin\libpcre-1.dll	SUCCESS	
10:11:00.3799225 AM	git.exe	24388	CreateFile	C:\Program Files\Git\mingw64\bin\libpcre-1.dll	SUCCESS	Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3800185 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\libpcre-1.dll	SUCCESS	Information: Attribute
10:11:00.3800524 AM	git.exe	24388	ReadFile	C:\Program Files\Git\mingw64\bin\libpcre-1.dll	SUCCESS	Offset: 0, Length: 64
10:11:00.3801180 AM	git.exe	24388	ReadFile	C:\Program Files\Git\mingw64\bin\libpcre-1.dll	SUCCESS	Offset: 128, Length: 26
10:11:00.3801631 AM	git.exe	24388	QueryStandardInformationFile	C:\Program Files\Git\mingw64\bin\libpcre-1.dll	SUCCESS	AllocationSize: 286,720, EndOfFile: 285,375, NumberOfLinks: 1, DeletePending: False, Directory: False
10:11:00.3802126 AM	git.exe	24388	QueryFileInternalInformationFile	C:\Program Files\Git\mingw64\bin\libpcre-1.dll	SUCCESS	IndexNumber: 0x270000000a89ba
10:11:00.3802612 AM	git.exe	24388	QueryInformationVolume	C:\Program Files\Git\mingw64\bin\libpcre-1.dll	SUCCESS	VolumeCreationTime: 1/29/2016 10:36:22 PM, VolumeSerialNumber: A889-8181, SupportsObjects: True, VolumeLabel: OS
10:11:00.3802974 AM	git.exe	24388	CreateFileMapping	C:\Program Files\Git\mingw64\bin\libpcre-1.dll	FILE LOCKED WITH ONLY READERS	SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE|PAGE_NOCACHE
10:11:00.3805803 AM	git.exe	24388	CreateFileMapping	C:\Program Files\Git\mingw64\bin\libpcre-1.dll	SUCCESS	SyncType: SyncTypeOther
10:11:00.3815616 AM	git.exe	24388	Load Image	C:\Program Files\Git\mingw64\bin\libpcre-1.dll	SUCCESS	Image Base: 0x69140000, Image Size: 0x4d000
10:11:00.3816442 AM	git.exe	24388	CloseFile	C:\Program Files\Git\mingw64\bin\libpcre-1.dll	SUCCESS	
10:11:00.3822805 AM	git.exe	24388	CreateFile	C:\Program Files\Git\mingw64\bin\zlib1.dll	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3823930 AM	git.exe	24388	QueryBasicInformationFile	C:\Program Files\Git\mingw64\bin\zlib1.dll	SUCCESS	CreationTime: 12/4/2017 10:28:46 AM, LastAccessTime: 12/8/2017 10:09:27 AM, LastWriteTime: 8/31/2017 12:24:24 PM, ChangeTime: 12/4/2017 10:28:46 AM, FileAttributes: A
10:11:00.3824309 AM	git.exe	24388	CloseFile	C:\Program Files\Git\mingw64\bin\zlib1.dll	SUCCESS	
10:11:00.3827169 AM	git.exe	24388	CreateFile	C:\Program Files\Git\mingw64\bin\zlib1.dll	SUCCESS	Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3828151 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\zlib1.dll	SUCCESS	Information: Attribute
10:11:00.3828513 AM	git.exe	24388	ReadFile	C:\Program Files\Git\mingw64\bin\zlib1.dll	SUCCESS	Offset: 0, Length: 64
10:11:00.3829160 AM	git.exe	24388	ReadFile	C:\Program Files\Git\mingw64\bin\zlib1.dll	SUCCESS	Offset: 128, Length: 26
10:11:00.3829535 AM	git.exe	24388	QueryStandardInformationFile	C:\Program Files\Git\mingw64\bin\zlib1.dll	SUCCESS	AllocationSize: 94,208, EndOfFile: 93,830, NumberOfLinks: 1, DeletePending: False, Directory: False
10:11:00.3830137 AM	git.exe	24388	QueryFileInternalInformationFile	C:\Program Files\Git\mingw64\bin\zlib1.dll	SUCCESS	IndexNumber: 0x300000000a8a1a
10:11:00.3830614 AM	git.exe	24388	QueryInformationVolume	C:\Program Files\Git\mingw64\bin\zlib1.dll	SUCCESS	VolumeCreationTime: 1/29/2016 10:36:22 PM, VolumeSerialNumber: A889-8181, SupportsObjects: True, VolumeLabel: OS
10:11:00.3830967 AM	git.exe	24388	CreateFileMapping	C:\Program Files\Git\mingw64\bin\zlib1.dll	FILE LOCKED WITH ONLY READERS	SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE|PAGE_NOCACHE
10:11:00.3832658 AM	git.exe	24388	CreateFileMapping	C:\Program Files\Git\mingw64\bin\zlib1.dll	SUCCESS	SyncType: SyncTypeOther
10:11:00.3834059 AM	git.exe	24388	Load Image	C:\Program Files\Git\mingw64\bin\zlib1.dll	SUCCESS	Image Base: 0x62e80000, Image Size: 0x1f000
10:11:00.3834934 AM	git.exe	24388	CloseFile	C:\Program Files\Git\mingw64\bin\zlib1.dll	SUCCESS	
10:11:00.3850075 AM	git.exe	24388	CreateFile	C:\Program Files\Git\mingw64\bin\libssp-0.dll	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3851039 AM	git.exe	24388	QueryBasicInformationFile	C:\Program Files\Git\mingw64\bin\libssp-0.dll	SUCCESS	CreationTime: 12/4/2017 10:28:46 AM, LastAccessTime: 12/8/2017 10:09:27 AM, LastWriteTime: 8/31/2017 12:24:22 PM, ChangeTime: 12/4/2017 10:28:46 AM, FileAttributes: A
10:11:00.3851543 AM	git.exe	24388	CloseFile	C:\Program Files\Git\mingw64\bin\libssp-0.dll	SUCCESS	
10:11:00.3854332 AM	git.exe	24388	CreateFile	C:\Program Files\Git\mingw64\bin\libssp-0.dll	SUCCESS	Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3855377 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\libssp-0.dll	SUCCESS	Information: Attribute
10:11:00.3855747 AM	git.exe	24388	ReadFile	C:\Program Files\Git\mingw64\bin\libssp-0.dll	SUCCESS	Offset: 0, Length: 64
10:11:00.3856747 AM	git.exe	24388	ReadFile	C:\Program Files\Git\mingw64\bin\libssp-0.dll	SUCCESS	Offset: 128, Length: 26
10:11:00.3857412 AM	git.exe	24388	QueryStandardInformationFile	C:\Program Files\Git\mingw64\bin\libssp-0.dll	SUCCESS	AllocationSize: 24,576, EndOfFile: 21,164, NumberOfLinks: 1, DeletePending: False, Directory: False
10:11:00.3858192 AM	git.exe	24388	QueryFileInternalInformationFile	C:\Program Files\Git\mingw64\bin\libssp-0.dll	SUCCESS	IndexNumber: 0x250000000a89bf
10:11:00.3858621 AM	git.exe	24388	QueryInformationVolume	C:\Program Files\Git\mingw64\bin\libssp-0.dll	SUCCESS	VolumeCreationTime: 1/29/2016 10:36:22 PM, VolumeSerialNumber: A889-8181, SupportsObjects: True, VolumeLabel: OS
10:11:00.3858947 AM	git.exe	24388	CreateFileMapping	C:\Program Files\Git\mingw64\bin\libssp-0.dll	FILE LOCKED WITH ONLY READERS	SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE|PAGE_NOCACHE
10:11:00.3859473 AM	git.exe	24388	CreateFileMapping	C:\Program Files\Git\mingw64\bin\libssp-0.dll	SUCCESS	SyncType: SyncTypeOther
10:11:00.3860473 AM	git.exe	24388	Load Image	C:\Program Files\Git\mingw64\bin\libssp-0.dll	SUCCESS	Image Base: 0x68ac0000, Image Size: 0xe000
10:11:00.3861115 AM	git.exe	24388	CloseFile	C:\Program Files\Git\mingw64\bin\libssp-0.dll	SUCCESS	
10:11:00.3868630 AM	git.exe	24388	CreateFile	C:\Windows\System32\msvcrt.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3870031 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\msvcrt.dll	SUCCESS	Information: Attribute
10:11:00.3870388 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\msvcrt.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3870652 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\msvcrt.dll	SUCCESS	Information: Owner
10:11:00.3870919 AM	git.exe	24388	CloseFile	C:\Windows\System32\msvcrt.dll	SUCCESS	
10:11:00.3874659 AM	git.exe	24388	CreateFile	C:\Program Files\Git\mingw64\bin\libiconv-2.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3875873 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\libiconv-2.dll	SUCCESS	Information: Attribute
10:11:00.3876239 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\libiconv-2.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3876560 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\libiconv-2.dll	SUCCESS	Information: Owner
10:11:00.3876930 AM	git.exe	24388	CloseFile	C:\Program Files\Git\mingw64\bin\libiconv-2.dll	SUCCESS	
10:11:00.3880924 AM	git.exe	24388	CreateFile	C:\Windows\System32\rpcrt4.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3882160 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\rpcrt4.dll	SUCCESS	Information: Attribute
10:11:00.3882874 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\rpcrt4.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3883490 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\rpcrt4.dll	SUCCESS	Information: Owner
10:11:00.3883776 AM	git.exe	24388	CloseFile	C:\Windows\System32\rpcrt4.dll	SUCCESS	
10:11:00.3888479 AM	git.exe	24388	CreateFile	C:\Windows\System32\sechost.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3889814 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\sechost.dll	SUCCESS	Information: Attribute
10:11:00.3890278 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\sechost.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3890563 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\sechost.dll	SUCCESS	Information: Owner
10:11:00.3890849 AM	git.exe	24388	CloseFile	C:\Windows\System32\sechost.dll	SUCCESS	
10:11:00.3895708 AM	git.exe	24388	CreateFile	C:\Windows\System32\advapi32.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3897087 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\advapi32.dll	SUCCESS	Information: Attribute
10:11:00.3897386 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\advapi32.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3897663 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\advapi32.dll	SUCCESS	Information: Owner
10:11:00.3897949 AM	git.exe	24388	CloseFile	C:\Windows\System32\advapi32.dll	SUCCESS	
10:11:00.3902500 AM	git.exe	24388	CreateFile	C:\Program Files\Git\mingw64\bin\libintl-8.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3903571 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\libintl-8.dll	SUCCESS	Information: Attribute
10:11:00.3903888 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\libintl-8.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3904169 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\libintl-8.dll	SUCCESS	Information: Owner
10:11:00.3904575 AM	git.exe	24388	CloseFile	C:\Program Files\Git\mingw64\bin\libintl-8.dll	SUCCESS	
10:11:00.3908636 AM	git.exe	24388	CreateFile	C:\Program Files\Git\mingw64\bin\libpcre-1.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3909676 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\libpcre-1.dll	SUCCESS	Information: Attribute
10:11:00.3909997 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\libpcre-1.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3910278 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\libpcre-1.dll	SUCCESS	Information: Owner
10:11:00.3910555 AM	git.exe	24388	CloseFile	C:\Program Files\Git\mingw64\bin\libpcre-1.dll	SUCCESS	
10:11:00.3913389 AM	git.exe	24388	CreateFile	C:\Program Files\Git\mingw64\bin\zlib1.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3914451 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\zlib1.dll	SUCCESS	Information: Attribute
10:11:00.3914937 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\zlib1.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3915236 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\zlib1.dll	SUCCESS	Information: Owner
10:11:00.3915531 AM	git.exe	24388	CloseFile	C:\Program Files\Git\mingw64\bin\zlib1.dll	SUCCESS	
10:11:00.3919502 AM	git.exe	24388	CreateFile	C:\Windows\System32\win32u.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3920712 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\win32u.dll	SUCCESS	Information: Attribute
10:11:00.3921011 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\win32u.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3921600 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\win32u.dll	SUCCESS	Information: Owner
10:11:00.3922015 AM	git.exe	24388	CloseFile	C:\Windows\System32\win32u.dll	SUCCESS	
10:11:00.3925326 AM	git.exe	24388	CreateFile	C:\Windows\System32\gdi32full.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3926321 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\gdi32full.dll	SUCCESS	Information: Attribute
10:11:00.3926651 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\gdi32full.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3927062 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\gdi32full.dll	SUCCESS	Information: Owner
10:11:00.3927356 AM	git.exe	24388	CloseFile	C:\Windows\System32\gdi32full.dll	SUCCESS	
10:11:00.3931270 AM	git.exe	24388	CreateFile	C:\Windows\System32\gdi32.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3932943 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\gdi32.dll	SUCCESS	Information: Attribute
10:11:00.3933260 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\gdi32.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3933501 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\gdi32.dll	SUCCESS	Information: Owner
10:11:00.3934907 AM	git.exe	24388	CloseFile	C:\Windows\System32\gdi32.dll	SUCCESS	
10:11:00.3939017 AM	git.exe	24388	CreateFile	C:\Windows\System32\user32.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3940164 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\user32.dll	SUCCESS	Information: Attribute
10:11:00.3940516 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\user32.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3940980 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\user32.dll	SUCCESS	Information: Owner
10:11:00.3941395 AM	git.exe	24388	CloseFile	C:\Windows\System32\user32.dll	SUCCESS	
10:11:00.3946701 AM	git.exe	24388	CreateFile	C:\Windows\System32\ws2_32.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3948129 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\ws2_32.dll	SUCCESS	Information: Attribute
10:11:00.3948419 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\ws2_32.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3948709 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\ws2_32.dll	SUCCESS	Information: Owner
10:11:00.3949155 AM	git.exe	24388	CloseFile	C:\Windows\System32\ws2_32.dll	SUCCESS	
10:11:00.3954430 AM	git.exe	24388	CreateFile	C:\Program Files\Git\mingw64\bin\libssp-0.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3955862 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\libssp-0.dll	SUCCESS	Information: Attribute
10:11:00.3956286 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\libssp-0.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.3957460 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\mingw64\bin\libssp-0.dll	SUCCESS	Information: Owner
10:11:00.3958915 AM	git.exe	24388	CloseFile	C:\Program Files\Git\mingw64\bin\libssp-0.dll	SUCCESS	
10:11:00.3962360 AM	git.exe	24388	RegOpenKey	HKLM\SYSTEM\CurrentControlSet\Control\Session Manager	REPARSE	Desired Access: Query Value, Enumerate Sub Keys
10:11:00.3963118 AM	git.exe	24388	RegOpenKey	HKLM\System\CurrentControlSet\Control\Session Manager	SUCCESS	Desired Access: Query Value, Enumerate Sub Keys
10:11:00.3963841 AM	git.exe	24388	RegQueryValue	HKLM\System\CurrentControlSet\Control\Session Manager\ResourcePolicies	NAME NOT FOUND	Length: 24
10:11:00.3964194 AM	git.exe	24388	RegCloseKey	HKLM\System\CurrentControlSet\Control\Session Manager	SUCCESS	
10:11:00.3965024 AM	git.exe	24388	RegOpenKey	HKLM\System\CurrentControlSet\Control\Nls\Sorting\Versions	REPARSE	Desired Access: Read
10:11:00.3966086 AM	git.exe	24388	RegOpenKey	HKLM\System\CurrentControlSet\Control\Nls\Sorting\Versions	SUCCESS	Desired Access: Read
10:11:00.3966818 AM	git.exe	24388	RegQueryValue	HKLM\System\CurrentControlSet\Control\Nls\Sorting\Versions\(Default)	SUCCESS	Type: REG_SZ, Length: 18, Data: 0006020E
10:11:00.3977671 AM	git.exe	24388	CreateFile	C:\Windows\System32\imm32.dll	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3978920 AM	git.exe	24388	QueryBasicInformationFile	C:\Windows\System32\imm32.dll	SUCCESS	CreationTime: 7/16/2016 3:42:23 AM, LastAccessTime: 12/7/2017 11:00:23 AM, LastWriteTime: 7/16/2016 3:42:23 AM, ChangeTime: 12/5/2016 8:24:40 AM, FileAttributes: A
10:11:00.3979348 AM	git.exe	24388	CloseFile	C:\Windows\System32\imm32.dll	SUCCESS	
10:11:00.3985234 AM	git.exe	24388	CreateFile	C:\Windows\System32\imm32.dll	SUCCESS	Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.3988099 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\imm32.dll	SUCCESS	Information: Attribute
10:11:00.3988407 AM	git.exe	24388	CreateFileMapping	C:\Windows\System32\imm32.dll	FILE LOCKED WITH ONLY READERS	SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE|PAGE_NOCACHE
10:11:00.3988671 AM	git.exe	24388	QueryStandardInformationFile	C:\Windows\System32\imm32.dll	SUCCESS	AllocationSize: 176,128, EndOfFile: 175,672, NumberOfLinks: 2, DeletePending: False, Directory: False
10:11:00.3989398 AM	git.exe	24388	CreateFileMapping	C:\Windows\System32\imm32.dll	SUCCESS	SyncType: SyncTypeOther
10:11:00.3990348 AM	git.exe	24388	CloseFile	C:\Windows\System32\imm32.dll	SUCCESS	
10:11:00.3992638 AM	git.exe	24388	Load Image	C:\Windows\System32\imm32.dll	SUCCESS	Image Base: 0x7ffb25880000, Image Size: 0x2e000
10:11:00.4001545 AM	git.exe	24388	CreateFile	C:\Windows\System32\imm32.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4003647 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\imm32.dll	SUCCESS	Information: Attribute
10:11:00.4004486 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\imm32.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.4005374 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\imm32.dll	SUCCESS	Information: Owner
10:11:00.4009046 AM	git.exe	24388	CloseFile	C:\Windows\System32\imm32.dll	SUCCESS	
10:11:00.4015164 AM	git.exe	24388	CreateFile	C:\Windows\System32\imm32.dll	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4016311 AM	git.exe	24388	QueryBasicInformationFile	C:\Windows\System32\imm32.dll	SUCCESS	CreationTime: 7/16/2016 3:42:23 AM, LastAccessTime: 12/7/2017 11:00:23 AM, LastWriteTime: 7/16/2016 3:42:23 AM, ChangeTime: 12/5/2016 8:24:40 AM, FileAttributes: A
10:11:00.4016976 AM	git.exe	24388	CloseFile	C:\Windows\System32\imm32.dll	SUCCESS	
10:11:00.4025522 AM	git.exe	24388	CreateFile	C:\Windows\System32\imm32.dll	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4026771 AM	git.exe	24388	QueryBasicInformationFile	C:\Windows\System32\imm32.dll	SUCCESS	CreationTime: 7/16/2016 3:42:23 AM, LastAccessTime: 12/7/2017 11:00:23 AM, LastWriteTime: 7/16/2016 3:42:23 AM, ChangeTime: 12/5/2016 8:24:40 AM, FileAttributes: A
10:11:00.4027199 AM	git.exe	24388	CloseFile	C:\Windows\System32\imm32.dll	SUCCESS	
10:11:00.4028025 AM	git.exe	24388	RegOpenKey	HKLM\System\CurrentControlSet\Control\Error Message Instrument\	REPARSE	Desired Access: Read
10:11:00.4029449 AM	git.exe	24388	RegOpenKey	HKLM\System\CurrentControlSet\Control\Error Message Instrument	NAME NOT FOUND	Desired Access: Read
10:11:00.4030399 AM	git.exe	24388	RegQueryValue	HKLM\System\CurrentControlSet\Control\WMI\Security\f25bcd2e-2690-55dc-3bc4-07b65b1b41c9	NAME NOT FOUND	Length: 524
10:11:00.4031729 AM	git.exe	24388	RegOpenKey	HKLM\Software\Microsoft\Windows NT\CurrentVersion\GRE_Initialize	SUCCESS	Desired Access: Read
10:11:00.4035241 AM	git.exe	24388	RegQueryValue	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize\DisableMetaFiles	NAME NOT FOUND	Length: 20
10:11:00.4036236 AM	git.exe	24388	RegCloseKey	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize	SUCCESS	
10:11:00.4038356 AM	git.exe	24388	RegOpenKey	HKLM\Software\Microsoft\Windows NT\CurrentVersion\Compatibility32	SUCCESS	Desired Access: Read
10:11:00.4041274 AM	git.exe	24388	RegQueryValue	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Compatibility32\git	NAME NOT FOUND	Length: 172
10:11:00.4041752 AM	git.exe	24388	RegCloseKey	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Compatibility32	SUCCESS	
10:11:00.4042198 AM	git.exe	24388	RegOpenKey	HKLM\Software\Microsoft\Windows NT\CurrentVersion\IME Compatibility	NAME NOT FOUND	Desired Access: Read
10:11:00.4050556 AM	git.exe	24388	RegOpenKey	HKLM	SUCCESS	Desired Access: Maximum Allowed, Granted Access: All Access
10:11:00.4051181 AM	git.exe	24388	RegQueryKey	HKLM	SUCCESS	Query: HandleTags, HandleTags: 0x0
10:11:00.4051623 AM	git.exe	24388	RegOpenKey	HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows	SUCCESS	Desired Access: Read
10:11:00.4052403 AM	git.exe	24388	RegQueryValue	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\LoadAppInit_DLLs	SUCCESS	Type: REG_DWORD, Length: 4, Data: 0
10:11:00.4052921 AM	git.exe	24388	RegCloseKey	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows	SUCCESS	
10:11:00.4053439 AM	git.exe	24388	RegOpenKey	HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options	SUCCESS	Desired Access: Query Value, Enumerate Sub Keys
10:11:00.4054202 AM	git.exe	24388	RegOpenKey	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\git.exe	NAME NOT FOUND	Desired Access: Query Value, Enumerate Sub Keys
10:11:00.4055335 AM	git.exe	24388	RegQueryValue	HKLM\System\CurrentControlSet\Control\WMI\Security\d0f1a5c6-fc43-48ae-99bf-efb1c38be9d1	NAME NOT FOUND	Length: 524
10:11:00.4062368 AM	git.exe	24388	CreateFile	C:\Program Files\Git\mingw64\bin\CRYPTSP.dll	NAME NOT FOUND	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
10:11:00.4069990 AM	git.exe	24388	CreateFile	C:\Windows\System32\cryptsp.dll	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4071199 AM	git.exe	24388	QueryBasicInformationFile	C:\Windows\System32\cryptsp.dll	SUCCESS	CreationTime: 7/16/2016 3:42:27 AM, LastAccessTime: 12/8/2017 10:09:27 AM, LastWriteTime: 7/16/2016 3:42:27 AM, ChangeTime: 12/5/2016 8:24:40 AM, FileAttributes: A
10:11:00.4071695 AM	git.exe	24388	CloseFile	C:\Windows\System32\cryptsp.dll	SUCCESS	
10:11:00.4074609 AM	git.exe	24388	CreateFile	C:\Windows\System32\cryptsp.dll	SUCCESS	Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4077331 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\cryptsp.dll	SUCCESS	Information: Attribute
10:11:00.4077750 AM	git.exe	24388	ReadFile	C:\Windows\System32\cryptsp.dll	SUCCESS	Offset: 0, Length: 64
10:11:00.4078429 AM	git.exe	24388	ReadFile	C:\Windows\System32\cryptsp.dll	SUCCESS	Offset: 240, Length: 26
10:11:00.4078848 AM	git.exe	24388	QueryStandardInformationFile	C:\Windows\System32\cryptsp.dll	SUCCESS	AllocationSize: 81,920, EndOfFile: 81,176, NumberOfLinks: 2, DeletePending: False, Directory: False
10:11:00.4079294 AM	git.exe	24388	QueryFileInternalInformationFile	C:\Windows\System32\cryptsp.dll	SUCCESS	IndexNumber: 0x30000000733a1
10:11:00.4079687 AM	git.exe	24388	QueryInformationVolume	C:\Windows\System32\cryptsp.dll	SUCCESS	VolumeCreationTime: 1/29/2016 10:36:22 PM, VolumeSerialNumber: A889-8181, SupportsObjects: True, VolumeLabel: OS
10:11:00.4080048 AM	git.exe	24388	CreateFileMapping	C:\Windows\System32\cryptsp.dll	FILE LOCKED WITH ONLY READERS	SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE|PAGE_NOCACHE
10:11:00.4080678 AM	git.exe	24388	CreateFileMapping	C:\Windows\System32\cryptsp.dll	SUCCESS	SyncType: SyncTypeOther
10:11:00.4081847 AM	git.exe	24388	Load Image	C:\Windows\System32\cryptsp.dll	SUCCESS	Image Base: 0x7ffb241d0000, Image Size: 0x17000
10:11:00.4082882 AM	git.exe	24388	CloseFile	C:\Windows\System32\cryptsp.dll	SUCCESS	
10:11:00.4086840 AM	git.exe	24388	CreateFile	C:\Windows\System32\cryptsp.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4088362 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\cryptsp.dll	SUCCESS	Information: Attribute
10:11:00.4088911 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\cryptsp.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.4089263 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\cryptsp.dll	SUCCESS	Information: Owner
10:11:00.4089616 AM	git.exe	24388	CloseFile	C:\Windows\System32\cryptsp.dll	SUCCESS	
10:11:00.4091129 AM	git.exe	24388	RegQueryKey	HKLM	SUCCESS	Query: HandleTags, HandleTags: 0x0
10:11:00.4091544 AM	git.exe	24388	RegOpenKey	HKLM\SOFTWARE\Microsoft\Cryptography\Defaults\Provider Types\Type 001	SUCCESS	Desired Access: Read
10:11:00.4092401 AM	git.exe	24388	RegQueryValue	HKLM\SOFTWARE\Microsoft\Cryptography\Defaults\Provider Types\Type 001\Name	SUCCESS	Type: REG_SZ, Length: 80, Data: Microsoft Strong Cryptographic Provider
10:11:00.4093083 AM	git.exe	24388	RegQueryValue	HKLM\SOFTWARE\Microsoft\Cryptography\Defaults\Provider Types\Type 001\Name	SUCCESS	Type: REG_SZ, Length: 80, Data: Microsoft Strong Cryptographic Provider
10:11:00.4093842 AM	git.exe	24388	RegQueryValue	HKLM\SOFTWARE\Microsoft\Cryptography\Defaults\Provider Types\Type 001\Name	SUCCESS	Type: REG_SZ, Length: 80, Data: Microsoft Strong Cryptographic Provider
10:11:00.4094248 AM	git.exe	24388	RegQueryValue	HKLM\SOFTWARE\Microsoft\Cryptography\Defaults\Provider Types\Type 001\Name	SUCCESS	Type: REG_SZ, Length: 80, Data: Microsoft Strong Cryptographic Provider
10:11:00.4094717 AM	git.exe	24388	RegCloseKey	HKLM\SOFTWARE\Microsoft\Cryptography\Defaults\Provider Types\Type 001	SUCCESS	
10:11:00.4095167 AM	git.exe	24388	RegQueryKey	HKLM	SUCCESS	Query: HandleTags, HandleTags: 0x0
10:11:00.4095582 AM	git.exe	24388	RegOpenKey	HKLM\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider	SUCCESS	Desired Access: Read
10:11:00.4096667 AM	git.exe	24388	RegQueryValue	HKLM\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider\Type	SUCCESS	Type: REG_DWORD, Length: 4, Data: 1
10:11:00.4097287 AM	git.exe	24388	RegQueryValue	HKLM\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider\Image Path	SUCCESS	Type: REG_SZ, Length: 66, Data: %SystemRoot%\system32\rsaenh.dll
10:11:00.4097724 AM	git.exe	24388	RegQueryValue	HKLM\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider\Image Path	SUCCESS	Type: REG_SZ, Length: 66, Data: %SystemRoot%\system32\rsaenh.dll
10:11:00.4098367 AM	git.exe	24388	RegQueryValue	HKLM\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider\Image Path	SUCCESS	Type: REG_SZ, Length: 66, Data: %SystemRoot%\system32\rsaenh.dll
10:11:00.4099500 AM	git.exe	24388	RegQueryValue	HKLM\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider\Image Path	SUCCESS	Type: REG_SZ, Length: 66, Data: %SystemRoot%\system32\rsaenh.dll
10:11:00.4106042 AM	git.exe	24388	CreateFile	C:\Windows\System32\rsaenh.dll	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4107341 AM	git.exe	24388	QueryBasicInformationFile	C:\Windows\System32\rsaenh.dll	SUCCESS	CreationTime: 7/16/2016 3:42:27 AM, LastAccessTime: 12/8/2017 10:09:27 AM, LastWriteTime: 7/16/2016 3:42:27 AM, ChangeTime: 12/5/2016 8:24:41 AM, FileAttributes: A
10:11:00.4107738 AM	git.exe	24388	CloseFile	C:\Windows\System32\rsaenh.dll	SUCCESS	
10:11:00.4110889 AM	git.exe	24388	CreateFile	C:\Windows\System32\rsaenh.dll	SUCCESS	Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4114003 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\rsaenh.dll	SUCCESS	Information: Attribute
10:11:00.4114401 AM	git.exe	24388	ReadFile	C:\Windows\System32\rsaenh.dll	SUCCESS	Offset: 0, Length: 64
10:11:00.4115065 AM	git.exe	24388	ReadFile	C:\Windows\System32\rsaenh.dll	SUCCESS	Offset: 248, Length: 26
10:11:00.4115489 AM	git.exe	24388	QueryStandardInformationFile	C:\Windows\System32\rsaenh.dll	SUCCESS	AllocationSize: 204,800, EndOfFile: 202,992, NumberOfLinks: 2, DeletePending: False, Directory: False
10:11:00.4115953 AM	git.exe	24388	QueryFileInternalInformationFile	C:\Windows\System32\rsaenh.dll	SUCCESS	IndexNumber: 0x30000000736a1
10:11:00.4116342 AM	git.exe	24388	QueryInformationVolume	C:\Windows\System32\rsaenh.dll	SUCCESS	VolumeCreationTime: 1/29/2016 10:36:22 PM, VolumeSerialNumber: A889-8181, SupportsObjects: True, VolumeLabel: OS
10:11:00.4116801 AM	git.exe	24388	CreateFileMapping	C:\Windows\System32\rsaenh.dll	FILE LOCKED WITH ONLY READERS	SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE|PAGE_NOCACHE
10:11:00.4117346 AM	git.exe	24388	CreateFileMapping	C:\Windows\System32\rsaenh.dll	SUCCESS	SyncType: SyncTypeOther
10:11:00.4118528 AM	git.exe	24388	Load Image	C:\Windows\System32\rsaenh.dll	SUCCESS	Image Base: 0x7ffb23c40000, Image Size: 0x33000
10:11:00.4120242 AM	git.exe	24388	CloseFile	C:\Windows\System32\rsaenh.dll	SUCCESS	
10:11:00.4143741 AM	git.exe	24388	CreateFile	C:\Program Files\Git\mingw64\bin\bcrypt.dll	NAME NOT FOUND	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
10:11:00.4149650 AM	git.exe	24388	CreateFile	C:\Windows\System32\bcrypt.dll	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4150738 AM	git.exe	24388	QueryBasicInformationFile	C:\Windows\System32\bcrypt.dll	SUCCESS	CreationTime: 12/13/2016 10:43:32 AM, LastAccessTime: 12/8/2017 10:11:00 AM, LastWriteTime: 12/9/2016 2:19:21 AM, ChangeTime: 11/27/2017 4:16:00 PM, FileAttributes: A
10:11:00.4151118 AM	git.exe	24388	CloseFile	C:\Windows\System32\bcrypt.dll	SUCCESS	
10:11:00.4153862 AM	git.exe	24388	CreateFile	C:\Windows\System32\bcrypt.dll	SUCCESS	Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4156723 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\bcrypt.dll	SUCCESS	Information: Attribute
10:11:00.4157432 AM	git.exe	24388	ReadFile	C:\Windows\System32\bcrypt.dll	SUCCESS	Offset: 0, Length: 64
10:11:00.4158226 AM	git.exe	24388	ReadFile	C:\Windows\System32\bcrypt.dll	SUCCESS	Offset: 232, Length: 26
10:11:00.4158905 AM	git.exe	24388	QueryStandardInformationFile	C:\Windows\System32\bcrypt.dll	SUCCESS	AllocationSize: 172,032, EndOfFile: 168,424, NumberOfLinks: 2, DeletePending: False, Directory: False
10:11:00.4159449 AM	git.exe	24388	QueryFileInternalInformationFile	C:\Windows\System32\bcrypt.dll	SUCCESS	IndexNumber: 0xb0000000b92cc
10:11:00.4159882 AM	git.exe	24388	QueryInformationVolume	C:\Windows\System32\bcrypt.dll	SUCCESS	VolumeCreationTime: 1/29/2016 10:36:22 PM, VolumeSerialNumber: A889-8181, SupportsObjects: True, VolumeLabel: OS
10:11:00.4160275 AM	git.exe	24388	CreateFileMapping	C:\Windows\System32\bcrypt.dll	FILE LOCKED WITH ONLY READERS	SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE|PAGE_NOCACHE
10:11:00.4160828 AM	git.exe	24388	CreateFileMapping	C:\Windows\System32\bcrypt.dll	SUCCESS	SyncType: SyncTypeOther
10:11:00.4161917 AM	git.exe	24388	Load Image	C:\Windows\System32\bcrypt.dll	SUCCESS	Image Base: 0x7ffb242e0000, Image Size: 0x2b000
10:11:00.4163394 AM	git.exe	24388	CloseFile	C:\Windows\System32\bcrypt.dll	SUCCESS	
10:11:00.4167740 AM	git.exe	24388	CreateFile	C:\Windows\System32\bcrypt.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4168883 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\bcrypt.dll	SUCCESS	Information: Attribute
10:11:00.4172011 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\bcrypt.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.4172364 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\bcrypt.dll	SUCCESS	Information: Owner
10:11:00.4172689 AM	git.exe	24388	CloseFile	C:\Windows\System32\bcrypt.dll	SUCCESS	
10:11:00.4176755 AM	git.exe	24388	CreateFile	C:\Windows\System32\rsaenh.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4179111 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\rsaenh.dll	SUCCESS	Information: Attribute
10:11:00.4179432 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\rsaenh.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.4179878 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\rsaenh.dll	SUCCESS	Information: Owner
10:11:00.4180231 AM	git.exe	24388	CloseFile	C:\Windows\System32\rsaenh.dll	SUCCESS	
10:11:00.4182293 AM	git.exe	24388	RegQueryValue	HKLM\System\CurrentControlSet\Control\WMI\Security\f3a71a4b-6118-4257-8ccb-39a33ba059d4	NAME NOT FOUND	Length: 524
10:11:00.4185514 AM	git.exe	24388	RegQueryKey	HKLM	SUCCESS	Query: HandleTags, HandleTags: 0x0
10:11:00.4185921 AM	git.exe	24388	RegOpenKey	HKLM\Software\Policies\Microsoft\Cryptography	SUCCESS	Desired Access: Read
10:11:00.4187790 AM	git.exe	24388	RegSetInfoKey	HKLM\SOFTWARE\Policies\Microsoft\Cryptography	SUCCESS	KeySetInformationClass: KeySetHandleTagsInformation, Length: 0
10:11:00.4188098 AM	git.exe	24388	RegQueryValue	HKLM\SOFTWARE\Policies\Microsoft\Cryptography\PrivKeyCacheMaxItems	NAME NOT FOUND	Length: 144
10:11:00.4188464 AM	git.exe	24388	RegQueryValue	HKLM\SOFTWARE\Policies\Microsoft\Cryptography\PrivKeyCachePurgeIntervalSeconds	NAME NOT FOUND	Length: 144
10:11:00.4188732 AM	git.exe	24388	RegQueryValue	HKLM\SOFTWARE\Policies\Microsoft\Cryptography\PrivateKeyLifetimeSeconds	NAME NOT FOUND	Length: 144
10:11:00.4189035 AM	git.exe	24388	RegCloseKey	HKLM\SOFTWARE\Policies\Microsoft\Cryptography	SUCCESS	
10:11:00.4189374 AM	git.exe	24388	RegQueryKey	HKLM	SUCCESS	Query: HandleTags, HandleTags: 0x0
10:11:00.4189754 AM	git.exe	24388	RegOpenKey	HKLM\Software\Microsoft\Cryptography	SUCCESS	Desired Access: Read
10:11:00.4190379 AM	git.exe	24388	RegSetInfoKey	HKLM\SOFTWARE\Microsoft\Cryptography	SUCCESS	KeySetInformationClass: KeySetHandleTagsInformation, Length: 0
10:11:00.4190637 AM	git.exe	24388	RegQueryValue	HKLM\SOFTWARE\Microsoft\Cryptography\MachineGuid	SUCCESS	Type: REG_SZ, Length: 74, Data: 0980d199-c869-4bcb-907a-279e40404203
10:11:00.4191026 AM	git.exe	24388	RegQueryValue	HKLM\SOFTWARE\Microsoft\Cryptography\MachineGuid	SUCCESS	Type: REG_SZ, Length: 74, Data: 0980d199-c869-4bcb-907a-279e40404203
10:11:00.4191374 AM	git.exe	24388	RegQueryValue	HKLM\SOFTWARE\Microsoft\Cryptography\MachineGuid	SUCCESS	Type: REG_SZ, Length: 74, Data: 0980d199-c869-4bcb-907a-279e40404203
10:11:00.4192079 AM	git.exe	24388	RegQueryValue	HKLM\SOFTWARE\Microsoft\Cryptography\MachineGuid	SUCCESS	Type: REG_SZ, Length: 74, Data: 0980d199-c869-4bcb-907a-279e40404203
10:11:00.4192592 AM	git.exe	24388	RegCloseKey	HKLM\SOFTWARE\Microsoft\Cryptography	SUCCESS	
10:11:00.4192770 AM	git.exe	24388	RegQueryKey	HKLM	SUCCESS	Query: HandleTags, HandleTags: 0x0
10:11:00.4192985 AM	git.exe	24388	RegOpenKey	HKLM\Software\Microsoft\Cryptography\Offload	NAME NOT FOUND	Desired Access: Read
10:11:00.4193658 AM	git.exe	24388	RegQueryValue	HKLM\System\CurrentControlSet\Control\Nls\Sorting\Versions\000602xx	SUCCESS	Type: REG_SZ, Length: 26, Data: kernel32.dll
10:11:00.4197010 AM	git.exe	24388	CreateFile	C:\Windows\Globalization\Sorting\SortDefault.nls	SUCCESS	Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened
10:11:00.4198215 AM	git.exe	24388	QuerySecurityFile	C:\Windows\Globalization\Sorting\SortDefault.nls	SUCCESS	Information: Attribute
10:11:00.4198670 AM	git.exe	24388	CreateFileMapping	C:\Windows\Globalization\Sorting\SortDefault.nls	FILE LOCKED WITH ONLY READERS	SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE|PAGE_NOCACHE
10:11:00.4199045 AM	git.exe	24388	QueryStandardInformationFile	C:\Windows\Globalization\Sorting\SortDefault.nls	SUCCESS	AllocationSize: 3,371,008, EndOfFile: 3,368,788, NumberOfLinks: 1, DeletePending: False, Directory: False
10:11:00.4199763 AM	git.exe	24388	CreateFileMapping	C:\Windows\Globalization\Sorting\SortDefault.nls	SUCCESS	SyncType: SyncTypeOther
10:11:00.4200807 AM	git.exe	24388	CloseFile	C:\Windows\Globalization\Sorting\SortDefault.nls	SUCCESS	
10:11:00.4202686 AM	git.exe	24388	RegOpenKey	HKLM\System\CurrentControlSet\Control\Nls\Sorting\Ids	REPARSE	Desired Access: Read
10:11:00.4203342 AM	git.exe	24388	RegOpenKey	HKLM\System\CurrentControlSet\Control\Nls\Sorting\Ids	SUCCESS	Desired Access: Read
10:11:00.4209273 AM	git.exe	24388	CreateFile	C:\Program Files\Git\mingw64\bin\CRYPTBASE.dll	NAME NOT FOUND	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
10:11:00.4214293 AM	git.exe	24388	CreateFile	C:\Windows\System32\cryptbase.dll	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4215275 AM	git.exe	24388	QueryBasicInformationFile	C:\Windows\System32\cryptbase.dll	SUCCESS	CreationTime: 7/16/2016 3:42:27 AM, LastAccessTime: 12/8/2017 10:09:27 AM, LastWriteTime: 7/16/2016 3:42:27 AM, ChangeTime: 12/5/2016 8:24:39 AM, FileAttributes: A
10:11:00.4215699 AM	git.exe	24388	CloseFile	C:\Windows\System32\cryptbase.dll	SUCCESS	
10:11:00.4218684 AM	git.exe	24388	CreateFile	C:\Windows\System32\cryptbase.dll	SUCCESS	Desired Access: Read Data/List Directory, Execute/Traverse, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4222517 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\cryptbase.dll	SUCCESS	Information: Attribute
10:11:00.4222937 AM	git.exe	24388	ReadFile	C:\Windows\System32\cryptbase.dll	SUCCESS	Offset: 0, Length: 64
10:11:00.4223878 AM	git.exe	24388	ReadFile	C:\Windows\System32\cryptbase.dll	SUCCESS	Offset: 232, Length: 26
10:11:00.4224351 AM	git.exe	24388	QueryStandardInformationFile	C:\Windows\System32\cryptbase.dll	SUCCESS	AllocationSize: 32,768, EndOfFile: 31,080, NumberOfLinks: 2, DeletePending: False, Directory: False
10:11:00.4224815 AM	git.exe	24388	QueryFileInternalInformationFile	C:\Windows\System32\cryptbase.dll	SUCCESS	IndexNumber: 0x300000007339b
10:11:00.4225226 AM	git.exe	24388	QueryInformationVolume	C:\Windows\System32\cryptbase.dll	SUCCESS	VolumeCreationTime: 1/29/2016 10:36:22 PM, VolumeSerialNumber: A889-8181, SupportsObjects: True, VolumeLabel: OS
10:11:00.4225601 AM	git.exe	24388	CreateFileMapping	C:\Windows\System32\cryptbase.dll	FILE LOCKED WITH ONLY READERS	SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE|PAGE_NOCACHE
10:11:00.4226132 AM	git.exe	24388	CreateFileMapping	C:\Windows\System32\cryptbase.dll	SUCCESS	SyncType: SyncTypeOther
10:11:00.4227386 AM	git.exe	24388	Load Image	C:\Windows\System32\cryptbase.dll	SUCCESS	Image Base: 0x7ffb241f0000, Image Size: 0xb000
10:11:00.4228738 AM	git.exe	24388	Load Image	C:\Windows\System32\bcryptprimitives.dll	SUCCESS	Image Base: 0x7ffb24790000, Image Size: 0x6a000
10:11:00.4229577 AM	git.exe	24388	CloseFile	C:\Windows\System32\cryptbase.dll	SUCCESS	
10:11:00.4233664 AM	git.exe	24388	CreateFile	C:\Windows\System32\bcryptprimitives.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4234936 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\bcryptprimitives.dll	SUCCESS	Information: Attribute
10:11:00.4235342 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\bcryptprimitives.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.4235753 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\bcryptprimitives.dll	SUCCESS	Information: Owner
10:11:00.4236056 AM	git.exe	24388	CloseFile	C:\Windows\System32\bcryptprimitives.dll	SUCCESS	
10:11:00.4242139 AM	git.exe	24388	CreateFile	C:\Windows\System32\cryptbase.dll	SUCCESS	Desired Access: Read Control, Disposition: Open, Options: , Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4243129 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\cryptbase.dll	SUCCESS	Information: Attribute
10:11:00.4243446 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\cryptbase.dll	BUFFER OVERFLOW	Information: Owner
10:11:00.4243754 AM	git.exe	24388	QuerySecurityFile	C:\Windows\System32\cryptbase.dll	SUCCESS	Information: Owner
10:11:00.4244098 AM	git.exe	24388	CloseFile	C:\Windows\System32\cryptbase.dll	SUCCESS	
10:11:00.4245932 AM	git.exe	24388	RegOpenKey	HKLM\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy	REPARSE	Desired Access: Query Value
10:11:00.4246548 AM	git.exe	24388	RegOpenKey	HKLM\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy	SUCCESS	Desired Access: Query Value
10:11:00.4247355 AM	git.exe	24388	RegQueryValue	HKLM\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy\Enabled	SUCCESS	Type: REG_DWORD, Length: 4, Data: 0
10:11:00.4247886 AM	git.exe	24388	RegOpenKey	HKLM\System\CurrentControlSet\Control\Lsa	REPARSE	Desired Access: Query Value
10:11:00.4248391 AM	git.exe	24388	RegOpenKey	HKLM\System\CurrentControlSet\Control\Lsa	SUCCESS	Desired Access: Query Value
10:11:00.4248971 AM	git.exe	24388	RegQueryValue	HKLM\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy	NAME NOT FOUND	Length: 20
10:11:00.4249279 AM	git.exe	24388	RegQueryValue	HKLM\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy\MDMEnabled	NAME NOT FOUND	Length: 20
10:11:00.4249609 AM	git.exe	24388	RegCloseKey	HKLM\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy	SUCCESS	
10:11:00.4249859 AM	git.exe	24388	RegCloseKey	HKLM\System\CurrentControlSet\Control\Lsa	SUCCESS	
10:11:00.4250229 AM	git.exe	24388	RegOpenKey	HKLM\SYSTEM\CurrentControlSet\Policies\Microsoft\Cryptography\Configuration	REPARSE	Desired Access: Query Value
10:11:00.4250858 AM	git.exe	24388	RegOpenKey	HKLM\System\CurrentControlSet\Policies\Microsoft\Cryptography\Configuration	NAME NOT FOUND	Desired Access: Query Value
10:11:00.4252081 AM	git.exe	24388	RegCloseKey	HKLM\SOFTWARE\Microsoft\Cryptography\Defaults\Provider\Microsoft Strong Cryptographic Provider	SUCCESS	
10:11:00.4260399 AM	git.exe	24388	QueryNameInformationFile	C:\Program Files\Git\mingw64\bin\git.exe	SUCCESS	Name: \Program Files\Git\mingw64\bin\git.exe
10:11:00.4264946 AM	git.exe	24388	Thread Create		SUCCESS	Thread ID: 25824
10:11:00.4268583 AM	git.exe	24388	CreateFile	C:\Program Files\Git\mingw64\share\locale	NAME NOT FOUND	Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
10:11:00.4274737 AM	git.exe	24388	CreateFile	C:\Users\<username>\Source\Repos\WebSite	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4275469 AM	git.exe	24388	QueryBasicInformationFile	C:\Users\<username>\Source\Repos\WebSite	SUCCESS	CreationTime: 11/21/2017 9:41:56 AM, LastAccessTime: 12/8/2017 10:11:00 AM, LastWriteTime: 12/7/2017 10:46:48 AM, ChangeTime: 12/7/2017 10:46:48 AM, FileAttributes: D
10:11:00.4275866 AM	git.exe	24388	CloseFile	C:\Users\<username>\Source\Repos\WebSite	SUCCESS	
10:11:00.4277013 AM	git.exe	24388	CreateFile	C:\	SUCCESS	Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4277843 AM	git.exe	24388	QuerySecurityFile	C:\	SUCCESS	Information: Attribute
10:11:00.4278236 AM	git.exe	24388	QueryDirectory	C:\Users	SUCCESS	Filter: Users, 1: Users
10:11:00.4279043 AM	git.exe	24388	CloseFile	C:\	SUCCESS	
10:11:00.4281890 AM	git.exe	24388	CreateFile	C:\Users\<username>	SUCCESS	Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4282810 AM	git.exe	24388	QuerySecurityFile	C:\Users\<username>	SUCCESS	Information: Attribute
10:11:00.4283144 AM	git.exe	24388	QueryDirectory	C:\Users\<username>\Source	SUCCESS	Filter: Source, 1: Source
10:11:00.4283831 AM	git.exe	24388	CloseFile	C:\Users\<username>	SUCCESS	
10:11:00.4286920 AM	git.exe	24388	CreateFile	C:\Users\<username>\Source	SUCCESS	Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4287843 AM	git.exe	24388	QuerySecurityFile	C:\Users\<username>\Source	SUCCESS	Information: Attribute
10:11:00.4288281 AM	git.exe	24388	QueryDirectory	C:\Users\<username>\Source\Repos	SUCCESS	Filter: Repos, 1: Repos
10:11:00.4288990 AM	git.exe	24388	CloseFile	C:\Users\<username>\Source	SUCCESS	
10:11:00.4291717 AM	git.exe	24388	CreateFile	C:\Users\<username>\Source\Repos	SUCCESS	Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4292560 AM	git.exe	24388	QuerySecurityFile	C:\Users\<username>\Source\Repos	SUCCESS	Information: Attribute
10:11:00.4292988 AM	git.exe	24388	QueryDirectory	C:\Users\<username>\Source\Repos\WebSite	SUCCESS	Filter: WebSite, 1: WebSite
10:11:00.4293578 AM	git.exe	24388	CloseFile	C:\Users\<username>\Source\Repos	SUCCESS	
10:11:00.4296384 AM	git.exe	24388	CreateFile	C:\Users\<username>\Source\Repos\WebSite	SUCCESS	Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4297130 AM	git.exe	24388	QuerySecurityFile	C:\Users\<username>\Source\Repos\WebSite	SUCCESS	Information: Attribute
10:11:00.4297531 AM	git.exe	24388	QueryInformationVolume	C:\Users\<username>\Source\Repos\WebSite	SUCCESS	VolumeCreationTime: 1/29/2016 10:36:22 PM, VolumeSerialNumber: A889-8181, SupportsObjects: True, VolumeLabel: OS
10:11:00.4297924 AM	git.exe	24388	QueryAllInformationFile	C:\Users\<username>\Source\Repos\WebSite	BUFFER OVERFLOW	CreationTime: 11/21/2017 9:41:56 AM, LastAccessTime: 12/8/2017 10:11:00 AM, LastWriteTime: 12/7/2017 10:46:48 AM, ChangeTime: 12/7/2017 10:46:48 AM, FileAttributes: D, AllocationSize: 8,192, EndOfFile: 8,192, NumberOfLinks: 1, DeletePending: False, Directory: True, IndexNumber: 0x270000001d0a1d, EaSize: 0, Access: Read Attributes, Synchronize, Position: 0, Mode: Synchronous IO Non-Alert, AlignmentRequirement: Word
10:11:00.4298321 AM	git.exe	24388	CloseFile	C:\Users\<username>\Source\Repos\WebSite	SUCCESS	
10:11:00.4300494 AM	git.exe	24388	CreateFile	C:\Users\<username>\Source\Repos\WebSite\.git	SUCCESS	Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4300985 AM	git.exe	24388	QuerySecurityFile	C:\Users\<username>\Source\Repos\WebSite\.git	SUCCESS	Information: Attribute
10:11:00.4301177 AM	git.exe	24388	QueryInformationVolume	C:\Users\<username>\Source\Repos\WebSite\.git	SUCCESS	VolumeCreationTime: 1/29/2016 10:36:22 PM, VolumeSerialNumber: A889-8181, SupportsObjects: True, VolumeLabel: OS
10:11:00.4301427 AM	git.exe	24388	QueryAllInformationFile	C:\Users\<username>\Source\Repos\WebSite\.git	BUFFER OVERFLOW	CreationTime: 11/21/2017 9:41:56 AM, LastAccessTime: 12/8/2017 10:11:00 AM, LastWriteTime: 12/8/2017 10:06:47 AM, ChangeTime: 12/8/2017 10:06:47 AM, FileAttributes: HD, AllocationSize: 4,096, EndOfFile: 4,096, NumberOfLinks: 1, DeletePending: False, Directory: True, IndexNumber: 0x1c0000001d0a35, EaSize: 0, Access: Read Attributes, Synchronize, Position: 0, Mode: Synchronous IO Non-Alert, AlignmentRequirement: Word
10:11:00.4301771 AM	git.exe	24388	CloseFile	C:\Users\<username>\Source\Repos\WebSite\.git	SUCCESS	
10:11:00.4305854 AM	git.exe	24388	CreateFile	C:\Users\<username>\Source\Repos\WebSite\.git\HEAD	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4307465 AM	git.exe	24388	QueryNetworkOpenInformationFile	C:\Users\<username>\Source\Repos\WebSite\.git\HEAD	SUCCESS	CreationTime: 12/7/2017 11:06:45 AM, LastAccessTime: 12/8/2017 10:09:27 AM, LastWriteTime: 12/7/2017 11:06:45 AM, ChangeTime: 12/7/2017 11:06:45 AM, AllocationSize: 40, EndOfFile: 37, FileAttributes: A
10:11:00.4307875 AM	git.exe	24388	CloseFile	C:\Users\<username>\Source\Repos\WebSite\.git\HEAD	SUCCESS	
10:11:00.4310303 AM	git.exe	24388	CreateFile	C:\Users\<username>\Source\Repos\WebSite\.git\HEAD	SUCCESS	Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened
10:11:00.4311142 AM	git.exe	24388	QuerySecurityFile	C:\Users\<username>\Source\Repos\WebSite\.git\HEAD	SUCCESS	Information: Attribute
10:11:00.4311476 AM	git.exe	24388	ReadFile	C:\Users\<username>\Source\Repos\WebSite\.git\HEAD	SUCCESS	Offset: 0, Length: 37, Priority: Normal
10:11:00.4312052 AM	git.exe	24388	ReadFile	C:\Users\<username>\Source\Repos\WebSite\.git\HEAD	END OF FILE	Offset: 37, Length: 218
10:11:00.4312262 AM	git.exe	24388	CloseFile	C:\Users\<username>\Source\Repos\WebSite\.git\HEAD	SUCCESS	
10:11:00.4315408 AM	git.exe	24388	CreateFile	C:\Users\<username>\Source\Repos\WebSite\.git\commondir	NAME NOT FOUND	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
10:11:00.4318335 AM	git.exe	24388	CreateFile	C:\Users\<username>\Source\Repos\WebSite\.git\objects	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4318764 AM	git.exe	24388	QueryBasicInformationFile	C:\Users\<username>\Source\Repos\WebSite\.git\objects	SUCCESS	CreationTime: 11/21/2017 9:41:56 AM, LastAccessTime: 12/4/2017 10:53:58 AM, LastWriteTime: 11/29/2017 8:50:13 AM, ChangeTime: 11/29/2017 8:50:13 AM, FileAttributes: D
10:11:00.4318973 AM	git.exe	24388	CloseFile	C:\Users\<username>\Source\Repos\WebSite\.git\objects	SUCCESS	
10:11:00.4321758 AM	git.exe	24388	CreateFile	C:\Users\<username>\Source\Repos\WebSite\.git\refs	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4322414 AM	git.exe	24388	QueryBasicInformationFile	C:\Users\<username>\Source\Repos\WebSite\.git\refs	SUCCESS	CreationTime: 11/21/2017 9:41:56 AM, LastAccessTime: 12/8/2017 10:06:49 AM, LastWriteTime: 11/21/2017 9:42:14 AM, ChangeTime: 11/21/2017 9:42:14 AM, FileAttributes: D
10:11:00.4322771 AM	git.exe	24388	CloseFile	C:\Users\<username>\Source\Repos\WebSite\.git\refs	SUCCESS	
10:11:00.4325819 AM	git.exe	24388	CreateFile	C:\Users\<username>\Source\Repos\WebSite\.git\commondir	NAME NOT FOUND	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
10:11:00.4328090 AM	git.exe	24388	CreateFile	C:\Users\<username>\Source\Repos\WebSite\.git\config	SUCCESS	Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened
10:11:00.4329063 AM	git.exe	24388	QuerySecurityFile	C:\Users\<username>\Source\Repos\WebSite\.git\config	SUCCESS	Information: Attribute
10:11:00.4329465 AM	git.exe	24388	ReadFile	C:\Users\<username>\Source\Repos\WebSite\.git\config	SUCCESS	Offset: 0, Length: 654, Priority: Normal
10:11:00.4330179 AM	git.exe	24388	ReadFile	C:\Users\<username>\Source\Repos\WebSite\.git\config	END OF FILE	Offset: 654, Length: 4,096
10:11:00.4330379 AM	git.exe	24388	CloseFile	C:\Users\<username>\Source\Repos\WebSite\.git\config	SUCCESS	
10:11:00.4334079 AM	git.exe	24388	CreateFile	C:\ProgramData\Git\config	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4335516 AM	git.exe	24388	QueryBasicInformationFile	C:\ProgramData\Git\config	SUCCESS	CreationTime: 12/4/2017 10:29:17 AM, LastAccessTime: 12/8/2017 10:09:27 AM, LastWriteTime: 12/4/2017 10:29:18 AM, ChangeTime: 12/4/2017 10:29:18 AM, FileAttributes: A
10:11:00.4335734 AM	git.exe	24388	CloseFile	C:\ProgramData\Git\config	SUCCESS	
10:11:00.4337515 AM	git.exe	24388	CreateFile	C:\ProgramData\Git\config	SUCCESS	Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened
10:11:00.4338193 AM	git.exe	24388	QuerySecurityFile	C:\ProgramData\Git\config	SUCCESS	Information: Attribute
10:11:00.4338434 AM	git.exe	24388	ReadFile	C:\ProgramData\Git\config	SUCCESS	Offset: 0, Length: 371, Priority: Normal
10:11:00.4338974 AM	git.exe	24388	ReadFile	C:\ProgramData\Git\config	END OF FILE	Offset: 371, Length: 4,096
10:11:00.4339171 AM	git.exe	24388	CloseFile	C:\ProgramData\Git\config	SUCCESS	
10:11:00.4342044 AM	git.exe	24388	CreateFile	C:\Program Files\Git\mingw64\etc\gitconfig	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4342691 AM	git.exe	24388	QueryBasicInformationFile	C:\Program Files\Git\mingw64\etc\gitconfig	SUCCESS	CreationTime: 12/4/2017 10:29:17 AM, LastAccessTime: 12/8/2017 10:09:27 AM, LastWriteTime: 12/4/2017 10:29:18 AM, ChangeTime: 12/4/2017 10:29:18 AM, FileAttributes: A
10:11:00.4342897 AM	git.exe	24388	CloseFile	C:\Program Files\Git\mingw64\etc\gitconfig	SUCCESS	
10:11:00.4344610 AM	git.exe	24388	CreateFile	C:\Program Files\Git\mingw64\etc\gitconfig	SUCCESS	Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened
10:11:00.4345235 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\mingw64\etc\gitconfig	SUCCESS	Information: Attribute
10:11:00.4345454 AM	git.exe	24388	ReadFile	C:\Program Files\Git\mingw64\etc\gitconfig	SUCCESS	Offset: 0, Length: 297, Priority: Normal
10:11:00.4345913 AM	git.exe	24388	ReadFile	C:\Program Files\Git\mingw64\etc\gitconfig	END OF FILE	Offset: 297, Length: 4,096
10:11:00.4346096 AM	git.exe	24388	CloseFile	C:\Program Files\Git\mingw64\etc\gitconfig	SUCCESS	
10:11:00.4347511 AM	git.exe	24388	CreateFile	C:\Users\<username>\.config\git\config	PATH NOT FOUND	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
10:11:00.4350523 AM	git.exe	24388	CreateFile	C:\Users\<username>\.gitconfig	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4351139 AM	git.exe	24388	QueryBasicInformationFile	C:\Users\<username>\.gitconfig	SUCCESS	CreationTime: 11/21/2017 3:50:56 PM, LastAccessTime: 12/8/2017 10:09:27 AM, LastWriteTime: 11/28/2017 10:45:19 AM, ChangeTime: 11/28/2017 10:45:19 AM, FileAttributes: A
10:11:00.4351349 AM	git.exe	24388	CloseFile	C:\Users\<username>\.gitconfig	SUCCESS	
10:11:00.4353370 AM	git.exe	24388	CreateFile	C:\Users\<username>\.gitconfig	SUCCESS	Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened
10:11:00.4354035 AM	git.exe	24388	QuerySecurityFile	C:\Users\<username>\.gitconfig	SUCCESS	Information: Attribute
10:11:00.4354263 AM	git.exe	24388	ReadFile	C:\Users\<username>\.gitconfig	SUCCESS	Offset: 0, Length: 603, Priority: Normal
10:11:00.4354838 AM	git.exe	24388	ReadFile	C:\Users\<username>\.gitconfig	END OF FILE	Offset: 603, Length: 4,096
10:11:00.4355030 AM	git.exe	24388	CloseFile	C:\Users\<username>\.gitconfig	SUCCESS	
10:11:00.4357752 AM	git.exe	24388	CreateFile	C:\Users\<username>\Source\Repos\WebSite\.git\config	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4358359 AM	git.exe	24388	QueryBasicInformationFile	C:\Users\<username>\Source\Repos\WebSite\.git\config	SUCCESS	CreationTime: 11/29/2017 8:50:33 AM, LastAccessTime: 12/8/2017 10:11:00 AM, LastWriteTime: 11/29/2017 8:50:33 AM, ChangeTime: 11/29/2017 8:50:33 AM, FileAttributes: A
10:11:00.4358564 AM	git.exe	24388	CloseFile	C:\Users\<username>\Source\Repos\WebSite\.git\config	SUCCESS	
10:11:00.4360265 AM	git.exe	24388	CreateFile	C:\Users\<username>\Source\Repos\WebSite\.git\config	SUCCESS	Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened
10:11:00.4360992 AM	git.exe	24388	QuerySecurityFile	C:\Users\<username>\Source\Repos\WebSite\.git\config	SUCCESS	Information: Attribute
10:11:00.4361215 AM	git.exe	24388	ReadFile	C:\Users\<username>\Source\Repos\WebSite\.git\config	SUCCESS	Offset: 0, Length: 654, Priority: Normal
10:11:00.4361764 AM	git.exe	24388	ReadFile	C:\Users\<username>\Source\Repos\WebSite\.git\config	END OF FILE	Offset: 654, Length: 4,096
10:11:00.4361992 AM	git.exe	24388	CloseFile	C:\Users\<username>\Source\Repos\WebSite\.git\config	SUCCESS	
10:11:00.4365147 AM	git.exe	24388	CreateFile	C:\Program Files\Git\mingw64\libexec\git-core\git-stash.exe	NAME NOT FOUND	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
10:11:00.4367882 AM	git.exe	24388	CreateFile	C:\Program Files\Git\mingw64\libexec\git-core\git-stash	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4368520 AM	git.exe	24388	QueryBasicInformationFile	C:\Program Files\Git\mingw64\libexec\git-core\git-stash	SUCCESS	CreationTime: 12/4/2017 10:28:51 AM, LastAccessTime: 12/8/2017 10:09:48 AM, LastWriteTime: 10/30/2017 10:18:46 AM, ChangeTime: 12/4/2017 10:28:51 AM, FileAttributes: A
10:11:00.4368783 AM	git.exe	24388	CloseFile	C:\Program Files\Git\mingw64\libexec\git-core\git-stash	SUCCESS	
10:11:00.4372483 AM	git.exe	24388	CreateFile	C:\Program Files\Git\mingw64\libexec\git-core\git-stash	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4373166 AM	git.exe	24388	QueryBasicInformationFile	C:\Program Files\Git\mingw64\libexec\git-core\git-stash	SUCCESS	CreationTime: 12/4/2017 10:28:51 AM, LastAccessTime: 12/8/2017 10:09:48 AM, LastWriteTime: 10/30/2017 10:18:46 AM, ChangeTime: 12/4/2017 10:28:51 AM, FileAttributes: A
10:11:00.4373371 AM	git.exe	24388	CloseFile	C:\Program Files\Git\mingw64\libexec\git-core\git-stash	SUCCESS	
10:11:00.4375214 AM	git.exe	24388	CreateFile	C:\Program Files\Git\mingw64\libexec\git-core\git-stash	SUCCESS	Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened
10:11:00.4375852 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\mingw64\libexec\git-core\git-stash	SUCCESS	Information: Attribute
10:11:00.4376044 AM	git.exe	24388	ReadFile	C:\Program Files\Git\mingw64\libexec\git-core\git-stash	SUCCESS	Offset: 0, Length: 99, Priority: Normal
10:11:00.4376432 AM	git.exe	24388	CloseFile	C:\Program Files\Git\mingw64\libexec\git-core\git-stash	SUCCESS	
10:11:00.4379047 AM	git.exe	24388	CreateFile	C:\Program Files\Git\mingw64\libexec\git-core\sh.exe	NAME NOT FOUND	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
10:11:00.4382006 AM	git.exe	24388	CreateFile	C:\Program Files\Git\mingw64\bin\sh.exe	NAME NOT FOUND	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a
10:11:00.4384741 AM	git.exe	24388	CreateFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4385393 AM	git.exe	24388	QueryBasicInformationFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	CreationTime: 12/4/2017 10:28:56 AM, LastAccessTime: 12/8/2017 10:10:33 AM, LastWriteTime: 8/31/2017 12:26:50 PM, ChangeTime: 12/4/2017 10:28:56 AM, FileAttributes: A
10:11:00.4385625 AM	git.exe	24388	CloseFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	
10:11:00.4388436 AM	git.exe	24388	CreateFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4389052 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	Information: Attribute
10:11:00.4389275 AM	git.exe	24388	ReadFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	Offset: 0, Length: 64
10:11:00.4389632 AM	git.exe	24388	ReadFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	Offset: 128, Length: 26
10:11:00.4389824 AM	git.exe	24388	QueryStandardInformationFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	AllocationSize: 2,088,960, EndOfFile: 2,088,441, NumberOfLinks: 1, DeletePending: False, Directory: False
10:11:00.4390177 AM	git.exe	24388	QueryFileInternalInformationFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	IndexNumber: 0x140000000bc4d1
10:11:00.4390525 AM	git.exe	24388	QueryInformationVolume	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	VolumeCreationTime: 1/29/2016 10:36:22 PM, VolumeSerialNumber: A889-8181, SupportsObjects: True, VolumeLabel: OS
10:11:00.4390833 AM	git.exe	24388	CreateFileMapping	C:\Program Files\Git\usr\bin\sh.exe	FILE LOCKED WITH ONLY READERS	SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE|PAGE_NOCACHE
10:11:00.4391114 AM	git.exe	24388	CreateFileMapping	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	SyncType: SyncTypeOther
10:11:00.4391511 AM	git.exe	24388	RegOpenKey	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sh.exe	NAME NOT FOUND	Desired Access: Query Value, Enumerate Sub Keys
10:11:00.4392894 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	Information: Owner, Group, DACL, SACL, Label, Process Trust Label
10:11:00.4393108 AM	git.exe	24388	QueryNameInformationFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	Name: \Program Files\Git\usr\bin\sh.exe
10:11:00.4396143 AM	git.exe	24388	CreateFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	Desired Access: Generic Read, Disposition: Open, Options: , Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened
10:11:00.4396785 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	Information: Attribute
10:11:00.4397285 AM	git.exe	24388	QueryNameInformationFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	Name: \Program Files\Git\usr\bin\sh.exe
10:11:00.4397495 AM	git.exe	24388	CloseFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	
10:11:00.4397977 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	Information: Owner, Group, DACL, SACL, Label, Process Trust Label
10:11:00.4398361 AM	git.exe	24388	FileSystemControl	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	Control: FSCTL_READ_FILE_USN_DATA
10:11:00.4398557 AM	git.exe	24388	QueryStandardInformationFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	AllocationSize: 2,088,960, EndOfFile: 2,088,441, NumberOfLinks: 1, DeletePending: False, Directory: False
10:11:00.4398896 AM	git.exe	24388	RegOpenKey	HKLM\System\CurrentControlSet\Control\AppID\Configuration\SMARTLOCKER	REPARSE	Desired Access: Read
10:11:00.4399262 AM	git.exe	24388	RegOpenKey	HKLM\System\CurrentControlSet\Control\AppID\Configuration\SMARTLOCKER	NAME NOT FOUND	Desired Access: Read
10:11:00.4399583 AM	git.exe	24388	RegOpenKey	HKLM\System\CurrentControlSet\Control\AppID\Configuration\SMARTLOCKER	REPARSE	Desired Access: Read
10:11:00.4399918 AM	git.exe	24388	RegOpenKey	HKLM\System\CurrentControlSet\Control\AppID\Configuration\SMARTLOCKER	NAME NOT FOUND	Desired Access: Read
10:11:00.4402854 AM	git.exe	24388	CreateFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	Desired Access: Read Attributes, Disposition: Open, Options: Non-Directory File, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened
10:11:00.4403872 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	Information: Attribute
10:11:00.4404086 AM	git.exe	24388	CloseFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	
10:11:00.4404836 AM	git.exe	24388	QueryNameInformationFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	Name: \Program Files\Git\usr\bin\sh.exe
10:11:00.4407281 AM	git.exe	24388	CreateFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	Desired Access: Read Data/List Directory, Read Attributes, Disposition: Open, Options: Sequential Access, Non-Directory File, Attributes: N, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened
10:11:00.4407919 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	Information: Attribute
10:11:00.4408102 AM	git.exe	24388	QueryAllInformationFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	CreationTime: 12/4/2017 10:28:56 AM, LastAccessTime: 12/8/2017 10:10:33 AM, LastWriteTime: 8/31/2017 12:26:50 PM, ChangeTime: 12/4/2017 10:28:56 AM, FileAttributes: A, AllocationSize: 2,088,960, EndOfFile: 2,088,441, NumberOfLinks: 1, DeletePending: False, Directory: False, IndexNumber: 0x140000000bc4d1, EaSize: 0, Access: None 0x0, Position: 0, Mode: , AlignmentRequirement: Byte
10:11:00.4408464 AM	git.exe	24388	CloseFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	
10:11:00.4409258 AM	git.exe	24388	Process Create	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	PID: 24088, Command line: sh "C:\Program Files\Git\mingw64/libexec/git-core\git-stash"
10:11:00.4410325 AM	git.exe	24388	RegOpenKey	HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls	REPARSE	Desired Access: Query Value
10:11:00.4410829 AM	git.exe	24388	RegOpenKey	HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls	NAME NOT FOUND	Desired Access: Query Value
10:11:00.4411382 AM	git.exe	24388	RegOpenKey	HKLM\System\CurrentControlSet\Control\SafeBoot\Option	REPARSE	Desired Access: Query Value, Set Value
10:11:00.4412203 AM	git.exe	24388	RegOpenKey	HKLM\System\CurrentControlSet\Control\SafeBoot\Option	NAME NOT FOUND	Desired Access: Query Value, Set Value
10:11:00.4412583 AM	git.exe	24388	RegOpenKey	HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers	SUCCESS	Desired Access: Query Value
10:11:00.4413020 AM	git.exe	24388	RegQueryValue	HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\TransparentEnabled	NAME NOT FOUND	Length: 80
10:11:00.4413279 AM	git.exe	24388	RegQueryValue	HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers\AuthenticodeEnabled	SUCCESS	Type: REG_DWORD, Length: 4, Data: 0
10:11:00.4413622 AM	git.exe	24388	RegCloseKey	HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers	SUCCESS	
10:11:00.4413984 AM	git.exe	24388	RegOpenKey	HKCU\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers	NAME NOT FOUND	Desired Access: Query Value
10:11:00.4414899 AM	git.exe	24388	RegOpenKey	HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders	SUCCESS	Desired Access: Query Value
10:11:00.4415447 AM	git.exe	24388	RegQueryValue	HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache	SUCCESS	Type: REG_SZ, Length: 154, Data: C:\Users\<username>\AppData\Local\Microsoft\Windows\Temporary Internet Files
10:11:00.4415715 AM	git.exe	24388	RegCloseKey	HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders	SUCCESS	
10:11:00.4415956 AM	git.exe	24388	RegOpenKey	HKCU\Software\Microsoft\Windows NT\CurrentVersion	SUCCESS	Desired Access: Enumerate Sub Keys
10:11:00.4416362 AM	git.exe	24388	RegOpenKey	HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers	SUCCESS	Desired Access: Query Value
10:11:00.4416826 AM	git.exe	24388	RegQueryValue	HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\C:\Program Files\Git\usr\bin\sh.exe	NAME NOT FOUND	Length: 16
10:11:00.4417058 AM	git.exe	24388	RegCloseKey	HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers	SUCCESS	
10:11:00.4417313 AM	git.exe	24388	QuerySecurityFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	Information: Owner, Group, DACL, SACL, Label, Process Trust Label
10:11:00.4418977 AM	git.exe	24388	CreateFile	C:\Windows\AppPatch\sysmain.sdb	SUCCESS	Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened
10:11:00.4420566 AM	git.exe	24388	QuerySecurityFile	C:\Windows\AppPatch\sysmain.sdb	SUCCESS	Information: Attribute
10:11:00.4420753 AM	git.exe	24388	QueryBasicInformationFile	C:\Windows\AppPatch\sysmain.sdb	SUCCESS	CreationTime: 10/17/2017 2:26:31 PM, LastAccessTime: 10/17/2017 2:26:31 PM, LastWriteTime: 9/17/2017 5:09:15 PM, ChangeTime: 10/18/2017 12:44:21 PM, FileAttributes: A
10:11:00.4420950 AM	git.exe	24388	CloseFile	C:\Windows\AppPatch\sysmain.sdb	SUCCESS	
10:11:00.4422989 AM	git.exe	24388	CreateFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened
10:11:00.4424488 AM	git.exe	24388	QuerySecurityFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	Information: Attribute
10:11:00.4424658 AM	git.exe	24388	QueryBasicInformationFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	CreationTime: 10/17/2017 2:25:46 PM, LastAccessTime: 10/17/2017 2:25:46 PM, LastWriteTime: 9/17/2017 5:15:39 PM, ChangeTime: 10/18/2017 12:44:21 PM, FileAttributes: A
10:11:00.4424854 AM	git.exe	24388	CloseFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	
10:11:00.4425412 AM	git.exe	24388	QueryBasicInformationFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	CreationTime: 12/4/2017 10:28:56 AM, LastAccessTime: 12/8/2017 10:10:33 AM, LastWriteTime: 8/31/2017 12:26:50 PM, ChangeTime: 12/4/2017 10:28:56 AM, FileAttributes: A
10:11:00.4426305 AM	git.exe	24388	QueryBasicInformationFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	CreationTime: 12/4/2017 10:28:56 AM, LastAccessTime: 12/8/2017 10:10:33 AM, LastWriteTime: 8/31/2017 12:26:50 PM, ChangeTime: 12/4/2017 10:28:56 AM, FileAttributes: A
10:11:00.4426791 AM	git.exe	24388	QueryNameInformationFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	Name: \Program Files\Git\usr\bin\sh.exe
10:11:00.4428982 AM	git.exe	24388	CreateFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened
10:11:00.4430446 AM	git.exe	24388	QuerySecurityFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	Information: Attribute
10:11:00.4430633 AM	git.exe	24388	QueryStandardInformationFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	AllocationSize: 557,056, EndOfFile: 554,138, NumberOfLinks: 2, DeletePending: False, Directory: False
10:11:00.4430852 AM	git.exe	24388	QueryStandardInformationFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	AllocationSize: 557,056, EndOfFile: 554,138, NumberOfLinks: 2, DeletePending: False, Directory: False
10:11:00.4431075 AM	git.exe	24388	CreateFileMapping	C:\Windows\AppPatch\apppatch64\sysmain.sdb	FILE LOCKED WITH ONLY READERS	SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE_READ|PAGE_NOCACHE
10:11:00.4431227 AM	git.exe	24388	QueryStandardInformationFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	AllocationSize: 557,056, EndOfFile: 554,138, NumberOfLinks: 2, DeletePending: False, Directory: False
10:11:00.4431606 AM	git.exe	24388	CreateFileMapping	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	SyncType: SyncTypeOther
10:11:00.4432302 AM	git.exe	24388	QueryStandardInformationFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	AllocationSize: 2,088,960, EndOfFile: 2,088,441, NumberOfLinks: 1, DeletePending: False, Directory: False
10:11:00.4432954 AM	git.exe	24388	RegOpenKey	HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers	NAME NOT FOUND	Desired Access: Read
10:11:00.4433587 AM	git.exe	24388	RegOpenKey	HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers	SUCCESS	Desired Access: Read
10:11:00.4434525 AM	git.exe	24388	RegQueryValue	HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\C:\Program Files\Git\usr\bin\sh.exe	NAME NOT FOUND	Length: 1,024
10:11:00.4434877 AM	git.exe	24388	RegCloseKey	HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers	SUCCESS	
10:11:00.4435203 AM	git.exe	24388	RegOpenKey	HKLM\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Custom\sh.exe	NAME NOT FOUND	Desired Access: Read
10:11:00.4435747 AM	git.exe	24388	QueryStandardInformationFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	AllocationSize: 2,088,960, EndOfFile: 2,088,441, NumberOfLinks: 1, DeletePending: False, Directory: False
10:11:00.4436042 AM	git.exe	24388	CreateFileMapping	C:\Program Files\Git\usr\bin\sh.exe	FILE LOCKED WITH ONLY READERS	SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE|PAGE_NOCACHE
10:11:00.4436216 AM	git.exe	24388	QueryStandardInformationFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	AllocationSize: 2,088,960, EndOfFile: 2,088,441, NumberOfLinks: 1, DeletePending: False, Directory: False
10:11:00.4436595 AM	git.exe	24388	CreateFileMapping	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS	SyncType: SyncTypeOther
10:11:00.4439317 AM	git.exe	24388	CloseFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	
10:11:00.4440228 AM	git.exe	24388	RegOpenKey	HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide	SUCCESS	Desired Access: Read
10:11:00.4440705 AM	git.exe	24388	RegQueryValue	HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\PreferExternalManifest	NAME NOT FOUND	Length: 20
10:11:00.4440906 AM	git.exe	24388	RegCloseKey	HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide	SUCCESS	
10:11:00.4453905 AM	git.exe	24388	RegQueryValue	HKLM\System\CurrentControlSet\Control\{7746D80F-97E0-4E26-9543-26B41FC22F79}\{59AEE675-B203-4D61-9A1F-04518A20F359}\4B00650072006E0065006C002D004F006E00650043006F00720065002D00440065007600690063006500460061006D0069006C007900490044000000	NAME NOT FOUND	Length: 0
10:11:00.4455534 AM	git.exe	24388	CreateFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened
10:11:00.4457381 AM	git.exe	24388	QuerySecurityFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	Information: Attribute
10:11:00.4457671 AM	git.exe	24388	QueryStandardInformationFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	AllocationSize: 557,056, EndOfFile: 554,138, NumberOfLinks: 2, DeletePending: False, Directory: False
10:11:00.4457908 AM	git.exe	24388	QueryStandardInformationFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	AllocationSize: 557,056, EndOfFile: 554,138, NumberOfLinks: 2, DeletePending: False, Directory: False
10:11:00.4458122 AM	git.exe	24388	CreateFileMapping	C:\Windows\AppPatch\apppatch64\sysmain.sdb	FILE LOCKED WITH ONLY READERS	SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE|PAGE_NOCACHE
10:11:00.4458256 AM	git.exe	24388	QueryStandardInformationFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	AllocationSize: 557,056, EndOfFile: 554,138, NumberOfLinks: 2, DeletePending: False, Directory: False
10:11:00.4458568 AM	git.exe	24388	CreateFileMapping	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	SyncType: SyncTypeOther
10:11:00.4459015 AM	git.exe	24388	CloseFile	C:\Windows\AppPatch\apppatch64\sysmain.sdb	SUCCESS	
10:11:00.4460907 AM	git.exe	24388	CloseFile	C:\Program Files\Git\usr\bin\sh.exe	SUCCESS

@dscho
Copy link
Member

dscho commented Dec 13, 2017

FWIW I am probably just as good at interpreting those logs as you are, so don't wait on me to analyze it.

This log seems to start at 10:11:00.2499139 AM and end at 10:11:00.4460907 AM, which is just a fifth second.

Are you sure that this is where the freeze happened? Or did you filter by C:\Program Files\Git\mingw64\bin\git.exe instead of C:\Program Files\Git as suggested?

@fredbutters
Copy link
Author

Yeah I couldn't make much sense out of that log. I tried to filter by C:\Program Files\Git but when I ran git stash there was nothing logged in process monitor.

I just found out git rebase <branch> also freezes

@dscho
Copy link
Member

dscho commented Dec 21, 2017

I just found out git rebase <branch> also freezes

But what are the last, say, two dozen entries in Process Monitor from programs located in C:\Program Files\Git when it freezes?

@dscho
Copy link
Member

dscho commented Dec 21, 2017

... when it freezes?

Or is Process Monitor still adding more and more entries while it freezes (in which case, it does not freeze, but kinda "running dry")?

@dscho
Copy link
Member

dscho commented Feb 19, 2018

In another ticket that looks similar, it turned out that the user somehow managed to run the installer in non-elevated mode. That is neither intended, nor supported. Maybe this is the same issue here?

@dscho
Copy link
Member

dscho commented Apr 25, 2018

I grew a little weary of waiting for an answer. Let's wrap the curtain of charity over the rest of the scene.

@dscho dscho closed this as completed Apr 25, 2018
@stanwest stanwest mentioned this issue Jul 26, 2018
Closed
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
pending-answer unclear
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@dscho @dori4n @fredbutters @AlphaZuluLima