Audit File Delete

 OPEN　　　　　　　　　　　　4656

ACCESS　　　　　　　　　　   4663

AN OBJECT WAS DELETED　　4660

CLOSE　　　　　　　　　　　　4658

1537 = Delete 

1538 = Read_CONTROL 

1541 = synchronize 

4416 = ReadData(or List Directory) 

4417 = WriteData(or Add File) 

4418 = AppendData (or AddSubdirectory or CreatePipeInstance) 

4419 = ReadEA 

4420 = WriteEA 

4423 = ReadAttributes 

4424 = WriteAttributes