Origin cannot change security on a file unless running as an administrator on Windows 7, which requires elevation. I'm willing to bet SetSecurity is not what first comes to mind, however I haven't researched that. You'll also notice that on the right "Desired Access" shows up, that is followed by a "Read" which means files are not being edited.
In fact, it says this exactly: "Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
CreateFile is creating the file in memory to process.
I don't see WriteFile anywhere, but that can be as simple as changing the "last accessed" time stamp.
Research the tools being used.
Here is the link to Process Monitor:
Run it yourself. You will find that Origin is not nearly as malicious as it is being made out to be. In fact, I'm not sure how the previous pictures of Steam's access was so short, both programs absolutely filled the screen when I opened them.
You'll also notice that the program after it's first search for games is only in Origin, AppData/Origin, and Webcache folders.
I realize that it is human nature to be suspicious, and that our brains are wired so that someone arguing against your point won't change your views easily (that way someone can't convince you that bear != death), but take a step back, a deep breath, and do your own research.
Edited by FuNkDrSpOt - 11/2/11 at 9:55pm