API tools faq
paste
Advertisement
Guest User

hosts file modified

a guest
Sep 7th, 2011
2,149
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 71.44 KB | None | 0 0
raw download clone embed print report
  1. svchost.exe process numbers & names:
  2. 996: Dnscache (Description "DNS Client")
  3. 3436: WinDefend (Windows Defender)
  4. All Notepad edits are my own. Avast! accesses the file but doesn't seem to have edited it. It must have been Windows Defender.
  5.  
  6. "Time of Day","Process Name","PID","Operation","Path","Result","Detail"
  7. "8:46:54.6366307 PM","notepad.exe","8220","CreateFile","C:\Windows\System32\drivers\etc","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  8. "8:46:54.6367508 PM","notepad.exe","8220","QueryDirectory","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Filter: hosts, 1: hosts"
  9. "8:46:54.6367756 PM","notepad.exe","8220","CloseFile","C:\Windows\System32\drivers\etc","SUCCESS",""
  10. "8:46:54.6368517 PM","notepad.exe","8220","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  11. "8:46:54.6372718 PM","notepad.exe","8220","FileSystemControl","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Control: FSCTL_READ_FILE_USN_DATA"
  12. "8:46:54.6373022 PM","notepad.exe","8220","ReadFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Offset: 0, Length: 1,538, I/O Flags: Non-cached, Paging I/O, Priority: Normal"
  13. "8:46:54.6376730 PM","notepad.exe","8220","QueryInformationVolume","C:\Windows\System32\drivers\etc\hosts","SUCCESS","VolumeCreationTime: 6/23/2011 2:09:50 AM, VolumeSerialNumber: 6658-9ECD, SupportsObjects: True, VolumeLabel: SSD"
  14. "8:46:54.6376876 PM","notepad.exe","8220","QueryAllInformationFile","C:\Windows\System32\drivers\etc\hosts","BUFFER OVERFLOW","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, FileAttributes: A, AllocationSize: 4,096, EndOfFile: 1,538, NumberOfLinks: 1, DeletePending: False, Directory: False, IndexNumber: 0x1000000006c0a, EaSize: 0, Access: Generic Read, Position: 0, Mode: Synchronous IO Non-Alert, AlignmentRequirement: Word"
  15. "8:46:54.6377096 PM","notepad.exe","8220","CreateFileMapping","C:\Windows\System32\drivers\etc\hosts","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  16. "8:46:54.6377183 PM","notepad.exe","8220","QueryStandardInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","AllocationSize: 4,096, EndOfFile: 1,538, NumberOfLinks: 1, DeletePending: False, Directory: False"
  17. "8:46:54.6377372 PM","notepad.exe","8220","CreateFileMapping","C:\Windows\System32\drivers\etc\hosts","SUCCESS","SyncType: SyncTypeOther"
  18. "8:46:54.6377549 PM","notepad.exe","8220","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  19. "8:46:54.6380550 PM","notepad.exe","8220","CreateFile","C:\Windows\System32\drivers\etc","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  20. "8:46:54.6380826 PM","notepad.exe","8220","QueryDirectory","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Filter: hosts, 1: hosts"
  21. "8:46:54.6440689 PM","notepad.exe","8220","CloseFile","C:\Windows\System32\drivers\etc","SUCCESS",""
  22. "2:54:49.9844055 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open For Backup, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  23. "2:54:49.9845737 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  24. "2:54:49.9845867 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  25. "2:54:49.9869748 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, Impersonating: NT AUTHORITY\NETWORK SERVICE, OpenResult: Opened"
  26. "2:54:49.9870136 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  27. "2:54:49.9870253 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  28. "2:58:29.0656881 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open For Backup, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  29. "2:58:29.0658224 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  30. "2:58:29.0658352 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  31. "2:58:29.0671772 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open For Backup, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  32. "2:58:29.0671958 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  33. "2:58:29.0672073 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  34. "2:58:29.0673581 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: No Buffering, Synchronous IO Non-Alert, Open For Backup, Open No Recall, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  35. "2:58:29.0673814 AM","svchost.exe","3436","QueryInformationVolume","C:\Windows\System32\drivers\etc\hosts","SUCCESS","VolumeCreationTime: 6/23/2011 2:09:50 AM, VolumeSerialNumber: 6658-9ECD, SupportsObjects: True, VolumeLabel: SSD"
  36. "2:58:29.0673947 AM","svchost.exe","3436","QueryAllInformationFile","C:\Windows\System32\drivers\etc\hosts","BUFFER OVERFLOW","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, FileAttributes: A, AllocationSize: 4,096, EndOfFile: 1,538, NumberOfLinks: 1, DeletePending: False, Directory: False, IndexNumber: 0x1000000006c0a, EaSize: 0, Access: Read Attributes, Synchronize, Position: 0, Mode: No Buffering, Synchronous IO Non-Alert, AlignmentRequirement: Word"
  37. "2:58:29.0674074 AM","svchost.exe","3436","QueryInformationVolume","C:\Windows\System32\drivers\etc\hosts","SUCCESS","VolumeCreationTime: 6/23/2011 2:09:50 AM, VolumeSerialNumber: 6658-9ECD, SupportsObjects: True, VolumeLabel: SSD"
  38. "2:58:29.0674183 AM","svchost.exe","3436","QueryAllInformationFile","C:\Windows\System32\drivers\etc\hosts","BUFFER OVERFLOW","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, FileAttributes: A, AllocationSize: 4,096, EndOfFile: 1,538, NumberOfLinks: 1, DeletePending: False, Directory: False, IndexNumber: 0x1000000006c0a, EaSize: 0, Access: Read Attributes, Synchronize, Position: 0, Mode: No Buffering, Synchronous IO Non-Alert, AlignmentRequirement: Word"
  39. "2:58:29.0674313 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  40. "2:58:29.0675018 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: No Buffering, Synchronous IO Non-Alert, Open For Backup, Open No Recall, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  41. "2:58:29.0675229 AM","svchost.exe","3436","QueryInformationVolume","C:\Windows\System32\drivers\etc\hosts","SUCCESS","VolumeCreationTime: 6/23/2011 2:09:50 AM, VolumeSerialNumber: 6658-9ECD, SupportsObjects: True, VolumeLabel: SSD"
  42. "2:58:29.0675344 AM","svchost.exe","3436","QueryAllInformationFile","C:\Windows\System32\drivers\etc\hosts","BUFFER OVERFLOW","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, FileAttributes: A, AllocationSize: 4,096, EndOfFile: 1,538, NumberOfLinks: 1, DeletePending: False, Directory: False, IndexNumber: 0x1000000006c0a, EaSize: 0, Access: Read Attributes, Synchronize, Position: 0, Mode: No Buffering, Synchronous IO Non-Alert, AlignmentRequirement: Word"
  43. "2:58:29.0675465 AM","svchost.exe","3436","QueryInformationVolume","C:\Windows\System32\drivers\etc\hosts","SUCCESS","VolumeCreationTime: 6/23/2011 2:09:50 AM, VolumeSerialNumber: 6658-9ECD, SupportsObjects: True, VolumeLabel: SSD"
  44. "2:58:29.0675567 AM","svchost.exe","3436","QueryAllInformationFile","C:\Windows\System32\drivers\etc\hosts","BUFFER OVERFLOW","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, FileAttributes: A, AllocationSize: 4,096, EndOfFile: 1,538, NumberOfLinks: 1, DeletePending: False, Directory: False, IndexNumber: 0x1000000006c0a, EaSize: 0, Access: Read Attributes, Synchronize, Position: 0, Mode: No Buffering, Synchronous IO Non-Alert, AlignmentRequirement: Word"
  45. "2:58:29.0675694 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  46. "2:58:29.0676377 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: No Buffering, Synchronous IO Non-Alert, Open For Backup, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  47. "2:58:29.0676603 AM","svchost.exe","3436","QueryInformationVolume","C:\Windows\System32\drivers\etc\hosts","SUCCESS","VolumeCreationTime: 6/23/2011 2:09:50 AM, VolumeSerialNumber: 6658-9ECD, SupportsObjects: True, VolumeLabel: SSD"
  48. "2:58:29.0676715 AM","svchost.exe","3436","QueryAllInformationFile","C:\Windows\System32\drivers\etc\hosts","BUFFER OVERFLOW","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, FileAttributes: A, AllocationSize: 4,096, EndOfFile: 1,538, NumberOfLinks: 1, DeletePending: False, Directory: False, IndexNumber: 0x1000000006c0a, EaSize: 0, Access: Read Attributes, Synchronize, Position: 0, Mode: No Buffering, Synchronous IO Non-Alert, AlignmentRequirement: Word"
  49. "2:58:29.0676858 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  50. "2:58:29.0677714 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: No Buffering, Synchronous IO Non-Alert, Open For Backup, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  51. "2:58:29.0677928 AM","svchost.exe","3436","FileSystemControl","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Control: FSCTL_READ_FILE_USN_DATA"
  52. "2:58:29.0678052 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  53. "2:58:29.0679235 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open For Backup, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  54. "2:58:29.0679415 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  55. "2:58:29.0679526 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  56. "2:58:29.0680755 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Open For Backup, Open No Recall, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  57. "2:58:29.0681022 AM","svchost.exe","3436","FileSystemControl","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Control: FSCTL_REQUEST_FILTER_OPLOCK"
  58. "2:58:29.0681621 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Random Access, Open No Recall, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  59. "2:58:29.0685127 AM","svchost.exe","3436","FileSystemControl","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Control: FSCTL_READ_FILE_USN_DATA"
  60. "2:58:29.0685509 AM","svchost.exe","3436","ReadFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Offset: 0, Length: 1,538, I/O Flags: Non-cached, Paging I/O, Priority: Normal"
  61. "2:58:29.0687697 AM","svchost.exe","3436","QueryBasicInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, FileAttributes: A"
  62. "2:58:29.0687855 AM","svchost.exe","3436","QueryStandardInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","AllocationSize: 4,096, EndOfFile: 1,538, NumberOfLinks: 1, DeletePending: False, Directory: False"
  63. "2:58:29.0688010 AM","svchost.exe","3436","QueryBasicInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, FileAttributes: A"
  64. "2:58:29.0688156 AM","svchost.exe","3436","ReadFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Offset: 0, Length: 1,538"
  65. "2:58:29.0730518 AM","svchost.exe","3436","QueryStreamInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  66. "2:58:29.0730738 AM","svchost.exe","3436","QueryEAFile","C:\Windows\System32\drivers\etc\hosts","0xC0000052",""
  67. "2:58:29.0730940 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  68. "2:58:29.0731111 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  69. "2:58:33.3280908 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open For Backup, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  70. "2:58:33.3281113 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  71. "2:58:33.3281231 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  72. "2:58:33.3300047 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, Impersonating: NT AUTHORITY\NETWORK SERVICE, OpenResult: Opened"
  73. "2:58:33.3300293 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  74. "2:58:33.3300414 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  75. "2:58:35.3525809 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open For Backup, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  76. "2:58:35.3526014 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  77. "2:58:35.3526132 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  78. "2:58:35.3545345 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, Impersonating: NT AUTHORITY\NETWORK SERVICE, OpenResult: Opened"
  79. "2:58:35.3545597 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  80. "2:58:35.3545718 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  81. "2:58:39.5981977 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open For Backup, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  82. "2:58:39.5982191 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  83. "2:58:39.5982309 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  84. "2:58:39.6003322 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, Impersonating: NT AUTHORITY\NETWORK SERVICE, OpenResult: Opened"
  85. "2:58:39.6003570 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  86. "2:58:39.6003695 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  87. "2:58:42.6575706 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open For Backup, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  88. "2:58:42.6575921 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  89. "2:58:42.6576039 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  90. "2:58:42.6594160 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, Impersonating: NT AUTHORITY\NETWORK SERVICE, OpenResult: Opened"
  91. "2:58:42.6594405 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  92. "2:58:42.6594526 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  93. "2:58:44.7739769 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open For Backup, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  94. "2:58:44.7739980 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  95. "2:58:44.7740105 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  96. "2:58:44.7759421 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, Impersonating: NT AUTHORITY\NETWORK SERVICE, OpenResult: Opened"
  97. "2:58:44.7759657 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  98. "2:58:44.7759778 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  99. "2:58:46.8182483 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open For Backup, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  100. "2:58:46.8182691 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  101. "2:58:46.8182812 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  102. "2:58:46.8184003 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open For Backup, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  103. "2:58:46.8184193 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  104. "2:58:46.8184298 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  105. "2:58:46.8185896 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open For Backup, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  106. "2:58:46.8186098 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  107. "2:58:46.8186213 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  108. "2:58:46.8188233 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open For Backup, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  109. "2:58:46.8188410 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  110. "2:58:46.8188512 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  111. "2:58:46.8195677 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Open For Backup, Open No Recall, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  112. "2:58:46.8195950 AM","svchost.exe","3436","FileSystemControl","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Control: FSCTL_REQUEST_FILTER_OPLOCK"
  113. "2:58:46.8196570 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Random Access, Open No Recall, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  114. "2:58:46.8197427 AM","svchost.exe","3436","FileSystemControl","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Control: FSCTL_READ_FILE_USN_DATA"
  115. "2:58:46.8197824 AM","svchost.exe","3436","QueryBasicInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, FileAttributes: A"
  116. "2:58:46.8197936 AM","svchost.exe","3436","QueryStandardInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","AllocationSize: 4,096, EndOfFile: 1,538, NumberOfLinks: 1, DeletePending: False, Directory: False"
  117. "2:58:46.8198082 AM","svchost.exe","3436","QueryBasicInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, FileAttributes: A"
  118. "2:58:46.8198209 AM","svchost.exe","3436","ReadFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Offset: 0, Length: 1,538"
  119. "2:58:46.8203903 AM","svchost.exe","3436","QueryStreamInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  120. "2:58:46.8204089 AM","svchost.exe","3436","QueryEAFile","C:\Windows\System32\drivers\etc\hosts","0xC0000052",""
  121. "2:58:46.8204284 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  122. "2:58:46.8204424 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  123. "2:58:46.8316144 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open For Backup, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  124. "2:58:46.8316349 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  125. "2:58:46.8316470 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  126. "2:58:46.8333971 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, Impersonating: NT AUTHORITY\NETWORK SERVICE, OpenResult: Opened"
  127. "2:58:46.8334207 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  128. "2:58:46.8334331 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  129. "2:59:20.2854960 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open For Backup, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  130. "2:59:20.2855168 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  131. "2:59:20.2855289 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  132. "2:59:20.2868378 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open For Backup, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  133. "2:59:20.2868564 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  134. "2:59:20.2868679 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  135. "2:59:20.2870587 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open For Backup, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  136. "2:59:20.2870767 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  137. "2:59:20.2870882 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  138. "2:59:20.2872176 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Open For Backup, Open No Recall, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  139. "2:59:20.2872443 AM","svchost.exe","3436","FileSystemControl","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Control: FSCTL_REQUEST_FILTER_OPLOCK"
  140. "2:59:20.2873032 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Random Access, Open No Recall, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  141. "2:59:20.2876514 AM","svchost.exe","3436","FileSystemControl","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Control: FSCTL_READ_FILE_USN_DATA"
  142. "2:59:20.2876874 AM","svchost.exe","3436","QueryBasicInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, FileAttributes: A"
  143. "2:59:20.2876995 AM","svchost.exe","3436","QueryStandardInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","AllocationSize: 4,096, EndOfFile: 1,538, NumberOfLinks: 1, DeletePending: False, Directory: False"
  144. "2:59:20.2877128 AM","svchost.exe","3436","QueryBasicInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, FileAttributes: A"
  145. "2:59:20.2877268 AM","svchost.exe","3436","ReadFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Offset: 0, Length: 1,538"
  146. "2:59:20.2882735 AM","svchost.exe","3436","QueryStreamInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  147. "2:59:20.2882915 AM","svchost.exe","3436","QueryEAFile","C:\Windows\System32\drivers\etc\hosts","0xC0000052",""
  148. "2:59:20.2883098 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  149. "2:59:20.2883247 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  150. "2:59:20.3097261 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open For Backup, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  151. "2:59:20.3097478 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  152. "2:59:20.3097599 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  153. "2:59:20.3115205 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, Impersonating: NT AUTHORITY\NETWORK SERVICE, OpenResult: Opened"
  154. "2:59:20.3115447 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  155. "2:59:20.3115568 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  156. "2:59:20.3263199 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open For Backup, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  157. "2:59:20.3263414 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  158. "2:59:20.3263535 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  159. "2:59:20.3281513 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, Impersonating: NT AUTHORITY\NETWORK SERVICE, OpenResult: Opened"
  160. "2:59:20.3281762 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  161. "2:59:20.3281883 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  162. "2:59:20.4255679 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open For Backup, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  163. "2:59:20.4255897 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  164. "2:59:20.4256021 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  165. "2:59:20.4274800 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, Impersonating: NT AUTHORITY\NETWORK SERVICE, OpenResult: Opened"
  166. "2:59:20.4275045 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  167. "2:59:20.4275166 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  168. "2:59:20.4578853 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open For Backup, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  169. "2:59:20.4579064 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  170. "2:59:20.4579185 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  171. "2:59:20.4596816 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, Impersonating: NT AUTHORITY\NETWORK SERVICE, OpenResult: Opened"
  172. "2:59:20.4597058 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  173. "2:59:20.4597179 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  174. "2:59:20.4982968 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open For Backup, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  175. "2:59:20.4983179 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  176. "2:59:20.4983300 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  177. "2:59:20.5001993 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, Impersonating: NT AUTHORITY\NETWORK SERVICE, OpenResult: Opened"
  178. "2:59:20.5002250 AM","svchost.exe","3436","QueryNetworkOpenInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, AllocationSize: 4096, EndOfFile: 1538, FileAttributes: A"
  179. "2:59:20.5002377 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  180. "2:59:20.5395154 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Open For Backup, Open No Recall, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  181. "2:59:20.5395455 AM","svchost.exe","3436","FileSystemControl","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Control: FSCTL_REQUEST_FILTER_OPLOCK"
  182. "2:59:20.5395595 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  183. "2:59:20.5396389 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Open No Recall, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  184. "2:59:20.5400380 AM","svchost.exe","3436","FileSystemControl","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Control: FSCTL_READ_FILE_USN_DATA"
  185. "2:59:20.5401137 AM","svchost.exe","3436","QueryBasicInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, FileAttributes: A"
  186. "2:59:20.5401360 AM","svchost.exe","3436","ReadFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Offset: 0, Length: 512, Priority: Normal"
  187. "2:59:20.5401475 AM","svchost.exe","3436","QueryStandardInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","AllocationSize: 4,096, EndOfFile: 1,538, NumberOfLinks: 1, DeletePending: False, Directory: False"
  188. "2:59:20.5402142 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Open For Backup, Open No Recall, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  189. "2:59:20.5402393 AM","svchost.exe","3436","FileSystemControl","C:\Windows\System32\drivers\etc\hosts","OPLOCK NOT GRANTED","Control: FSCTL_REQUEST_FILTER_OPLOCK"
  190. "2:59:20.5402505 AM","svchost.exe","3436","FileSystemControl","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Control: FSCTL_REQUEST_OPLOCK_LEVEL_2"
  191. "2:59:20.5402620 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  192. "2:59:20.5403371 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Open No Recall, Attributes: N, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  193. "2:59:20.5404203 AM","svchost.exe","3436","FileSystemControl","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Control: FSCTL_READ_FILE_USN_DATA"
  194. "2:59:20.5404538 AM","svchost.exe","3436","QueryStandardInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","AllocationSize: 4,096, EndOfFile: 1,538, NumberOfLinks: 1, DeletePending: False, Directory: False"
  195. "2:59:20.5404668 AM","svchost.exe","3436","QueryBasicInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, FileAttributes: A"
  196. "2:59:20.5404891 AM","svchost.exe","3436","ReadFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Offset: 0, Length: 1,538, Priority: Normal"
  197. "2:59:20.5408848 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  198. "2:59:20.5414464 AM","svchost.exe","3436","ReadFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Offset: 0, Length: 1,538, Priority: Normal"
  199. "2:59:20.5414765 AM","svchost.exe","3436","ReadFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Offset: 0, Length: 1,538, Priority: Normal"
  200. "2:59:20.5415013 AM","svchost.exe","3436","ReadFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Offset: 0, Length: 1,538, Priority: Normal"
  201. "2:59:20.5422644 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Sequential Access, Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  202. "2:59:20.5425747 AM","svchost.exe","3436","FileSystemControl","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Control: FSCTL_READ_FILE_USN_DATA"
  203. "2:59:20.5430336 AM","svchost.exe","3436","QueryStandardInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","AllocationSize: 4,096, EndOfFile: 1,538, NumberOfLinks: 1, DeletePending: False, Directory: False"
  204. "2:59:20.5430730 AM","svchost.exe","3436","CreateFileMapping","C:\Windows\System32\drivers\etc\hosts","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  205. "2:59:20.5430941 AM","svchost.exe","3436","QueryStandardInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","AllocationSize: 4,096, EndOfFile: 1,538, NumberOfLinks: 1, DeletePending: False, Directory: False"
  206. "2:59:20.5431372 AM","svchost.exe","3436","CreateFileMapping","C:\Windows\System32\drivers\etc\hosts","SUCCESS","SyncType: SyncTypeOther"
  207. "2:59:20.5439217 AM","svchost.exe","3436","QueryStandardInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","AllocationSize: 4,096, EndOfFile: 1,538, NumberOfLinks: 1, DeletePending: False, Directory: False"
  208. "2:59:20.5439567 AM","svchost.exe","3436","CreateFileMapping","C:\Windows\System32\drivers\etc\hosts","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  209. "2:59:20.5439747 AM","svchost.exe","3436","QueryStandardInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","AllocationSize: 4,096, EndOfFile: 1,538, NumberOfLinks: 1, DeletePending: False, Directory: False"
  210. "2:59:20.5440082 AM","svchost.exe","3436","CreateFileMapping","C:\Windows\System32\drivers\etc\hosts","SUCCESS","SyncType: SyncTypeOther"
  211. "2:59:20.5480508 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  212. "2:59:20.5482845 AM","svchost.exe","3436","FileSystemControl","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Control: FSCTL_READ_FILE_USN_DATA"
  213. "2:59:20.5483503 AM","svchost.exe","3436","QueryStandardInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","AllocationSize: 4,096, EndOfFile: 1,538, NumberOfLinks: 1, DeletePending: False, Directory: False"
  214. "2:59:20.5483639 AM","svchost.exe","3436","CreateFileMapping","C:\Windows\System32\drivers\etc\hosts","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  215. "2:59:20.5483717 AM","svchost.exe","3436","QueryStandardInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","AllocationSize: 4,096, EndOfFile: 1,538, NumberOfLinks: 1, DeletePending: False, Directory: False"
  216. "2:59:20.5483863 AM","svchost.exe","3436","CreateFileMapping","C:\Windows\System32\drivers\etc\hosts","SUCCESS","SyncType: SyncTypeOther"
  217. "2:59:20.5507607 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  218. "2:59:20.5508842 AM","svchost.exe","3436","FileSystemControl","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Control: FSCTL_READ_FILE_USN_DATA"
  219. "2:59:20.5509214 AM","svchost.exe","3436","QueryStandardInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","AllocationSize: 4,096, EndOfFile: 1,538, NumberOfLinks: 1, DeletePending: False, Directory: False"
  220. "2:59:20.5509369 AM","svchost.exe","3436","CreateFileMapping","C:\Windows\System32\drivers\etc\hosts","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  221. "2:59:20.5509450 AM","svchost.exe","3436","QueryStandardInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","AllocationSize: 4,096, EndOfFile: 1,538, NumberOfLinks: 1, DeletePending: False, Directory: False"
  222. "2:59:20.5509602 AM","svchost.exe","3436","CreateFileMapping","C:\Windows\System32\drivers\etc\hosts","SUCCESS","SyncType: SyncTypeOther"
  223. "2:59:20.5509779 AM","svchost.exe","3436","QueryStandardInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","AllocationSize: 4,096, EndOfFile: 1,538, NumberOfLinks: 1, DeletePending: False, Directory: False"
  224. "2:59:20.5510008 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  225. "2:59:20.5511237 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  226. "2:59:20.5512106 AM","svchost.exe","3436","FileSystemControl","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Control: FSCTL_READ_FILE_USN_DATA"
  227. "2:59:20.5512553 AM","svchost.exe","3436","ReadFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Offset: 0, Length: 512, Priority: Normal"
  228. "2:59:20.5512696 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  229. "2:59:20.5690466 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  230. "2:59:20.5691471 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  231. "2:59:20.5694190 AM","svchost.exe","3436","FileSystemControl","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Control: FSCTL_READ_FILE_USN_DATA"
  232. "2:59:20.5694835 AM","svchost.exe","3436","QueryStandardInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","AllocationSize: 4,096, EndOfFile: 1,538, NumberOfLinks: 1, DeletePending: False, Directory: False"
  233. "2:59:20.5694981 AM","svchost.exe","3436","CreateFileMapping","C:\Windows\System32\drivers\etc\hosts","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  234. "2:59:20.5695062 AM","svchost.exe","3436","QueryStandardInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","AllocationSize: 4,096, EndOfFile: 1,538, NumberOfLinks: 1, DeletePending: False, Directory: False"
  235. "2:59:20.5695217 AM","svchost.exe","3436","CreateFileMapping","C:\Windows\System32\drivers\etc\hosts","SUCCESS","SyncType: SyncTypeOther"
  236. "2:59:20.5696430 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened"
  237. "2:59:20.5697324 AM","svchost.exe","3436","FileSystemControl","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Control: FSCTL_READ_FILE_USN_DATA"
  238. "2:59:20.5697662 AM","svchost.exe","3436","QueryStandardInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","AllocationSize: 4,096, EndOfFile: 1,538, NumberOfLinks: 1, DeletePending: False, Directory: False"
  239. "2:59:20.5697801 AM","svchost.exe","3436","CreateFileMapping","C:\Windows\System32\drivers\etc\hosts","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  240. "2:59:20.5697873 AM","svchost.exe","3436","QueryStandardInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","AllocationSize: 4,096, EndOfFile: 1,538, NumberOfLinks: 1, DeletePending: False, Directory: False"
  241. "2:59:20.5698013 AM","svchost.exe","3436","CreateFileMapping","C:\Windows\System32\drivers\etc\hosts","SUCCESS","SyncType: SyncTypeOther"
  242. "2:59:20.5698192 AM","svchost.exe","3436","QueryStandardInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","AllocationSize: 4,096, EndOfFile: 1,538, NumberOfLinks: 1, DeletePending: False, Directory: False"
  243. "2:59:20.5698413 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  244. "2:59:20.5699592 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  245. "2:59:20.5700455 AM","svchost.exe","3436","FileSystemControl","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Control: FSCTL_READ_FILE_USN_DATA"
  246. "2:59:20.5700901 AM","svchost.exe","3436","ReadFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Offset: 0, Length: 512, Priority: Normal"
  247. "2:59:20.5701047 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  248. "2:59:20.5701677 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  249. "2:59:20.5701947 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  250. "2:59:20.5702354 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  251. "2:59:31.7108552 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Open For Backup, Open No Recall, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  252. "2:59:31.7108878 AM","svchost.exe","3436","FileSystemControl","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Control: FSCTL_REQUEST_FILTER_OPLOCK"
  253. "2:59:31.7109024 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  254. "2:59:31.7109846 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Open No Recall, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  255. "2:59:31.7110870 AM","svchost.exe","3436","FileSystemControl","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Control: FSCTL_READ_FILE_USN_DATA"
  256. "2:59:31.7111299 AM","svchost.exe","3436","QueryStandardInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","AllocationSize: 4,096, EndOfFile: 1,538, NumberOfLinks: 1, DeletePending: False, Directory: False"
  257. "2:59:31.7111429 AM","svchost.exe","3436","QueryBasicInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, FileAttributes: A"
  258. "2:59:31.7111640 AM","svchost.exe","3436","ReadFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Offset: 0, Length: 1,538, Priority: Normal"
  259. "2:59:31.7111873 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  260. "2:59:31.7112866 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Open For Backup, Open No Recall, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  261. "2:59:31.7113136 AM","svchost.exe","3436","FileSystemControl","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Control: FSCTL_REQUEST_FILTER_OPLOCK"
  262. "2:59:31.7113762 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Random Access, Open No Recall, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  263. "2:59:31.7114687 AM","svchost.exe","3436","FileSystemControl","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Control: FSCTL_READ_FILE_USN_DATA"
  264. "2:59:31.7115007 AM","svchost.exe","3436","QueryBasicInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, FileAttributes: A"
  265. "2:59:31.7115121 AM","svchost.exe","3436","QueryStandardInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","AllocationSize: 4,096, EndOfFile: 1,538, NumberOfLinks: 1, DeletePending: False, Directory: False"
  266. "2:59:31.7115261 AM","svchost.exe","3436","QueryBasicInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, FileAttributes: A"
  267. "2:59:31.7115385 AM","svchost.exe","3436","ReadFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Offset: 0, Length: 1,538"
  268. "2:59:31.7122742 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open For Backup, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  269. "2:59:31.7122972 AM","svchost.exe","3436","QueryBasicInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/6/2011 12:01:23 PM, FileAttributes: A"
  270. "2:59:31.7123115 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  271. "2:59:31.7124399 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc","SUCCESS","Desired Access: Read Attributes, Disposition: Open, Options: Open For Backup, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  272. "2:59:31.7124589 AM","svchost.exe","3436","QueryBasicInformationFile","C:\Windows\System32\drivers\etc","SUCCESS","CreationTime: 7/13/2009 8:20:10 PM, LastAccessTime: 9/1/2011 2:55:56 AM, LastWriteTime: 9/1/2011 2:55:56 AM, ChangeTime: 9/1/2011 2:55:56 AM, FileAttributes: D"
  273. "2:59:31.7124710 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc","SUCCESS",""
  274. "2:59:31.7137811 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  275. "2:59:31.7141410 AM","svchost.exe","996","NotifyChangeDirectory","C:\Windows\System32\drivers\etc","NOTIFY ENUM DIR","Filter: FILE_NOTIFY_CHANGE_FILE_NAME, FILE_NOTIFY_CHANGE_DIR_NAME"
  276. "2:59:31.7142195 AM","svchost.exe","3436","ReadFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Offset: 0, Length: 1,538, Priority: Normal"
  277. "2:59:31.7143806 AM","svchost.exe","3436","QueryAttributeInformationVolume","C:\Windows\System32\drivers\etc\hosts","SUCCESS","FileSystemAttributes: Case Preserved, Case Sensitive, Unicode, ACLs, Compression, Named Streams, EFS, Object IDs, Reparse Points, Sparse Files, Quotas, Transactions, 0x3c00000, MaximumComponentNameLength: 255, FileSystemName: NTFS"
  278. "2:59:31.7144100 AM","svchost.exe","3436","QueryStreamInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  279. "2:59:31.7160096 AM","svchost.exe","996","NotifyChangeDirectory","C:\Windows\System32\drivers\etc","NOTIFY ENUM DIR","Filter: FILE_NOTIFY_CHANGE_FILE_NAME, FILE_NOTIFY_CHANGE_DIR_NAME"
  280. "2:59:31.7160208 AM","svchost.exe","996","NotifyChangeDirectory","C:\Windows\System32\drivers\etc","NOTIFY ENUM DIR","Filter: FILE_NOTIFY_CHANGE_FILE_NAME, FILE_NOTIFY_CHANGE_DIR_NAME"
  281. "2:59:31.7279695 AM","svchost.exe","996","NotifyChangeDirectory","C:\Windows\System32\drivers\etc","NOTIFY ENUM DIR","Filter: FILE_NOTIFY_CHANGE_FILE_NAME, FILE_NOTIFY_CHANGE_DIR_NAME"
  282. "2:59:31.7280098 AM","svchost.exe","996","NotifyChangeDirectory","C:\Windows\System32\drivers\etc","NOTIFY ENUM DIR","Filter: FILE_NOTIFY_CHANGE_FILE_NAME, FILE_NOTIFY_CHANGE_DIR_NAME"
  283. "2:59:31.7341711 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open For Backup, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  284. "2:59:31.7341956 AM","svchost.exe","3436","SetBasicInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 0, LastAccessTime: 0, LastWriteTime: 0, ChangeTime: 0, FileAttributes: N"
  285. "2:59:31.7342673 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  286. "2:59:31.7342962 AM","svchost.exe","3436","QueryBasicInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/7/2011 2:59:31 AM, FileAttributes: N"
  287. "2:59:31.7343129 AM","svchost.exe","3436","QueryNameInformationFile","C:\Windows\System32\drivers\etc\hosts","BUFFER OVERFLOW","Name: \Windo"
  288. "2:59:31.7343260 AM","svchost.exe","3436","QueryNameInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Name: \Windows\System32\drivers\etc\hosts"
  289. "2:59:31.7344020 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Generic Read/Write, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: n/a, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened"
  290. "2:59:31.7345035 AM","svchost.exe","3436","FileSystemControl","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Control: FSCTL_READ_FILE_USN_DATA"
  291. "2:59:31.7348504 AM","svchost.exe","3436","ReadFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Offset: 0, Length: 1,538, Priority: Normal"
  292. "2:59:31.7349978 AM","svchost.exe","3436","QueryAttributeInformationVolume","C:\Windows\System32\drivers\etc\hosts","SUCCESS","FileSystemAttributes: Case Preserved, Case Sensitive, Unicode, ACLs, Compression, Named Streams, EFS, Object IDs, Reparse Points, Sparse Files, Quotas, Transactions, 0x3c00000, MaximumComponentNameLength: 255, FileSystemName: NTFS"
  293. "2:59:31.7350260 AM","svchost.exe","3436","QueryStreamInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  294. "2:59:31.7350682 AM","svchost.exe","3436","WriteFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Offset: 0, Length: 1,510, Priority: Normal"
  295. "2:59:31.7350946 AM","svchost.exe","3436","SetEndOfFileInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","EndOfFile: 1,510"
  296. "2:59:31.7351427 AM","svchost.exe","3436","SetAllocationInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","AllocationSize: 1,510"
  297. "2:59:31.7351712 AM","svchost.exe","3436","SetBasicInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 0, LastAccessTime: 0, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 0, FileAttributes: n/a"
  298. "2:59:31.7356252 AM","svchost.exe","996","NotifyChangeDirectory","C:\Windows\System32\drivers\etc","NOTIFY ENUM DIR","Filter: FILE_NOTIFY_CHANGE_FILE_NAME, FILE_NOTIFY_CHANGE_DIR_NAME"
  299. "2:59:31.7356348 AM","svchost.exe","996","NotifyChangeDirectory","C:\Windows\System32\drivers\etc","NOTIFY ENUM DIR","Filter: FILE_NOTIFY_CHANGE_FILE_NAME, FILE_NOTIFY_CHANGE_DIR_NAME"
  300. "2:59:31.7366656 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Write Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Open For Backup, Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  301. "2:59:31.7366895 AM","svchost.exe","3436","SetBasicInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 0, LastAccessTime: 0, LastWriteTime: 0, ChangeTime: 0, FileAttributes: AN"
  302. "2:59:31.7367323 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  303. "2:59:31.7367615 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  304. "2:59:31.7369402 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Open For Backup, Open No Recall, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  305. "2:59:31.7369691 AM","svchost.exe","3436","FileSystemControl","C:\Windows\System32\drivers\etc\hosts","OPLOCK NOT GRANTED","Control: FSCTL_REQUEST_FILTER_OPLOCK"
  306. "2:59:31.7369834 AM","svchost.exe","3436","FileSystemControl","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Control: FSCTL_REQUEST_OPLOCK_LEVEL_2"
  307. "2:59:31.7369964 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  308. "2:59:31.7370740 AM","svchost.exe","3436","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Random Access, Open No Recall, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  309. "2:59:31.7371674 AM","svchost.exe","3436","FileSystemControl","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Control: FSCTL_READ_FILE_USN_DATA"
  310. "2:59:31.7372059 AM","svchost.exe","3436","QueryBasicInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/7/2011 2:59:31 AM, FileAttributes: A"
  311. "2:59:31.7372186 AM","svchost.exe","3436","QueryStandardInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","AllocationSize: 4,096, EndOfFile: 1,510, NumberOfLinks: 1, DeletePending: False, Directory: False"
  312. "2:59:31.7372329 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  313. "2:59:31.7375280 AM","svchost.exe","3436","QueryBasicInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/7/2011 2:59:31 AM, FileAttributes: A"
  314. "2:59:31.7375332 AM","svchost.exe","996","NotifyChangeDirectory","C:\Windows\System32\drivers\etc","","Filter: FILE_NOTIFY_CHANGE_FILE_NAME, FILE_NOTIFY_CHANGE_DIR_NAME"
  315. "2:59:31.7375540 AM","svchost.exe","3436","ReadFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Offset: 0, Length: 1,510, Priority: Normal"
  316. "2:59:31.7380002 AM","svchost.exe","3436","QueryStreamInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  317. "2:59:31.7380207 AM","svchost.exe","3436","QueryEAFile","C:\Windows\System32\drivers\etc\hosts","0xC0000052",""
  318. "2:59:31.7380368 AM","svchost.exe","3436","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  319. "2:59:32.4296437 AM","svchost.exe","996","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  320. "2:59:32.4300127 AM","svchost.exe","996","FileSystemControl","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Control: FSCTL_READ_FILE_USN_DATA"
  321. "2:59:32.4300670 AM","svchost.exe","996","ReadFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Offset: 0, Length: 1,510, Priority: Normal"
  322. "2:59:32.4305917 AM","svchost.exe","996","ReadFile","C:\Windows\System32\drivers\etc\hosts","END OF FILE","Offset: 1,510, Length: 4,096, Priority: Normal"
  323. "2:59:32.4306053 AM","svchost.exe","996","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  324. "4:13:09.1409155 AM","AvastSvc.exe","1376","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  325. "4:13:09.1409515 AM","AvastSvc.exe","1376","QueryNameInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Name: \Windows\System32\drivers\etc\hosts"
  326. "4:13:09.1409726 AM","AvastSvc.exe","1376","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  327. "6:19:41.4340205 AM","notepad.exe","1508","CreateFile","C:\Windows\System32\drivers\etc","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  328. "6:19:41.4341769 AM","notepad.exe","1508","QueryDirectory","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Filter: hosts, 1: hosts"
  329. "6:19:41.4342023 AM","notepad.exe","1508","CloseFile","C:\Windows\System32\drivers\etc","SUCCESS",""
  330. "6:19:41.4342811 AM","notepad.exe","1508","CreateFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Write, AllocationSize: n/a, OpenResult: Opened"
  331. "6:19:41.4344834 AM","notepad.exe","1508","FileSystemControl","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Control: FSCTL_READ_FILE_USN_DATA"
  332. "6:19:41.4345306 AM","notepad.exe","1508","QueryInformationVolume","C:\Windows\System32\drivers\etc\hosts","SUCCESS","VolumeCreationTime: 6/23/2011 2:09:50 AM, VolumeSerialNumber: 6658-9ECD, SupportsObjects: True, VolumeLabel: SSD"
  333. "6:19:41.4345452 AM","notepad.exe","1508","QueryAllInformationFile","C:\Windows\System32\drivers\etc\hosts","BUFFER OVERFLOW","CreationTime: 7/13/2009 7:34:48 PM, LastAccessTime: 7/13/2009 7:34:48 PM, LastWriteTime: 9/6/2011 12:01:23 PM, ChangeTime: 9/7/2011 2:59:31 AM, FileAttributes: A, AllocationSize: 4,096, EndOfFile: 1,510, NumberOfLinks: 1, DeletePending: False, Directory: False, IndexNumber: 0x1000000006c0a, EaSize: 0, Access: Generic Read, Position: 0, Mode: Synchronous IO Non-Alert, AlignmentRequirement: Word"
  334. "6:19:41.4345858 AM","notepad.exe","1508","CreateFileMapping","C:\Windows\System32\drivers\etc\hosts","FILE LOCKED WITH ONLY READERS","SyncType: SyncTypeCreateSection, PageProtection: "
  335. "6:19:41.4345948 AM","notepad.exe","1508","QueryStandardInformationFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS","AllocationSize: 4,096, EndOfFile: 1,510, NumberOfLinks: 1, DeletePending: False, Directory: False"
  336. "6:19:41.4346141 AM","notepad.exe","1508","CreateFileMapping","C:\Windows\System32\drivers\etc\hosts","SUCCESS","SyncType: SyncTypeOther"
  337. "6:19:41.4346312 AM","notepad.exe","1508","CloseFile","C:\Windows\System32\drivers\etc\hosts","SUCCESS",""
  338. "6:19:41.4347941 AM","notepad.exe","1508","CreateFile","C:\Windows\System32\drivers\etc","SUCCESS","Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened"
  339. "6:19:41.4348217 AM","notepad.exe","1508","QueryDirectory","C:\Windows\System32\drivers\etc\hosts","SUCCESS","Filter: hosts, 1: hosts"
  340. "6:19:41.4407158 AM","notepad.exe","1508","CloseFile","C:\Windows\System32\drivers\etc","SUCCESS",""
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!