1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Solved Trojan found on my Room pc.

Discussion in 'Malware and Virus Removal Archive' started by Forsaken Knight, 2011/01/07.

Page 1 of 3
  1. 2011/01/07
    Forsaken Knight

    Forsaken Knight Well-Known Member Thread Starter

    Joined:
    2007/12/01
    Messages:
    512
    Likes Received:
    0
    [Resolved] Trojan found on my Room pc.

    Hello, I am Forsaken Knight. I am starting this thread to resolve the issue of any problems that I can not see or find on my Room PC. I recently found a trojan on my Room PC during an Avast full scan. this occured about three weeks ago. At that time, the only pc that showed problems at first was my grand parents pc. The next day, my pc started to act weird, and that is when the issues for my pc popped up. You can find a more detailed explaination on the original topic that I started for all three pc's.

    http://www.windowsbbs.com/general-s...-system-tool-2011-found-1-pcs.html#post548086

    Any help in dealing with this problem would be greatly appreciated. I look forward to resolving this issue.
     
    Forsaken Knight,
    #1
  2. 2011/01/07
    Admin.

    Admin. Administrator Administrator Staff

    Joined:
    2001/12/30
    Messages:
    6,687
    Likes Received:
    107
    By now you should know what to post here to get any response....
     
    Admin.,
    #2


  3. to hide this advert.

  4. 2011/01/07
    Forsaken Knight

    Forsaken Knight Well-Known Member Thread Starter

    Joined:
    2007/12/01
    Messages:
    512
    Likes Received:
    0
    Ok, I started my own topic concerning the specific pc, and its problem. I gave this threaded topic a sufficient title. I gave a summary and a link to the original thread that has further elaborated detail on this specific topic. I have run avast full and quick scans; including boot time scans. Ad aware full and quick scans, Windows Defender quick and full scans, Spybot search and destroy scans, hijackthis scans, and another type of program that I forgot the name right now. Since the network freezes when I try to connect to the wireless network, I will have to use my flash drive to get the scans and screen shots I took when I ran scans when the problems first popped up. I'll get those files soon. I understand and commence the actions that will be told to me in order to make sure that this thread is resolved correctly. I have avast free antivirus on my room pc. I'll have to download TFC, malewarebytes, GMER, MBR Check, and DDS onto my laptop and transfer those exe files onto my flash drive in order to get them on my room pc.

    I will do that today, so, that post will be put up later on today.
     
    Forsaken Knight,
    #3
  5. 2011/01/07
    Forsaken Knight

    Forsaken Knight Well-Known Member Thread Starter

    Joined:
    2007/12/01
    Messages:
    512
    Likes Received:
    0
    Forsaken Knight,
    #4
  6. 2011/01/07
    Forsaken Knight

    Forsaken Knight Well-Known Member Thread Starter

    Joined:
    2007/12/01
    Messages:
    512
    Likes Received:
    0
    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Database version: 5363

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 7.0.5730.13

    1/7/2011 10:00:20 PM
    mbam-log-2011-01-07 (22-00-20).txt

    Scan type: Quick scan
    Objects scanned: 185815
    Time elapsed: 12 minute(s), 36 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 1
    Registry Data Items Infected: 2
    Folders Infected: 0
    Files Infected: 1

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Value: ForceClassicControlPanel -> Quarantined and deleted successfully.

    Registry Data Items Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    d:\documents and settings\nelson ramon arucas\favorites\free **** videos & pussy movies- sex videos, porno, **** tube, xxx and pussy ****..url (Rogue.Link) -> Quarantined and deleted successfully.
     
    Forsaken Knight,
    #5
  7. 2011/01/07
    Forsaken Knight

    Forsaken Knight Well-Known Member Thread Starter

    Joined:
    2007/12/01
    Messages:
    512
    Likes Received:
    0
    GMER 1.0.15.15530 - http://www.gmer.net
    Rootkit scan 2011-01-08 00:12:09
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 SAMSUNG_SV0602H rev.RH100-09
    Running: 3m0usn3y.exe; Driver: D:\DOCUME~1\NELSON~1\LOCALS~1\Temp\kwecyfod.sys


    ---- System - GMER 1.0.15 ----

    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xB5ACC6B8]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwConnectPort [0xB5C01040]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateFile [0xB5BFD930]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xB5ACC574]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreatePort [0xB5C01510]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateProcess [0xB5C07870]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateProcessEx [0xB5C07AA0]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateSection [0xB5C0AFD0]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwCreateWaitablePort [0xB5C01600]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDeleteFile [0xB5BFDF20]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDeleteKey [0xB5C096E0]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xB5ACCA52]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwDuplicateObject [0xB5C07580]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwLoadKey [0xB5C098B0]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwOpenFile [0xB5BFDD70]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xB5ACC64E]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwOpenProcess [0xB5C07350]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwOpenThread [0xB5C07150]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xB5ACC76E]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwRenameKey [0xB5C0A250]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwReplaceKey [0xB5C09CB0]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwRequestWaitReplyPort [0xB5C00C00]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xB5ACC72E]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwSecureConnectPort [0xB5C01220]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwSetInformationFile [0xB5BFE120]
    SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xB5ACC8AE]
    SSDT \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC) ZwTerminateProcess [0xB5C07CD0]

    Code BAEFAC9C ZwRequestPort
    Code BAEFAD3C ZwRequestWaitReplyPort
    Code BAEFABFC ZwTraceEvent
    Code BAEFAC9B NtRequestPort
    Code BAEFAD3B NtRequestWaitReplyPort
    Code BAEFABFB NtTraceEvent

    ---- Kernel code sections - GMER 1.0.15 ----

    .text ntkrnlpa.exe!ZwCallbackReturn + 2C7C 80504518 12 Bytes [10, 15, C0, B5, 70, 78, C0, ...]
    .text ntkrnlpa.exe!NtTraceEvent 80535108 5 Bytes JMP BAEFAC00
    ? acccbyr.sys The system cannot find the file specified. !
    ? srescan.sys The system cannot find the file specified. !
    .text D:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB8E1D360, 0x32DEFD, 0xE8000020]
    .text win32k.sys!EngAcquireSemaphore + 20E2 BF8082D1 5 Bytes JMP BAEFA480
    .text win32k.sys!EngFreeUserMem + 5BD2 BF80EE58 5 Bytes JMP BAEFA3E0
    .text win32k.sys!BRUSHOBJ_pvAllocRbrush + 322E BF81E750 5 Bytes JMP BAEFAA20
    .text win32k.sys!EngSetLastError + 763E BF828650 5 Bytes JMP BAEFA5C0
    .text win32k.sys!EngLockSurface + 148C BF834F6F 5 Bytes JMP BAEFA700
    .text win32k.sys!EngCreateBitmap + D9A0 BF84582C 5 Bytes JMP BAEFA660
    .text win32k.sys!EngMultiByteToWideChar + 2F22 BF85277C 5 Bytes JMP BAEFA8E0
    .text win32k.sys!EngGradientFill + 5100 BF8B3C90 1 Byte [E9]
    .text win32k.sys!EngGradientFill + 5100 BF8B3C90 5 Bytes JMP BAEFA520
    .text win32k.sys!EngAlphaBlend + 9285 BF8C3136 5 Bytes JMP BAEFA7A0
    .text win32k.sys!PATHOBJ_vGetBounds + 74E1 BF8F004B 5 Bytes JMP BAEFA980
    .text win32k.sys!EngCreateClip + 19C1 BF912991 5 Bytes JMP BAEFAAC0
    .text win32k.sys!EngCreateClip + 1F51 BF912F21 5 Bytes JMP BAEFAB60
    .text win32k.sys!EngCreateClip + 2597 BF913567 5 Bytes JMP BAEFA840
    init D:\WINDOWS\System32\Drivers\PEDRV.SYS entry point in "init" section [0xB4E43E00]

    ---- User code sections - GMER 1.0.15 ----

    .text D:\Program Files\Xfire\xfire.exe[220] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 04122D09 D:\Program Files\Xfire\xfire_toucan_43094.dll (Xfire Toucan DLL/Xfire Inc.)
    .text D:\Program Files\Xfire\xfire.exe[220] kernel32.dll!CreateThread 7C8106D7 5 Bytes JMP 041226AD D:\Program Files\Xfire\xfire_toucan_43094.dll (Xfire Toucan DLL/Xfire Inc.)
    .text D:\Program Files\Xfire\xfire.exe[220] GDI32.dll!BitBlt 77F16F79 5 Bytes JMP 04122125 D:\Program Files\Xfire\xfire_toucan_43094.dll (Xfire Toucan DLL/Xfire Inc.)
    .text D:\Program Files\Xfire\xfire.exe[220] USER32.dll!ReleaseDC 7E41869D 5 Bytes JMP 0412208A D:\Program Files\Xfire\xfire_toucan_43094.dll (Xfire Toucan DLL/Xfire Inc.)
    .text D:\Program Files\Xfire\xfire.exe[220] USER32.dll!GetDC 7E4186C7 5 Bytes JMP 04121FF6 D:\Program Files\Xfire\xfire_toucan_43094.dll (Xfire Toucan DLL/Xfire Inc.)
    .text D:\Program Files\Xfire\xfire.exe[220] USER32.dll!CreateDialogParamW 7E41EA3B 5 Bytes JMP 041227F8 D:\Program Files\Xfire\xfire_toucan_43094.dll (Xfire Toucan DLL/Xfire Inc.)
    .text D:\Program Files\Xfire\xfire.exe[220] USER32.dll!SetForegroundWindow 7E4242ED 5 Bytes JMP 04122946 D:\Program Files\Xfire\xfire_toucan_43094.dll (Xfire Toucan DLL/Xfire Inc.)
    .text D:\Program Files\Xfire\xfire.exe[220] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 04122754 D:\Program Files\Xfire\xfire_toucan_43094.dll (Xfire Toucan DLL/Xfire Inc.)
    .text D:\Program Files\Xfire\xfire.exe[220] USER32.dll!InvalidateRect 7E428FD5 5 Bytes JMP 0412226D D:\Program Files\Xfire\xfire_toucan_43094.dll (Xfire Toucan DLL/Xfire Inc.)
    .text D:\Program Files\Xfire\xfire.exe[220] USER32.dll!BeginPaint 7E428FE9 5 Bytes JMP 04121F62 D:\Program Files\Xfire\xfire_toucan_43094.dll (Xfire Toucan DLL/Xfire Inc.)
    .text D:\Program Files\Xfire\xfire.exe[220] USER32.dll!GetCursorPos 7E42974E 5 Bytes JMP 04122441 D:\Program Files\Xfire\xfire_toucan_43094.dll (Xfire Toucan DLL/Xfire Inc.)
    .text D:\Program Files\Xfire\xfire.exe[220] USER32.dll!WindowFromPoint 7E429766 5 Bytes JMP 041224D9 D:\Program Files\Xfire\xfire_toucan_43094.dll (Xfire Toucan DLL/Xfire Inc.)
    .text D:\Program Files\Xfire\xfire.exe[220] USER32.dll!RedrawWindow 7E429944 5 Bytes JMP 04122574 D:\Program Files\Xfire\xfire_toucan_43094.dll (Xfire Toucan DLL/Xfire Inc.)
    .text D:\Program Files\Xfire\xfire.exe[220] USER32.dll!SetWindowPos 7E4299F3 5 Bytes JMP 0412289C D:\Program Files\Xfire\xfire_toucan_43094.dll (Xfire Toucan DLL/Xfire Inc.)
    .text D:\Program Files\Xfire\xfire.exe[220] USER32.dll!IsWindowVisible 7E429E3D 7 Bytes JMP 04122A97 D:\Program Files\Xfire\xfire_toucan_43094.dll (Xfire Toucan DLL/Xfire Inc.)
    .text D:\Program Files\Xfire\xfire.exe[220] USER32.dll!SetFocus 7E42B112 5 Bytes JMP 041221D5 D:\Program Files\Xfire\xfire_toucan_43094.dll (Xfire Toucan DLL/Xfire Inc.)
    .text D:\Program Files\Xfire\xfire.exe[220] USER32.dll!SetCapture 7E42C35E 5 Bytes JMP 041223A9 D:\Program Files\Xfire\xfire_toucan_43094.dll (Xfire Toucan DLL/Xfire Inc.)
    .text D:\Program Files\Xfire\xfire.exe[220] USER32.dll!InvalidateRgn 7E42CDFE 5 Bytes JMP 0412230B D:\Program Files\Xfire\xfire_toucan_43094.dll (Xfire Toucan DLL/Xfire Inc.)
    .text D:\Program Files\Xfire\xfire.exe[220] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 041229DE D:\Program Files\Xfire\xfire_toucan_43094.dll (Xfire Toucan DLL/Xfire Inc.)
    .text D:\Program Files\Xfire\xfire.exe[220] USER32.dll!RegisterClassA 7E42EA5E 5 Bytes JMP 04122615 D:\Program Files\Xfire\xfire_toucan_43094.dll (Xfire Toucan DLL/Xfire Inc.)
    .text D:\Program Files\Xfire\xfire.exe[220] USER32.dll!TrackPopupMenu 7E46531E 5 Bytes JMP 04122C5F D:\Program Files\Xfire\xfire_toucan_43094.dll (Xfire Toucan DLL/Xfire Inc.)

    ---- Kernel IAT/EAT - GMER 1.0.15 ----

    IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] [B5C05CA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
    IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisOpenAdapter] [B5C061C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
    IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisCloseAdapter] [B5C06320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
    IAT \SystemRoot\system32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] [B5C05E10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
    IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] [B5C05E10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
    IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] [B5C05CA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
    IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisOpenAdapter] [B5C061C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
    IAT \SystemRoot\system32\DRIVERS\psched.sys[NDIS.SYS!NdisCloseAdapter] [B5C06320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
    IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] [B5C05CA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
    IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] [B5C05E10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
    IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisCloseAdapter] [B5C06320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
    IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisOpenAdapter] [B5C061C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
    IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisCloseAdapter] [B5C06320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
    IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisOpenAdapter] [B5C061C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
    IAT \SystemRoot\system32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] [B5C05CA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
    IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] [B5C05E10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
    IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] [B5C05CA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
    IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisOpenAdapter] [B5C061C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
    IAT \SystemRoot\system32\DRIVERS\wanarp.sys[NDIS.SYS!NdisCloseAdapter] [B5C06320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
    IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] [B5C05CA0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
    IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] [B5C05E10] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
    IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisCloseAdapter] [B5C06320] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)
    IAT \SystemRoot\system32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisOpenAdapter] [B5C061C0] \SystemRoot\System32\vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)

    ---- User IAT/EAT - GMER 1.0.15 ----

    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\svchost.exe [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[628] @ D:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\winlogon.exe [ADVAPI32.dll!CreateProcessAsUserW] [10010560] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
     
    Forsaken Knight,
    #6
  8. 2011/01/07
    Forsaken Knight

    Forsaken Knight Well-Known Member Thread Starter

    Joined:
    2007/12/01
    Messages:
    512
    Likes Received:
    0
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\winlogon.exe[920] @ D:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] [10010560] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\services.exe [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\services.exe [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\services.exe [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\services.exe [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\services.exe[964] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\svchost.exe [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ d:\windows\system32\rpcss.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ d:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ d:\windows\system32\rpcss.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ d:\windows\system32\rpcss.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ d:\windows\system32\rpcss.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ d:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ d:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ d:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ d:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ d:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ d:\windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ d:\windows\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ d:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ d:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1128] @ D:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\svchost.exe [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
     
    Forsaken Knight,
    #7
  9. 2011/01/07
    Forsaken Knight

    Forsaken Knight Well-Known Member Thread Starter

    Joined:
    2007/12/01
    Messages:
    512
    Likes Received:
    0
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ d:\windows\system32\rpcss.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ d:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ d:\windows\system32\rpcss.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ d:\windows\system32\rpcss.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ d:\windows\system32\rpcss.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ d:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ d:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ d:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ d:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ d:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ d:\windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ d:\windows\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ d:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ d:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1196] @ D:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\System32\svchost.exe [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ d:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ d:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ d:\windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ d:\windows\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ d:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ d:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ d:\windows\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ d:\windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ d:\windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!CreateProcessAsUserA] [10010380] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\system32\WININET.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\System32\svchost.exe[1292] @ D:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\svchost.exe [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ d:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ d:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ d:\windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ d:\windows\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ d:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ d:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ d:\windows\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ d:\windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ d:\windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
     
    Forsaken Knight,
    #8
  10. 2011/01/07
    Forsaken Knight

    Forsaken Knight Well-Known Member Thread Starter

    Joined:
    2007/12/01
    Messages:
    512
    Likes Received:
    0
    IAT D:\WINDOWS\system32\svchost.exe[1344] @ D:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[1364] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] D:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
    IAT D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[1364] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] D:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
    IAT D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[1364] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [63602441] D:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
    IAT D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[1364] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [63602AA2] D:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
    IAT D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[1364] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] D:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
    IAT D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[1364] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] D:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
    IAT D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[1364] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [63602441] D:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
    IAT D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[1364] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [63602AA2] D:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
    IAT D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[1364] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] D:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
    IAT D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[1364] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [63602AA2] D:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
    IAT D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[1364] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [63602441] D:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
    IAT D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[1364] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] D:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
    IAT D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[1364] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [63602AE9] D:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
    IAT D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[1364] @ D:\WINDOWS\system32\SHELL32.dll [USER32.dll!AnimateWindow] [63601740] D:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
    IAT D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[1364] @ D:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [636015EF] D:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
    IAT D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[1364] @ D:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcA] [6360208F] D:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
    IAT D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[1364] @ D:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSysColor] [63601FC4] D:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
    IAT D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[1364] @ D:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcW] [63602065] D:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
    IAT D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[1364] @ D:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [636015C8] D:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
    IAT D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[1364] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [63602AE9] D:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
    IAT D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[1364] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] D:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
    IAT D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[1364] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [63602AA2] D:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
    IAT D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[1364] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] D:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
    IAT D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[1364] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [63602441] D:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
    IAT D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[1364] @ D:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] [6360208F] D:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
    IAT D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[1364] @ D:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] [63602065] D:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
    IAT D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[1364] @ D:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!GetSysColor] [63601FC4] D:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
    IAT D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[1364] @ D:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenu] [636015C8] D:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
    IAT D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe[1364] @ D:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [636015EF] D:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\svchost.exe [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ d:\windows\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ d:\windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ d:\windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ d:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ d:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ d:\windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ d:\windows\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ d:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ d:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1456] @ D:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\Explorer.EXE [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\Explorer.EXE [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\Explorer.EXE [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!CreateProcessAsUserA] [10010380] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\WININET.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\Explorer.EXE[1704] @ D:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\svchost.exe [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
     
    Forsaken Knight,
    #9
  11. 2011/01/07
    Forsaken Knight

    Forsaken Knight Well-Known Member Thread Starter

    Joined:
    2007/12/01
    Messages:
    512
    Likes Received:
    0
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!CreateProcessAsUserA] [10010380] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [100101B0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\WININET.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ d:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ d:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ d:\windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ d:\windows\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ d:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ d:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
    IAT D:\WINDOWS\system32\svchost.exe[1960] @ D:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] D:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)

    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)

    Device \Driver\Tcpip \Device\Ip vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)

    AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

    Device \Driver\Tcpip \Device\Tcp vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)

    AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

    Device \Driver\Tcpip \Device\Udp vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)

    AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

    Device \Driver\Tcpip \Device\RawIp vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)

    AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

    Device \Driver\Tcpip \Device\IPMULTICAST vsdatant.sys (TrueVector Device Driver/Zone Labs, LLC)

    AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
    AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)

    ---- EOF - GMER 1.0.15 ----
     
    Forsaken Knight,
    #10
  12. 2011/01/07
    Forsaken Knight

    Forsaken Knight Well-Known Member Thread Starter

    Joined:
    2007/12/01
    Messages:
    512
    Likes Received:
    0
    Yeah, I know, the GMER post was stretched to like 5 posts. Took long enough to do the scan. Now you know why, among many, of the things that kept me from posting earlier.
     
    Forsaken Knight,
    #11
  13. 2011/01/07
    Forsaken Knight

    Forsaken Knight Well-Known Member Thread Starter

    Joined:
    2007/12/01
    Messages:
    512
    Likes Received:
    0
    MBRCheck, version 1.2.3
    (c) 2010, AD

    Command-line:
    Windows Version: Windows XP Professional
    Windows Information: Service Pack 3 (build 2600)
    Logical Drives Mask: 0x0000001d

    Kernel Drivers (total 142):
    0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
    0x806E4000 \WINDOWS\system32\hal.dll
    0xBADA8000 \WINDOWS\system32\KDCOM.DLL
    0xBACB8000 \WINDOWS\system32\BOOTVID.dll
    0xBA8A8000 acccbyr.sys
    0xBA779000 ACPI.sys
    0xBADAA000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
    0xBA768000 pci.sys
    0xBA8B8000 isapnp.sys
    0xBAE70000 pciide.sys
    0xBAB28000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
    0xBA8C8000 MountMgr.sys
    0xBA749000 ftdisk.sys
    0xBADAC000 dmload.sys
    0xBA723000 dmio.sys
    0xBAB30000 PartMgr.sys
    0xBA8D8000 VolSnap.sys
    0xBA70B000 atapi.sys
    0xBA6F1000 nvata.sys
    0xBA8E8000 disk.sys
    0xBA8F8000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
    0xBA6D1000 fltmgr.sys
    0xBA6BF000 sr.sys
    0xBA908000 PxHelp20.sys
    0xBA6A8000 KSecDD.sys
    0xBA61B000 Ntfs.sys
    0xBA5EE000 NDIS.sys
    0xBA5DA000 srescan.sys
    0xBA5C0000 Mup.sys
    0xBA978000 \SystemRoot\system32\DRIVERS\AmdK8.sys
    0xBA988000 \SystemRoot\system32\DRIVERS\serial.sys
    0xBAD6C000 \SystemRoot\system32\DRIVERS\serenum.sys
    0xBABE8000 \SystemRoot\system32\DRIVERS\fdc.sys
    0xB9550000 \SystemRoot\system32\DRIVERS\parport.sys
    0xBA998000 \SystemRoot\system32\DRIVERS\i8042prt.sys
    0xBABF0000 \SystemRoot\system32\DRIVERS\kbdclass.sys
    0xBABF8000 \SystemRoot\system32\DRIVERS\mouclass.sys
    0xBAC00000 \SystemRoot\system32\DRIVERS\usbohci.sys
    0xB952C000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
    0xBAC08000 \SystemRoot\system32\DRIVERS\usbehci.sys
    0xB9504000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
    0xBA9A8000 \SystemRoot\system32\DRIVERS\imapi.sys
    0xBA9B8000 \SystemRoot\System32\Drivers\AFS2K.SYS
    0xBA9C8000 \SystemRoot\system32\DRIVERS\cdrom.sys
    0xBA9D8000 \SystemRoot\system32\DRIVERS\redbook.sys
    0xB94E1000 \SystemRoot\system32\DRIVERS\ks.sys
    0xBAD70000 \SystemRoot\System32\Drivers\GEARAspiWDM.sys
    0xBA9E8000 \SystemRoot\system32\DRIVERS\nvnetbus.sys
    0xB93F7000 \SystemRoot\system32\DRIVERS\NVNRM.SYS
    0xB8E1D000 \SystemRoot\system32\DRIVERS\nv4_mini.sys
    0xB8E09000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
    0xBA9F8000 \SystemRoot\system32\DRIVERS\jswscimd.sys
    0xB8DE0000 \SystemRoot\system32\drivers\windrvr6.sys
    0xBADD0000 \SystemRoot\system32\drivers\USBD.SYS
    0xBAF72000 \SystemRoot\system32\DRIVERS\audstub.sys
    0xB95F4000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
    0xBAD7C000 \SystemRoot\system32\DRIVERS\ndistapi.sys
    0xB8DC9000 \SystemRoot\system32\DRIVERS\ndiswan.sys
    0xB95E4000 \SystemRoot\system32\DRIVERS\raspppoe.sys
    0xB95D4000 \SystemRoot\system32\DRIVERS\raspptp.sys
    0xBAC10000 \SystemRoot\system32\DRIVERS\TDI.SYS
    0xB8DB8000 \SystemRoot\system32\DRIVERS\psched.sys
    0xB95C4000 \SystemRoot\system32\DRIVERS\msgpc.sys
    0xBAC18000 \SystemRoot\system32\DRIVERS\ptilink.sys
    0xBAC20000 \SystemRoot\system32\DRIVERS\raspti.sys
    0xB8D88000 \SystemRoot\system32\DRIVERS\rdpdr.sys
    0xB95B4000 \SystemRoot\system32\DRIVERS\termdd.sys
    0xB95A4000 \SystemRoot\system32\drivers\SaiBus.sys
    0xBADD2000 \SystemRoot\system32\DRIVERS\swenum.sys
    0xB8D2A000 \SystemRoot\system32\DRIVERS\update.sys
    0xBAD94000 \SystemRoot\system32\DRIVERS\mssmbios.sys
    0xB9594000 \SystemRoot\system32\DRIVERS\wsimd.sys
    0xB9584000 \SystemRoot\System32\Drivers\NDProxy.SYS
    0xBA58C000 \SystemRoot\system32\DRIVERS\SaiMini.sys
    0xB9574000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
    0xBAC28000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
    0xBA588000 \SystemRoot\system32\DRIVERS\kbdhid.sys
    0xBA584000 \SystemRoot\system32\DRIVERS\mouhid.sys
    0xB9564000 \SystemRoot\system32\DRIVERS\usbhub.sys
    0xBAA68000 \SystemRoot\system32\DRIVERS\NVENETFD.sys
    0xB6292000 \SystemRoot\system32\drivers\RtkHDAud.sys
    0xB626E000 \SystemRoot\system32\drivers\portcls.sys
    0xBAA88000 \SystemRoot\system32\drivers\drmk.sys
    0xBAC38000 \SystemRoot\system32\DRIVERS\flpydisk.sys
    0xB6129000 \SystemRoot\system32\DRIVERS\klif.sys
    0xBADD6000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
    0xBAEB7000 \SystemRoot\System32\Drivers\Null.SYS
    0xBADD8000 \SystemRoot\System32\Drivers\Beep.SYS
    0xBAC48000 \SystemRoot\System32\drivers\vga.sys
    0xBADDA000 \SystemRoot\System32\Drivers\mnmdd.SYS
    0xBADDC000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
    0xBAC50000 \SystemRoot\System32\Drivers\Msfs.SYS
    0xBAC58000 \SystemRoot\System32\Drivers\Npfs.SYS
    0xBAD5C000 \SystemRoot\system32\DRIVERS\rasacd.sys
    0xB60F6000 \SystemRoot\system32\DRIVERS\ipsec.sys
    0xBAC60000 \SystemRoot\system32\DRIVERS\SaiU5F0D.sys
    0xB5D84000 \SystemRoot\system32\DRIVERS\tcpip.sys
    0xBAD64000 \SystemRoot\system32\DRIVERS\hidusb.sys
    0xBAAB8000 \SystemRoot\System32\Drivers\aswTdi.SYS
    0xBAC68000 \SystemRoot\system32\DRIVERS\usbccgp.sys
    0xB5C56000 \SystemRoot\system32\DRIVERS\ipnat.sys
    0xBAAC8000 \SystemRoot\system32\DRIVERS\wanarp.sys
    0xB5C2E000 \SystemRoot\system32\DRIVERS\netbt.sys
    0xB5BCE000 \SystemRoot\System32\vsdatant.sys
    0xB5BAC000 \SystemRoot\System32\drivers\afd.sys
    0xB5B80000 \SystemRoot\system32\DRIVERS\SaiH5F0D.sys
    0xBAAD8000 \SystemRoot\system32\DRIVERS\netbios.sys
    0xB5B55000 \SystemRoot\system32\DRIVERS\rdbss.sys
    0xB5AE5000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
    0xBAAF8000 \SystemRoot\System32\Drivers\Fips.SYS
    0xB5AC4000 \SystemRoot\System32\Drivers\aswSP.SYS
    0xBAB08000 \SystemRoot\system32\drivers\LVUSBSta.sys
    0xB59BF000 \SystemRoot\system32\DRIVERS\Camdrl.sys
    0xBAB18000 \SystemRoot\system32\drivers\usbaudio.sys
    0xBAC70000 \SystemRoot\System32\Drivers\Aavmker4.SYS
    0xB599B000 \SystemRoot\System32\Drivers\Fastfat.SYS
    0xB5983000 \SystemRoot\System32\Drivers\dump_atapi.sys
    0xBADE0000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
    0xBF800000 \SystemRoot\System32\win32k.sys
    0xB6180000 \SystemRoot\System32\drivers\Dxapi.sys
    0xBAC80000 \SystemRoot\System32\watchdog.sys
    0xBF9C3000 \SystemRoot\System32\drivers\dxg.sys
    0xBAFC4000 \SystemRoot\System32\drivers\dxgthk.sys
    0xBF9D5000 \SystemRoot\System32\nv4_disp.dll
    0xBAC88000 \SystemRoot\system32\DRIVERS\aswFsBlk.sys
    0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
    0xB567A000 \SystemRoot\system32\DRIVERS\fssfltr_tdi.sys
    0xB52EE000 \SystemRoot\system32\DRIVERS\ndisuio.sys
    0xB4EA5000 \SystemRoot\system32\DRIVERS\mrxdav.sys
    0xBAF0E000 \SystemRoot\System32\Drivers\GIVEIO.SYS
    0xBAE5E000 \SystemRoot\System32\Drivers\ParVdm.SYS
    0xB4E67000 \SystemRoot\System32\Drivers\aswMon2.SYS
    0xB4CFD000 \SystemRoot\system32\DRIVERS\srv.sys
    0xB4E43000 \SystemRoot\System32\Drivers\PEDRV.SYS
    0xB4BC6000 \??\D:\Program Files\Sandboxie\SbieDrv.sys
    0xB4A99000 \SystemRoot\system32\drivers\wdmaud.sys
    0xB4C5D000 \SystemRoot\system32\drivers\sysaudio.sys
    0xB4779000 \SystemRoot\System32\Drivers\aswRdr.SYS
    0xB4F1A000 \SystemRoot\System32\Drivers\Cdfs.SYS
    0xB3468000 \??\D:\DOCUME~1\NELSON~1\LOCALS~1\Temp\kwecyfod.sys
    0xB343D000 \SystemRoot\system32\drivers\kmixer.sys
    0x7C900000 \WINDOWS\system32\ntdll.dll

    Processes (total 58):
    0 System Idle Process
    4 System
    836 D:\WINDOWS\system32\smss.exe
    896 csrss.exe
    920 D:\WINDOWS\system32\winlogon.exe
    964 D:\WINDOWS\system32\services.exe
    976 D:\WINDOWS\system32\lsass.exe
    1128 D:\WINDOWS\system32\svchost.exe
    1196 svchost.exe
    1252 D:\Program Files\Windows Defender\MsMpEng.exe
    1292 D:\WINDOWS\system32\svchost.exe
    1344 svchost.exe
    1456 svchost.exe
    1704 D:\WINDOWS\explorer.exe
    1724 D:\WINDOWS\system32\ctfmon.exe
    1788 D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    1856 D:\WINDOWS\system32\spoolsv.exe
    1904 D:\WINDOWS\system32\acs.exe
    1960 svchost.exe
    1992 D:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
    2024 D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    168 D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    208 D:\Program Files\Alwil Software\Avast4\ashServ.exe
    252 D:\Program Files\Bonjour\mDNSResponder.exe
    292 D:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
    360 D:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    408 D:\WINDOWS\system32\nvsvc32.exe
    448 D:\Program Files\Sandboxie\SbieSvc.exe
    300 D:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    628 D:\WINDOWS\system32\svchost.exe
    680 wdfmgr.exe
    728 D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    1616 D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    2200 D:\WINDOWS\system32\wscntfy.exe
    2712 alg.exe
    2876 D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    2924 D:\Program Files\iTunes\iTunesHelper.exe
    3032 D:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
    3820 D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    3868 D:\Program Files\iPod\bin\iPodService.exe
    3876 D:\Program Files\Windows Live\Messenger\msnmsgr.exe
    4000 D:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
    4012 D:\Program Files\Sandboxie\SbieCtrl.exe
    4068 D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
    700 D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
    1364 D:\PROGRA~1\Yahoo!\MESSEN~1\Ymsgr_tray.exe
    968 D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe
    2204 D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
    2268 D:\Program Files\Saitek\Software\ProfilerU.exe
    2364 D:\Program Files\NETGEAR\WN111v2\WN111V2.exe
    2224 D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
    2588 D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposts08.exe
    2592 D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    220 D:\Program Files\Xfire\xfire.exe
    3216 D:\Program Files\OpenOffice.org 3\program\soffice.exe
    3304 D:\Program Files\OpenOffice.org 3\program\soffice.bin
    3580 D:\WINDOWS\system32\ZoneLabs\vsmon.exe
    3300 D:\Documents and Settings\Nelson Ramon Arucas\Desktop\Exe files downloaded onto flash drive from windows bbs web site\MBRCheck.exe

    \\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (FAT32)
    \\.\D: --> \\.\PhysicalDrive0 at offset 0x00000001`4589ae00 (NTFS)

    PhysicalDrive0 Model Number: SAMSUNGSV0602H, Rev: RH100-09

    Size Device Name MBR Status
    --------------------------------------------
    55 GB \\.\PhysicalDrive0 Windows XP MBR code detected
    SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A


    Done!
     
    Forsaken Knight,
    #12
  14. 2011/01/07
    Forsaken Knight

    Forsaken Knight Well-Known Member Thread Starter

    Joined:
    2007/12/01
    Messages:
    512
    Likes Received:
    0
    DDS (Ver_10-12-12.02) - NTFSx86
    Run by Nelson Ramon Arucas at 0:13:44.81 on Sat 01/08/2011
    Internet Explorer: 7.0.5730.13
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1791.1007 [GMT -5:00]

    AV: avast! antivirus 4.8.1368 [VPS 101226-1] *Disabled/Outdated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
    FW: ZoneAlarm Firewall *Enabled*

    ============== Running Processes ===============

    D:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    D:\Program Files\Windows Defender\MsMpEng.exe
    D:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    D:\WINDOWS\Explorer.EXE
    D:\WINDOWS\system32\ctfmon.exe
    D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    D:\WINDOWS\system32\spoolsv.exe
    D:\WINDOWS\system32\acs.exe
    svchost.exe
    D:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
    D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    D:\Program Files\Alwil Software\Avast4\ashServ.exe
    D:\Program Files\Bonjour\mDNSResponder.exe
    D:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
    D:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    D:\WINDOWS\system32\nvsvc32.exe
    D:\Program Files\Sandboxie\SbieSvc.exe
    D:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    D:\WINDOWS\system32\svchost.exe -k imgsvc
    D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    D:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    D:\WINDOWS\system32\wscntfy.exe
    D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    D:\Program Files\iTunes\iTunesHelper.exe
    D:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
    D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    D:\Program Files\iPod\bin\iPodService.exe
    D:\Program Files\Windows Live\Messenger\msnmsgr.exe
    D:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe
    D:\Program Files\Sandboxie\SbieCtrl.exe
    D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
    D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
    D:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
    D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
    D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
    D:\Program Files\Saitek\Software\ProfilerU.exe
    D:\Program Files\NETGEAR\WN111v2\WN111V2.exe
    D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
    D:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
    D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    D:\Program Files\Xfire\xfire.exe
    D:\Program Files\OpenOffice.org 3\program\soffice.exe
    D:\Program Files\OpenOffice.org 3\program\soffice.bin
    D:\WINDOWS\system32\ZoneLabs\vsmon.exe
    D:\Documents and Settings\Nelson Ramon Arucas\Desktop\Exe files downloaded onto flash drive from windows bbs web site\dds.scr

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.comcast.net/
    mWinlogon: SfcDisable=-99 (0xffffff9d)
    BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - d:\progra~1\yahoo!\companion\installs\cpn\yt.dll
    BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - d:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - d:\program files\spybot - search & destroy\SDHelper.dll
    BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - d:\program files\yahoo!\common\yiesrvc.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - d:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
    BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - d:\program files\java\jre1.6.0_07\bin\ssv.dll
    BHO: Comcast Toolbar: {79ceea4e-c231-4614-9e3b-53b2a02f39b7} - d:\program files\comcasttb\comcastdx.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - d:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - d:\program files\google\googletoolbar2.dll
    BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - d:\program files\windows live\toolbar\wltcore.dll
    TB: Yahoo! ¤u¨Ã£¦C: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - d:\progra~1\yahoo!\companion\installs\cpn\yt.dll
    TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - d:\program files\google\googletoolbar2.dll
    TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - d:\program files\windows live\toolbar\wltcore.dll
    TB: Comcast Toolbar: {79ceea4e-c231-4614-9e3b-53b2a02f39b7} - d:\program files\comcasttb\comcastdx.dll
    EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - d:\windows\system32\Shdocvw.dll
    uRun: [Yahoo! Pager] "d:\progra~1\yahoo!\messen~1\YAHOOM~1.EXE" -quiet
    uRun: [SpybotSD TeaTimer] d:\program files\spybot - search & destroy\TeaTimer.exe
    uRun: [WebCamRT.exe]
    uRun: [ctfmon.exe] d:\windows\system32\ctfmon.exe
    uRun: [msnmsgr] "d:\program files\windows live\messenger\msnmsgr.exe" /background
    uRun: [ComcastAntispyClient] "d:\program files\comcasttb\comcastspywarescan\ComcastAntispy.exe" /hide
    uRun: [SandboxieControl] "d:\program files\sandboxie\SbieCtrl.exe "
    uRun: [LDM] d:\program files\logitech\desktop messenger\8876480\program\BackWeb-8876480.exe
    mRun: [avast!] d:\progra~1\alwils~1\avast4\ashDisp.exe
    mRun: [QuickTime Task] "d:\program files\quicktime\qttask.exe" -atboottime
    mRun: [iTunesHelper] "d:\program files\itunes\iTunesHelper.exe "
    mRun: [NvCplDaemon] RUNDLL32.EXE d:\windows\system32\NvCpl.dll,NvStartup
    mRun: [HP Software Update] d:\program files\hewlett-packard\hp software update\HPWuSchd2.exe
    mRun: [jswtrayutil] "d:\program files\netgear\wn111v2\jswtrayutil.exe "
    dRun: [DWQueuedReporting] "d:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
    dRunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
    dRunOnce: [WUAppSetup] d:\program files\common files\logishrd\WUApp32.exe -v 0x046d -p 0x08b2 -f video -m logitech -d 10.5.1.2023
    StartupFolder: d:\docume~1\nelson~1\startm~1\programs\startup\openof~1.lnk - d:\program files\openoffice.org 3\program\quickstart.exe
    StartupFolder: d:\docume~1\nelson~1\startm~1\programs\startup\xfire.lnk - d:\program files\xfire\xfire.exe
    StartupFolder: d:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - d:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
    StartupFolder: d:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - d:\program files\hewlett-packard\digital imaging\bin\hpqtra08.exe
    StartupFolder: d:\docume~1\alluse~1\startm~1\programs\startup\hppsc2~1.lnk - d:\program files\hewlett-packard\digital imaging\bin\hpobnz08.exe
    StartupFolder: d:\docume~1\alluse~1\startm~1\programs\startup\itunes.lnk - d:\windows\installer\{ef6c4600-306d-4f6a-a119-c2a877d25b4a}\iTunesIco.exe
    StartupFolder: d:\docume~1\alluse~1\startm~1\programs\startup\launch~1.lnk - d:\program files\saitek\software\ProfilerU.exe
    StartupFolder: d:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - d:\program files\logitech\desktop messenger\8876480\program\LDMConf.exe
    StartupFolder: d:\docume~1\alluse~1\startm~1\programs\startup\netgea~1.lnk - d:\program files\netgear\wn111v2\WN111V2.exe
    StartupFolder: d:\docume~1\alluse~1\startm~1\programs\startup\office~1.lnk - d:\program files\hewlett-packard\digital imaging\bin\hposol08.exe
    StartupFolder: d:\docume~1\alluse~1\startm~1\programs\startup\zoneal~1.lnk - d:\program files\zone labs\zonealarm\zlclient.exe
    uPolicies-explorer: NoInstrumentation = 1 (0x1)
    dPolicies-explorer: ForceClassicControlPanel = 1 (0x1)
    dPolicies-explorer: NoInstrumentation = 1 (0x1)
    IE: E&xport to Microsoft Excel - d:\progra~1\micros~1\office11\EXCEL.EXE/3000
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - d:\program files\messenger\msmsgs.exe
    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - d:\program files\java\jre1.6.0_07\bin\ssv.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - d:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - d:\program files\yahoo!\common\yiesrvc.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - d:\progra~1\micros~1\office11\REFIEBAR.DLL
    IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - d:\windows\system32\Shdocvw.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - d:\program files\spybot - search & destroy\SDHelper.dll
    Trusted Zone: com.tw\asia.msi
    Trusted Zone: com.tw\global.msi
    Trusted Zone: com.tw\www.msi
    DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/E/3/9/E39C664F-A8E3-4F69-A109-1AE9849204EE/OGAControl.cab
    DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/OAS/ActiveX/MSDcode.cab
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} - hxxp://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab
    DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - d:\program files\yahoo!\common\Yinsthelper.dll
    DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
    DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} - hxxp://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1272133539471
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1272133528581
    DPF: {88D969C0-F192-11D4-A65F-0040963251E5} - hxxp://ipgweb.cce.hp.com/rdqaio2/downloads/msxml4.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - d:\progra~1\wifd1f~1\MpShHook.dll

    ============= SERVICES / DRIVERS ===============

    R1 aswSP;avast! Self Protection;d:\windows\system32\drivers\aswSP.sys [2008-4-15 114768]
    R1 KLIF;KLIF;d:\windows\system32\drivers\klif.sys [2008-4-3 127768]
    R1 vsdatant;vsdatant;d:\windows\system32\vsdatant.sys [2008-4-3 394952]
    R2 aawservice;Lavasoft Ad-Aware Service;d:\program files\lavasoft\ad-aware\aawservice.exe [2008-7-7 611664]
    R2 AntiSpywareService;Comcast AntiSpyware;d:\program files\comcasttb\comcastspywarescan\ComcastAntiSpyService.exe [2009-6-17 616408]
    R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [2008-4-15 20560]
    R2 avast! Antivirus;avast! Antivirus;d:\program files\alwil software\avast4\ashServ.exe [2008-4-14 138680]
    R2 fssfltr;FssFltr;d:\windows\system32\drivers\fssfltr_tdi.sys [2009-10-22 54752]
    R2 PEDRV;P&E Microcomputer System PCI Driver.;d:\windows\system32\drivers\pedrv.sys [2000-8-3 23296]
    R2 vsmon;TrueVector Internet Monitor;d:\windows\system32\zonelabs\vsmon.exe -service --> d:\windows\system32\zonelabs\vsmon.exe -service [?]
    R2 WinDefend;Windows Defender;d:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
    R3 JSWSCIMD;jswscimd Service;d:\windows\system32\drivers\jswscimd.sys [2008-10-1 57440]
    R3 SaiH5F0D;SaiH5F0D;d:\windows\system32\drivers\SaiH5F0D.sys [2008-4-4 176640]
    R3 SaiU5F0D;SaiU5F0D;d:\windows\system32\drivers\SaiU5F0D.sys [2008-4-4 27264]
    R3 SbieDrv;SbieDrv;d:\program files\sandboxie\SbieDrv.sys [2010-7-4 119016]
    S3 avast! Mail Scanner;avast! Mail Scanner;d:\program files\alwil software\avast4\ashMaiSv.exe [2008-4-14 254040]
    S3 avast! Web Scanner;avast! Web Scanner;d:\program files\alwil software\avast4\ashWebSv.exe [2008-4-14 352920]
    S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;d:\windows\system32\DNINDIS5.sys [2003-7-24 17149]
    S3 fsssvc;Windows Live Family Safety Service;d:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]
    S3 jswpsapi;Jumpstart Wifi Protected Setup;d:\program files\netgear\wn111v2\jswpsapi.exe [2008-2-27 360547]
    S3 WN111v2;NETGEAR WN111v2 USB2.0 Wireless Card Service;d:\windows\system32\drivers\WN111v2.sys [2009-1-14 458752]

    =============== Created Last 30 ================

    2011-01-08 02:38:00 -------- d-----w- d:\docume~1\nelson~1\applic~1\Malwarebytes
    2011-01-08 02:37:36 38224 ----a-w- d:\windows\system32\drivers\mbamswissarmy.sys
    2011-01-08 02:37:35 -------- d-----w- d:\docume~1\alluse~1\applic~1\Malwarebytes
    2011-01-08 02:37:30 20952 ----a-w- d:\windows\system32\drivers\mbam.sys
    2011-01-08 02:37:30 -------- d-----w- d:\program files\Malwarebytes' Anti-Malware
    2010-12-27 21:16:19 57408 ----a-w- d:\windows\system32\drivers\wsimd.sys
    2010-12-24 06:53:17 6273872 ----a-w- d:\docume~1\alluse~1\applic~1\microsoft\windows defender\definition updates\{2d7ea1e5-cf4d-4ec9-9dd8-a14783709289}\mpengine.dll

    ==================== Find3M ====================

    2010-10-19 15:41:44 222080 ------w- d:\windows\system32\MpSigStub.exe
    2004-09-11 01:18:54 5923328 ------r- d:\program files\PRO11.MSI
    2004-09-11 01:18:18 604672 ------r- d:\program files\OWC11.MSI
    2004-09-11 01:18:18 560128 ------r- d:\program files\OWC10.MSI
    2004-09-11 01:17:52 416824 ------r- d:\program files\SETUP.EXE

    ============= FINISH: 0:14:33.79 ===============
     
    Forsaken Knight,
    #13
  15. 2011/01/07
    Forsaken Knight

    Forsaken Knight Well-Known Member Thread Starter

    Joined:
    2007/12/01
    Messages:
    512
    Likes Received:
    0
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT

    DDS (Ver_10-12-12.02)

    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 4/3/2008 8:55:25 AM
    System Uptime: 1/7/2011 10:06:59 PM (2 hours ago)

    Motherboard: MSI | | MS-7309
    Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4000+ | CPU 1 | 2109/200mhz

    ==== Disk Partitions =========================

    A: is Removable
    C: is FIXED (FAT32) - 5 GiB total, 0.857 GiB free.
    D: is FIXED (NTFS) - 51 GiB total, 11.643 GiB free.
    E: is CDROM ()

    ==== Disabled Device Manager Items =============

    ==== System Restore Points ===================

    RP815: 10/2/2010 1:59:43 AM - Software Distribution Service 3.0
    RP816: 10/3/2010 10:44:42 AM - System Checkpoint
    RP817: 10/5/2010 2:24:49 AM - Software Distribution Service 3.0
    RP818: 10/6/2010 9:58:04 AM - System Checkpoint
    RP819: 10/8/2010 2:07:58 AM - Software Distribution Service 3.0
    RP820: 10/12/2010 2:01:44 AM - Software Distribution Service 3.0
    RP821: 10/13/2010 1:21:02 PM - System Checkpoint
    RP822: 10/15/2010 9:56:10 PM - System Checkpoint
    RP823: 10/16/2010 1:32:42 AM - Software Distribution Service 3.0
    RP824: 10/17/2010 7:37:59 PM - System Checkpoint
    RP825: 10/19/2010 2:21:05 AM - Software Distribution Service 3.0
    RP826: 10/20/2010 4:34:58 AM - System Checkpoint
    RP827: 10/22/2010 1:59:41 AM - Software Distribution Service 3.0
    RP828: 10/23/2010 7:53:31 AM - System Checkpoint
    RP829: 10/24/2010 9:30:24 AM - System Checkpoint
    RP830: 10/25/2010 9:31:02 AM - System Checkpoint
    RP831: 10/26/2010 2:12:55 AM - Software Distribution Service 3.0
    RP832: 10/27/2010 2:35:33 AM - System Checkpoint
    RP833: 10/28/2010 1:46:34 PM - System Checkpoint
    RP834: 10/29/2010 1:58:07 AM - Software Distribution Service 3.0
    RP835: 10/30/2010 9:10:38 AM - System Checkpoint
    RP836: 11/1/2010 2:57:59 AM - System Checkpoint
    RP837: 11/3/2010 1:26:06 AM - System Checkpoint
    RP838: 11/3/2010 1:46:54 AM - Software Distribution Service 3.0
    RP839: 11/4/2010 2:26:00 AM - Software Distribution Service 3.0
    RP840: 11/5/2010 1:42:54 AM - Software Distribution Service 3.0
    RP841: 11/10/2010 1:40:58 AM - Software Distribution Service 3.0
    RP842: 11/11/2010 10:08:37 PM - System Checkpoint
    RP843: 11/12/2010 1:53:58 AM - Software Distribution Service 3.0
    RP844: 11/13/2010 12:57:58 PM - System Checkpoint
    RP845: 11/15/2010 11:56:50 AM - System Checkpoint
    RP846: 11/16/2010 2:08:24 AM - Software Distribution Service 3.0
    RP847: 11/17/2010 2:18:59 AM - System Checkpoint
    RP848: 11/19/2010 1:59:08 AM - System Checkpoint
    RP849: 11/19/2010 2:02:29 AM - Software Distribution Service 3.0
    RP850: 11/23/2010 2:22:02 AM - Software Distribution Service 3.0
    RP851: 11/24/2010 3:45:36 AM - System Checkpoint
    RP852: 11/26/2010 1:52:55 AM - Software Distribution Service 3.0
    RP853: 11/30/2010 2:04:52 AM - Software Distribution Service 3.0
    RP854: 12/2/2010 11:59:47 AM - System Checkpoint
    RP855: 12/3/2010 2:05:45 AM - Software Distribution Service 3.0
    RP856: 12/5/2010 2:42:25 PM - System Checkpoint
    RP857: 12/7/2010 2:05:48 AM - Software Distribution Service 3.0
    RP858: 12/8/2010 2:54:35 AM - System Checkpoint
    RP859: 12/10/2010 2:22:31 AM - Software Distribution Service 3.0
    RP860: 12/11/2010 9:10:10 AM - System Checkpoint
    RP861: 12/12/2010 3:11:44 PM - System Checkpoint
    RP862: 12/14/2010 1:44:32 AM - Software Distribution Service 3.0
    RP863: 12/17/2010 1:32:17 AM - Software Distribution Service 3.0
    RP864: 12/18/2010 10:50:55 AM - System Checkpoint
    RP865: 12/19/2010 1:42:36 PM - System Checkpoint
    RP866: 12/21/2010 1:51:06 AM - Software Distribution Service 3.0
    RP867: 12/22/2010 1:51:13 PM - System Checkpoint
    RP868: 12/23/2010 1:57:21 PM - System Checkpoint
    RP869: 12/24/2010 1:52:40 AM - Software Distribution Service 3.0
    RP870: 12/25/2010 1:12:20 PM - System Checkpoint
    RP871: 12/26/2010 2:26:46 PM - System Checkpoint
    RP872: 12/27/2010 4:06:39 PM - Configured RangeMax Wireless-N USB Adapter WN111v2
    RP873: 12/27/2010 4:15:07 PM - Installed RangeMax Wireless-N USB Adapter WN111v2
    RP874: 12/28/2010 5:22:43 PM - System Checkpoint

    ==== Installed Programs ======================

    Ad-Aware
    Adobe Download Manager
    Adobe Flash Player 10 ActiveX
    Adobe Reader 7.0
    AiO_Scan_CDA
    AiOSoftwareNPI
    AirRivals 1.0.0.26
    Alpha Prime
    Apple Mobile Device Support
    Apple Software Update
    avast! Antivirus
    Bonjour
    BufferChm
    CA Pest Patrol Realtime Protection
    CodeWarrior Development Studio for S12(X) V5.0
    Comcast High-Speed Internet Install Wizard
    Comcast Toolbar 3.0
    Compatibility Pack for the 2007 Office system
    CP_Package_Variety1
    CP_Package_Variety2
    CP_Package_Variety3
    Destinations
    DeviceManagementQFolder
    DFOLauncher
    DMI Browse
    DocProc
    eSupportQFolder
    F300
    F300_Help
    F300Trb
    Fax_CDA
    Google Toolbar for Internet Explorer
    High Definition Audio Driver Package - KB888111
    HijackThis 2.0.2
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Internet Explorer 7 (KB947864)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB954708)
    Hotfix for Windows XP (KB961118)
    HP Driver Diagnostics
    HP Imaging Device Functions 6.1
    HP Photo and Imaging 1.0 - HP PSC - HP OfficeJet
    HP Photo and Imaging 1.0 - HP PSC - HP OfficeJet Drivers
    HP Photosmart Essential
    HP Print Diagnostic Utility
    HP PSC & OfficeJet 6.1.A
    HP Software Update
    HP Solution Center and Imaging Support Tools 6.1
    HPProductAssistant
    i-Speeder
    Icewind Dale
    ImgBurn
    InfoView
    iTunes
    Java(TM) 6 Update 5
    Java(TM) 6 Update 7
    Junk Mail filter update
    Logitech Desktop Messenger
    Logitech IM Video Companion
    Logitech ImageStudio
    Logitech Print Service
    Malwarebytes' Anti-Malware
    MGI PhotoSuite 4 (Remove Only)
    MGI VideoWave 4
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Application Error Reporting
    Microsoft Choice Guard
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Office Professional Edition 2003
    Microsoft Search Enhancement Pack
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Sync Framework Runtime Native v1.0 (x86)
    Microsoft Sync Framework Services Native v1.0 (x86)
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Move Media Player
    MSVCRT
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MyScribe
    NewCopy_CDA
    NVIDIA DDS Utilities
    NVIDIA Drivers
    NVIDIA Photoshop Plug-ins
    OpenOffice.org 3.0
    Pando Media Booster
    Philips Firmware Manager
    ProductContextNPI
    QuickTime
    RangeMax Wireless-N USB Adapter WN111v2
    Readiris 7.5
    Readme
    RealPlayer 7 Basic
    Realtek High Definition Audio Driver
    Registry Mechanic 5.2
    Rhapsody Player Engine
    Saitek SST Programming Software
    Sandboxie 3.46
    Scan
    ScannerCopy
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB942615)
    Security Update for Windows Internet Explorer 7 (KB944533)
    Security Update for Windows Internet Explorer 7 (KB950759)
    Security Update for Windows Internet Explorer 7 (KB953838)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB963027)
    Security Update for Windows Internet Explorer 7 (KB969897)
    Security Update for Windows Internet Explorer 7 (KB972260)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player 10 (KB936782)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB938464-v2)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973869)
    Segoe UI
    SolutionCenter
    Spybot - Search & Destroy
    Status
    Steam
    TeamSpeak 3 Client
    Toolbox
    TrayApp
    Unload
    Unreal Anthology
    UnrealKeyChanger
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB973815)
    UT2004Mi v2.00
    Ventrilo Client
    WebFldrs XP
    WebReg
    Winamp
    Windows Defender
    Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
    Windows Driver Package - SofTec Microsystems (sft02) SofTecUSBDevices (02/07/2007 2.40.0.0)
    Windows Internet Explorer 7
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Family Safety
    Windows Live ID Sign-in Assistant
    Windows Live Mail
    Windows Live Messenger
    Windows Live Photo Gallery
    Windows Live Sync
    Windows Live Toolbar
    Windows Live Upload Tool
    Windows Live Writer
    Windows Media Format Runtime
    Windows Media Player 10
    Windows XP Service Pack 3
    WinRAR archiver
    WMIinfo
    WN111v2
    Xfire (remove only)
    Xirrus Wi-Fi Inspector
    Yahoo! Browser Services
    Yahoo! Install Manager
    Yahoo! Internet Mail
    Yahoo! Messenger
    Yahoo! ¤u¨Ã£¦C
    ZoneAlarm
    ZoneAlarm Spy Blocker

    ==== Event Viewer Messages From Past Week ========

    1/7/2011 8:56:32 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
    1/7/2011 8:56:27 PM, error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
    1/7/2011 8:56:25 PM, error: Service Control Manager [7034] - The SeaPort service terminated unexpectedly. It has done this 1 time(s).
    1/7/2011 8:56:24 PM, error: Service Control Manager [7034] - The Sandboxie Service service terminated unexpectedly. It has done this 1 time(s).
    1/7/2011 8:56:24 PM, error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
    1/7/2011 8:56:24 PM, error: Service Control Manager [7034] - The CA Pest Patrol Realtime Protection Service service terminated unexpectedly. It has done this 1 time(s).
    1/7/2011 8:56:24 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
    1/7/2011 8:56:23 PM, error: Service Control Manager [7034] - The Comcast AntiSpyware service terminated unexpectedly. It has done this 1 time(s).
    1/7/2011 8:56:23 PM, error: Service Control Manager [7034] - The Atheros Configuration Service service terminated unexpectedly. It has done this 1 time(s).
    1/7/2011 8:56:23 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    1/7/2011 8:56:22 PM, error: Service Control Manager [7031] - The Windows Defender service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
    1/7/2011 8:56:22 PM, error: Service Control Manager [7031] - The Lavasoft Ad-Aware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
    1/7/2011 7:33:30 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the TrueVector Internet Monitor service to connect.
    1/7/2011 7:33:30 PM, error: Service Control Manager [7000] - The TrueVector Internet Monitor service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    1/7/2011 7:32:25 PM, error: ParVdm [2] - Unable to get device object pointer for port object.
    1/7/2011 10:18:56 PM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.

    ==== End Of File ===========================
     
    Forsaken Knight,
    #14
  16. 2011/01/07
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running tools or applying updates other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ===============================================================

    Please download ComboFix from [color= "Red"]Here[/color] or [color= "#FF0000"]Here[/color] to your Desktop.

    [color= "Blue"]**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**[/color]
    1. Please, never rename Combofix unless instructed.
    2. Close any open browsers.
    3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
      • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results ".
      • Click on [color= "Red"]this link[/color] to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
      NOTE1. If Combofix asks you to install Recovery Console, please allow it.
      NOTE 2. If Combofix asks you to update the program, always do so.
      • Close any open browsers.
      • [color= "Red"]WARNING:[/color] Combofix will disconnect your machine from the Internet as soon as it starts
      • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
      • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    4. Double click on combofix.exe & follow the prompts.
    5. When finished, it will produce a report for you.
    6. Please post the "C:\ComboFix.txt"
    **Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
    **Note 2 for AVG users: ComboFix will not run until AVG is uninstalled as a protective measure against the anti-virus. This is because AVG "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results ". Since AVG cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG first.
    Use AppRemover to uninstall it: http://www.appremover.com/
    We can reinstall it when we're done with CF.
    **Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion ", restart computer to fix the issue.



    Make sure, you re-enable your security programs, when you're done with Combofix.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    NOTE.
    If, for some reason, Combofix refuses to run, try one of the following:

    1. Run Combofix from Safe Mode.

    2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
    Do NOT run it yet.

    Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.

    There are 4 different versions. If one of them won't run then download and try to run the other one.

    Vista and Win7 users need to right click Rkill and choose Run as Administrator

    You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

    Rkill.com
    Rkill.scr
    Rkill.exe

    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • Do not reboot until instructed.
    • If the tool does not run from any of the links provided, please let me know.

    Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

    If normal mode still doesn't work, run BOTH tools from safe mode.

    In case #2, please post BOTH logs, rKill and Combofix.

    DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
     
    broni,
    #15
  17. 2011/01/08
    Forsaken Knight

    Forsaken Knight Well-Known Member Thread Starter

    Joined:
    2007/12/01
    Messages:
    512
    Likes Received:
    0
    Hello broni, I've meantioned it in the initial post, but I can not log onto the net from my room pc. Therefore, thinking that I might use all or most of the programs you instructed me to use on my earlier threaded topic, I downloaded them onto a separete folder on my flash drive. I have not installed all of them as I do not know what will be needed of me; but the exe files are on my flash drive just so I do not have to download them later. Anyways, I will do as you have asked, and perform combofix as per your instructions. I look forward to receiving your help again in this specific matter.
     
    Forsaken Knight,
    #16
  18. 2011/01/08
    Forsaken Knight

    Forsaken Knight Well-Known Member Thread Starter

    Joined:
    2007/12/01
    Messages:
    512
    Likes Received:
    0
    Forsaken Knight,
    #17
  19. 2011/01/08
    Forsaken Knight

    Forsaken Knight Well-Known Member Thread Starter

    Joined:
    2007/12/01
    Messages:
    512
    Likes Received:
    0
    This log file is located at D:\rkill.log.
    Please post this only if requested to by the person helping you.
    Otherwise you can close this log when you wish.

    Rkill was run on 01/08/2011 at 13:49:56.
    Operating System: Microsoft Windows XP


    Processes terminated by Rkill or while it was running:



    Rkill completed on 01/08/2011 at 13:50:09.
     
    Forsaken Knight,
    #18
  20. 2011/01/08
    Forsaken Knight

    Forsaken Knight Well-Known Member Thread Starter

    Joined:
    2007/12/01
    Messages:
    512
    Likes Received:
    0
    ComboFix 11-01-07.01 - Nelson Ramon Arucas 01/08/2011 13:34:32.1.2 - x86
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1791.1108 [GMT -5:00]
    Running from: d:\documents and settings\Nelson Ramon Arucas\Desktop\Exe files downloaded onto flash drive from windows bbs web site\ComboFix.exe
    AV: avast! antivirus 4.8.1368 [VPS 101226-1] *Disabled/Outdated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
    FW: ZoneAlarm Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
    * Created a new restore point
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Autorun.inf
    d:\program files\\setup.exe
    d:\program files\autorun.inf
    d:\program files\Setup.exe
    d:\windows\Downloaded Program Files\ODCTOOLS

    .
    ((((((((((((((((((((((((( Files Created from 2010-12-08 to 2011-01-08 )))))))))))))))))))))))))))))))
    .

    2011-01-08 02:38 . 2011-01-08 02:38 -------- d-----w- d:\documents and settings\Nelson Ramon Arucas\Application Data\Malwarebytes
    2011-01-08 02:37 . 2010-12-20 23:09 38224 ----a-w- d:\windows\system32\drivers\mbamswissarmy.sys
    2011-01-08 02:37 . 2011-01-08 02:37 -------- d-----w- d:\documents and settings\All Users\Application Data\Malwarebytes
    2011-01-08 02:37 . 2011-01-08 02:37 -------- d-----w- d:\program files\Malwarebytes' Anti-Malware
    2011-01-08 02:37 . 2010-12-20 23:08 20952 ----a-w- d:\windows\system32\drivers\mbam.sys
    2010-12-27 21:16 . 2007-12-14 09:31 57408 ----a-w- d:\windows\system32\drivers\wsimd.sys
    2010-12-24 06:53 . 2010-11-10 04:33 6273872 ----a-w- d:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{2D7EA1E5-CF4D-4EC9-9DD8-A14783709289}\mpengine.dll

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-11-10 04:33 . 2008-04-03 19:33 6273872 ----a-w- d:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
    2010-10-19 15:41 . 2009-10-03 06:06 222080 ------w- d:\windows\system32\MpSigStub.exe
    2004-09-11 01:18 . 2004-09-11 01:18 5923328 ------r- d:\program files\PRO11.MSI
    2004-09-11 01:18 . 2004-09-11 01:18 604672 ------r- d:\program files\OWC11.MSI
    2004-09-11 01:18 . 2004-09-11 01:18 560128 ------r- d:\program files\OWC10.MSI
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SpybotSD TeaTimer "= "d:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
    "msnmsgr "= "d:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
    "ComcastAntispyClient "= "d:\program files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" [2009-08-19 1589208]
    "SandboxieControl "= "d:\program files\Sandboxie\SbieCtrl.exe" [2010-07-04 398568]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "avast! "= "d:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
    "QuickTime Task "= "d:\program files\QuickTime\qttask.exe" [2008-05-27 413696]
    "iTunesHelper "= "d:\program files\iTunes\iTunesHelper.exe" [2008-07-10 289064]
    "NvCplDaemon "= "d:\windows\system32\NvCpl.dll" [2008-09-18 13574144]
    "HP Software Update "= "d:\program files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" [2005-12-15 49152]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "DWQueuedReporting "= "d:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "nltide_3 "= "advpack.dll" [2009-06-29 124928]
    "WUAppSetup "= "d:\program files\Common Files\logishrd\WUApp32.exe" [2007-02-03 430080]

    d:\documents and settings\Nelson Ramon Arucas\Start Menu\Programs\Startup\
    OpenOffice.org 3.0.lnk - d:\program files\OpenOffice.org 3\program\quickstart.exe [2008-9-12 384000]
    Xfire.lnk - d:\program files\Xfire\xfire.exe [2010-7-9 3493776]

    d:\documents and settings\All Users\Start Menu\Programs\Startup\
    Adobe Reader Speed Launch.lnk - d:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
    HP Digital Imaging Monitor.lnk - d:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2005-12-15 282624]
    hp psc 2000 Series.lnk - d:\program files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe [2002-6-27 323646]
    iTunes.lnk - d:\windows\Installer\{EF6C4600-306D-4F6A-A119-C2A877D25B4A}\iTunesIco.exe [2008-7-13 102400]
    Launch Profile Launcher.lnk - d:\program files\Saitek\Software\ProfilerU.exe [2008-4-8 163840]
    Logitech Desktop Messenger.lnk - d:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-4-3 169472]
    NETGEAR WN111v2 Smart Wizard.lnk - d:\program files\NETGEAR\WN111v2\WN111V2.exe [2009-3-25 1503290]
    officejet 6100.lnk - d:\program files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe [2002-6-27 147456]
    ZoneAlarm Security.lnk - d:\program files\Zone Labs\ZoneAlarm\zlclient.exe [2008-4-3 919016]

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
    "ForceClassicControlPanel "= 1 (0x1)

    [HKEY_LOCAL_MACHINE\software\policies\microsoft\windows\windowsupdate\au]
    "NoAutoUpdate "= 1 (0x1)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
    @= "Service "

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @= "Service "

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
    "DisableMonitoring "=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall "= 0 (0x0)
    "DisableUnicastResponsesToMulticastBroadcast "= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\Network Diagnostic\\xpnetdiag.exe "=
    "d:\\Program Files\\Bonjour\\mDNSResponder.exe "=
    "d:\\Program Files\\iTunes\\iTunes.exe "=
    "d:\\Program Files\\Steam\\steamapps\\common\\alpha prime\\AlphaPrime.exe "=
    "d:\program files\Gameforge4D\AirRivals\Launcher.atm "= d:\program files\Gameforge4D\AirRivals\Launcher.atm:Enabled:GameExe2
    "d:\program files\Gameforge4D\AirRivals\Res-Voip\SCVoIP.exe "= d:\program files\Gameforge4D\AirRivals\Res-Voip\SCVoIP.exe:Enabled:GameVoIP
    "d:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe "=
    "d:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe "=
    "d:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe "=
    "d:\\WINDOWS\\system32\\sessmgr.exe "=
    "d:\\Program Files\\Yahoo!\\Messenger\\YServer.exe "=
    "d:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe "=
    "d:\\Program Files\\Xfire\\xfire.exe "=
    "d:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqtra08.exe "=
    "d:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqste08.exe "=
    "d:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpofxm08.exe "=
    "d:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposfx08.exe "=
    "d:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposid01.exe "=
    "d:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqscnvw.exe "=
    "d:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqkygrp.exe "=
    "d:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqCopy.exe "=
    "d:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpfccopy.exe "=
    "d:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpzwiz01.exe "=
    "d:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqPhUnl.exe "=
    "d:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqDIA.exe "=
    "d:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpoews01.exe "=
    "d:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqnrs08.exe "=
    "d:\\Program Files\\Ventrilo\\Ventrilo.exe "=
    "d:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe "=
    "d:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe "=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "56143:TCP "= 56143:TCP:pando Media Booster
    "56143:UDP "= 56143:UDP:pando Media Booster

    R1 aswSP;avast! Self Protection;d:\windows\system32\drivers\aswSP.sys [4/15/2008 3:07 PM 114768]
    R2 AntiSpywareService;Comcast AntiSpyware;d:\program files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [6/17/2009 12:49 PM 616408]
    R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [4/15/2008 3:07 PM 20560]
    R2 PEDRV;P&E Microcomputer System PCI Driver.;d:\windows\system32\drivers\pedrv.sys [8/3/2000 1:25 PM 23296]
    R2 WinDefend;Windows Defender;d:\program files\Windows Defender\MsMpEng.exe [11/3/2006 10:19 PM 13592]
    R3 JSWSCIMD;jswscimd Service;d:\windows\system32\drivers\jswscimd.sys [10/1/2008 4:45 PM 57440]
    R3 SaiH5F0D;SaiH5F0D;d:\windows\system32\drivers\SaiH5F0D.sys [4/4/2008 1:15 AM 176640]
    R3 SaiU5F0D;SaiU5F0D;d:\windows\system32\drivers\SaiU5F0D.sys [4/4/2008 1:15 AM 27264]
    S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;d:\windows\system32\DNINDIS5.sys [7/24/2003 12:10 PM 17149]
    S3 jswpsapi;Jumpstart Wifi Protected Setup;d:\program files\NETGEAR\WN111v2\jswpsapi.exe [2/27/2008 11:54 AM 360547]
    S3 WN111v2;NETGEAR WN111v2 USB2.0 Wireless Card Service;d:\windows\system32\drivers\WN111v2.sys [1/14/2009 2:23 AM 458752]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    getPlusHelper REG_MULTI_SZ getPlusHelper
    .
    Contents of the 'Scheduled Tasks' folder

    2010-12-24 d:\windows\Tasks\AppleSoftwareUpdate.job
    - d:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 00:57]

    2008-07-08 d:\windows\Tasks\FRU Task 2002-06-27 08:46ewlett-Packard2002-06-27 08:46p psc 2200 seriesF56855811176EC24C9B302F94878AD886AF77CFF207566146.job
    - d:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2002-06-27 08:46]

    2011-01-08 d:\windows\Tasks\MP Scheduled Scan.job
    - d:\program files\Windows Defender\MpCmdRun.exe [2006-11-04 03:20]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.comcast.net/
    IE: E&xport to Microsoft Excel - d:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
    Trusted Zone: com.tw\asia.msi
    Trusted Zone: com.tw\global.msi
    Trusted Zone: com.tw\www.msi
    .
    - - - - ORPHANS REMOVED - - - -

    HKCU-Run-WebCamRT.exe - (no file)
    HKCU-Run-LDM - d:\program files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
    HKLM-Run-jswtrayutil - d:\program files\NETGEAR\WN111v2\jswtrayutil.exe
    Notify-WgaLogon - (no file)
    AddRemove-Icewind Dale - f:\gaming folder for new pc on 4 5 2008\Uninst.isu



    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2011-01-08 13:41
    Windows 5.1.2600 Service Pack 3 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------

    [HKEY_USERS\S-1-5-21-343818398-813497703-682003330-1003\Software\Microsoft\SystemCertificates\AddressBook*]
    @Allowed: (Read) (RestrictedCode)
    @Allowed: (Read) (RestrictedCode)
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------

    - - - - - - - > 'winlogon.exe'(916)
    d:\program files\CA\PPRT\bin\CACheck.dll
    d:\program files\CA\PPRT\bin\CAHook.dll
    d:\program files\CA\PPRT\bin\CAServer.dll
    .
    Completion time: 2011-01-08 13:44:06
    ComboFix-quarantined-files.txt 2011-01-08 18:44

    Pre-Run: 12,372,779,008 bytes free
    Post-Run: 12,323,090,432 bytes free

    - - End Of File - - 5A6B2B8721CB506C5AA89D529DBCCA7D
     
    Forsaken Knight,
    #19
  21. 2011/01/08
    broni

    broni Moderator Malware Analyst

    Joined:
    2002/08/01
    Messages:
    21,701
    Likes Received:
    116
    Combofix log looks fine.
    Tell me little bit more about it.

    Also....

    1. Click Start>Run (Start> "Start search" in Vista and Win 7).

    2. Type in (or copy and paste):

    cmd /c ping google.com>%temp%\$.$&notepad %temp%\$.$

    and press Enter.

    3. Notepad will open.

    4. Copy all text in Notepad ([Ctrl-A], then [Ctrl-C]), and then post it (paste = [Ctrl-V]) in your next reply.

    ==============================================================

    Go Start>Run ( "Start search" in Vista and Win 7), type in:
    cmd
    Click OK (hit Enter in Vista and Win 7).

    At Command Prompt, paste this:
    ipconfig /all>c:\ipconfig_all.txt&notepad c:\ipconfig_all.txt&exit
    Hit Enter.

    Copy and paste what you see in Notepad into a Reply here.
     
    broni,
    #20
Page 1 of 3

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...