My Moms Computer

Posted 5/5/2009 4:58 PM

#73301

keng53140 Advanced member

Date Joined Nov 2016
Total Posts: 77

Hi!
My moms computer has been acting like its infected for about a month now, so I am here to fix it with your help.

I ran Fix-download, it downloaded the 4 small programs and the Manuel, got CCleaner to install, and ran it (it worked fine), MalwarebytesAM doesn't work (won't install). When I double-click on MalwarebytesAM, all I get is a box that looks like the DOS prompt, that flashes on screen for just a second and then nothing.

I have noticed that when i press CTRl/ALT/DEL I have wowexec (with a space before the wow) running and a few other mischevious looking programs running.

Posted 5/6/2009 2:35 AM

#73305

keng53140 Advanced member

Date Joined Nov 2016
Total Posts: 77

mDNSResponder.exe, VTTimer.exe & gamevance32.exe are a couple of the other programs that I don't know y there running.

Can you guys provide me with some help, or do you have any ideas on whats might be going on??

Posted 5/6/2009 3:38 AM

#73307

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12974

Hello :smile:

Please download Combofix:

https://subs.geekstogo.com/ComboFix.exe

And save to the desktop.

Close all other browser windows.

Please connect all your external hard drive/flash drive before running Combofix, if you have any

Double-click on the combofix icon found on your desktop.

Please note, that once you start combofix you should not click anywhere on the combofix window as it can cause the program to stall. In fact, when combofix is running, do not touch your computer at all and just take a break as it may take a while for it to complete.

Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please post it to your next reply

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />[/color]
Do not PM me with logfiles. They will be deleted.

Posted 5/6/2009 7:05 PM

#73325

keng53140 Advanced member

Date Joined Nov 2016
Total Posts: 77

ComboFix 09-05-05.05 - Admin 05/06/2009 13:17.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.959.383 [GMT -5:00]
Running from: c:\documents and settings\Admin\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated)
AV: CA Anti-Virus *On-access scanning disabled* (Updated)
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Gamevance\gamevancelib32.dll
c:\program files\Gamevance\gvtl.dll

.
((((((((((((((((((((((((( Files Created from 2009-04-06 to 2009-05-06 )))))))))))))))))))))))))))))))
.

2009-05-06 05:09 . 2009-05-06 18:04 -------- d-----w c:\windows\CAVTemp
2009-05-06 03:13 . 2009-05-06 03:12 108368 ----a-w c:\windows\system32\drivers\veteboot.sys
2009-05-06 03:13 . 2009-05-06 03:12 880560 ----a-w c:\windows\system32\drivers\vetefile.sys
2009-05-06 03:11 . 2007-08-20 18:38 32264 ----a-w c:\windows\system32\drivers\vetmonnt.sys
2009-05-06 03:11 . 2007-08-20 18:38 21512 ----a-w c:\windows\system32\drivers\vetfddnt.sys
2009-05-06 03:11 . 2007-08-20 18:38 21128 ----a-w c:\windows\system32\drivers\vet-rec.sys
2009-05-06 03:11 . 2007-08-20 18:38 26376 ----a-w c:\windows\system32\drivers\vet-filt.sys
2009-05-06 03:11 . 2007-08-20 18:26 79424 ----a-w c:\windows\system32\vetredir.dll
2009-05-06 03:11 . 2007-08-20 18:37 75016 ----a-w c:\windows\system32\isafprod.dll
2009-05-06 03:11 . 2007-08-20 18:37 99592 ----a-w c:\windows\system32\isafeif.dll
2009-05-06 03:10 . 2009-05-06 03:10 -------- d-----w c:\program files\Common Files\Scanner
2009-05-06 03:10 . 2009-05-06 03:18 -------- d-----w c:\documents and settings\All Users\Application Data\CA
2009-05-06 03:10 . 2009-05-06 03:10 -------- d-----w c:\program files\CA
2009-05-05 16:32 . 2009-05-05 16:32 -------- d-----w c:\program files\CCleaner
2009-04-17 20:48 . 2009-04-17 20:49 -------- d-----w C:\Hijackthis
2009-04-16 13:25 . 2009-03-06 14:22 284160 -c----w c:\windows\system32\dllcache\pdh.dll
2009-04-16 13:25 . 2009-02-09 12:10 401408 -c----w c:\windows\system32\dllcache\rpcss.dll
2009-04-16 13:25 . 2009-02-06 11:11 110592 -c----w c:\windows\system32\dllcache\services.exe
2009-04-16 13:25 . 2009-02-09 12:10 473600 -c----w c:\windows\system32\dllcache\fastprox.dll
2009-04-16 13:25 . 2009-02-06 10:10 227840 -c----w c:\windows\system32\dllcache\wmiprvse.exe
2009-04-16 13:25 . 2009-02-09 12:10 453120 -c----w c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-16 13:25 . 2009-02-09 12:10 729088 -c----w c:\windows\system32\dllcache\lsasrv.dll
2009-04-16 13:25 . 2009-02-09 12:10 617472 -c----w c:\windows\system32\dllcache\advapi32.dll
2009-04-16 13:25 . 2009-02-09 12:10 714752 -c----w c:\windows\system32\dllcache\ntdll.dll
2009-04-16 13:24 . 2008-05-03 11:55 2560 ------w c:\windows\system32\xpsp4res.dll
2009-04-16 13:24 . 2008-04-21 12:08 215552 -c----w c:\windows\system32\dllcache\wordpad.exe
2009-04-16 02:25 . 2009-04-16 02:25 -------- d-----w c:\program files\MSECache

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-06 18:19 . 2009-03-25 16:24 -------- d-----w c:\program files\Gamevance
2009-05-06 03:14 . 2006-09-27 03:09 87824 ----a-w c:\documents and settings\Admin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-06 02:56 . 2006-03-17 14:36 -------- d-----w c:\program files\Watchtower
2009-04-29 21:40 . 2008-05-24 21:33 664 ----a-w c:\windows\system32\d3d9caps.dat
2009-03-26 01:33 . 2009-03-26 01:33 -------- d-----w c:\program files\MSBuild
2009-03-26 01:33 . 2009-03-26 01:33 -------- d-----w c:\program files\Reference Assemblies
2009-03-10 19:52 . 2009-03-07 20:01 410984 ----a-w c:\windows\system32\deploytk.dll
2009-03-10 19:21 . 2006-02-04 23:50 -------- d-----w c:\program files\Yahoo!
2009-03-09 00:51 . 2007-11-07 18:03 -------- d-----w c:\program files\DivX
2009-03-09 00:18 . 2009-03-09 00:18 -------- d-----w c:\program files\Windows Media Connect 2
2009-03-08 23:45 . 2009-03-08 23:45 -------- d-----w c:\program files\Microsoft
2009-03-08 23:45 . 2009-03-08 23:45 -------- d-----w c:\program files\Windows Desktop Search
2009-03-08 21:38 . 2009-03-08 21:38 -------- d-----w c:\program files\iTunes
2009-03-08 21:38 . 2009-03-08 21:38 -------- d-----w c:\program files\iPod
2009-03-08 21:37 . 2009-03-08 21:37 -------- d-----w c:\program files\Bonjour
2009-03-08 21:37 . 2009-03-08 21:36 -------- d-----w c:\program files\QuickTime
2009-03-08 21:35 . 2009-03-08 21:35 -------- d-----w c:\program files\Apple Software Update
2009-03-08 21:34 . 2009-03-08 21:34 -------- d-----w c:\program files\Common Files\Apple
2009-03-08 21:09 . 2006-01-30 21:12 -------- d--h--w c:\program files\InstallShield Installation Information
2009-03-07 20:00 . 2006-03-09 04:31 -------- d-----w c:\program files\Java
2009-03-06 14:22 . 2001-08-23 12:00 284160 ----a-w c:\windows\system32\pdh.dll
2009-03-03 00:18 . 2004-01-08 21:23 826368 ----a-w c:\windows\system32\wininet.dll
2009-02-26 18:57 . 2009-02-26 18:57 10520 ----a-w c:\windows\system32\avgrsstx.dll
2009-02-26 18:57 . 2009-02-26 18:57 107272 ----a-w c:\windows\system32\drivers\avgtdix.sys
2009-02-26 18:57 . 2009-02-26 18:57 325128 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-02-20 18:09 . 2004-08-04 07:56 78336 ------w c:\windows\system32\ieencode.dll
2009-02-09 12:10 . 2001-08-23 12:00 729088 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 12:10 . 2006-02-19 00:38 401408 ----a-w c:\windows\system32\rpcss.dll
2009-02-09 12:10 . 2001-08-23 12:00 714752 ----a-w c:\windows\system32\ntdll.dll
2009-02-09 12:10 . 2001-08-23 12:00 617472 ----a-w c:\windows\system32\advapi32.dll
2009-02-09 11:13 . 2001-08-23 12:00 1846784 ----a-w c:\windows\system32\win32k.sys
2009-02-08 00:02 . 2001-08-17 13:48 2066048 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-02-06 11:11 . 2001-08-23 12:00 110592 ----a-w c:\windows\system32\services.exe
2009-02-06 11:08 . 2001-08-23 12:00 2189056 ----a-w c:\windows\system32\ntoskrnl.exe
2009-02-06 10:39 . 2001-08-23 12:00 35328 ----a-w c:\windows\system32\sc.exe
2008-12-09 20:02 . 2006-01-28 21:40 67696 ----a-w c:\program files\mozilla firefox\components\jar50.dll
2008-12-09 20:02 . 2006-01-28 21:40 54376 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll
2008-12-09 20:02 . 2008-05-22 21:25 34952 ----a-w c:\program files\mozilla firefox\components\myspell.dll
2008-12-09 20:02 . 2008-05-22 21:25 46720 ----a-w c:\program files\mozilla firefox\components\spellchk.dll
2008-12-09 20:02 . 2006-01-28 21:40 172144 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Omnipage"="c:\program files\ScanSoft\OmniPageSE\opware32.exe" [2002-02-21 49152]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-07 57344]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-02-26 1601304]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-10 148888]
"Gamevance"="c:\program files\Gamevance\gamevance32.exe" [2009-03-25 105472]
"cctray"="c:\program files\CA\CA Internet Security Suite\cctray\cctray.exe" [2009-05-06 177392]
"CAVRID"="c:\program files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe" [2007-08-20 230664]
"VTTimer"="VTTimer.exe" - c:\windows\system32\VTTimer.exe [2005-03-07 53248]
"VTTrayp"="VTtrayp.exe" - c:\windows\system32\VTTrayp.exe [2005-03-11 147456]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
Device Detector 3.lnk - c:\program files\Olympus\DeviceDetector\DevDtct2.exe [2007-1-23 118784]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-27 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-02-26 18:57 10520 ----a-w c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ComputerAssociatesAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2/26/2009 1:57 PM 325128]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2/26/2009 1:57 PM 107272]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2/26/2009 1:57 PM 298264]
R3 PPCtlPriv;PPCtlPriv;c:\program files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe [8/16/2007 9:10 PM 189704]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [11/1/2008 5:02 PM 33752]
.
Contents of the 'Scheduled Tasks' folder

2009-03-08 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]

2009-05-06 c:\windows\Tasks\CAAntiSpywareScan_Daily as Admin at 3 00 AM.job
- c:\program files\CA\CA Internet Security Suite\CA Anti-Spyware\CAAntiSpyware.exe [2007-08-17 02:10]
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-Cmaudio - cmicnfg.cpl

.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*https://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://www.yahoo.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
LSP: c:\windows\system32\VetRedir.dll
Trusted Zone: ebay.com\www
FF - ProfilePath -
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, https://www.gmer.net
Rootkit scan 2009-05-06 14:00
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(700)
c:\program files\CA\SharedComponents\PPRT\bin\CACheck.dll
c:\program files\CA\SharedComponents\PPRT\bin\CAHook.dll
c:\program files\CA\SharedComponents\PPRT\bin\CAServer.dll

- - - - - - - > 'lsass.exe'(756)
c:\windows\system32\VetRedir.dll
c:\windows\system32\ISafeIf.dll

- - - - - - - > 'explorer.exe'(2128)
c:\program files\CA\SharedComponents\PPRT\bin\CACheck.dll
c:\program files\CA\SharedComponents\PPRT\bin\CAHook.dll
c:\program files\CA\SharedComponents\PPRT\bin\CAServer.dll
c:\program files\ScanSoft\OmniPageSE\ophook32.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\CA\CA Internet Security Suite\CA Anti-Virus\isafe.exe
c:\program files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\CA\CA Internet Security Suite\CA Anti-Virus\vetmsg.exe
c:\windows\system32\searchindexer.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\searchprotocolhost.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\ntvdm.exe
c:\program files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe
c:\program files\CA\CA Internet Security Suite\ccprovsp.exe
c:\windows\system32\searchfilterhost.exe
c:\windows\system32\imapi.exe
.
**************************************************************************
.
Completion time: 2009-05-06 14:02 - machine was rebooted
ComboFix-quarantined-files.txt 2009-05-06 19:02

Pre-Run: 97,652,387,840 bytes free
Post-Run: 97,733,750,784 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

210 --- E O F --- 2009-04-17 21:51

Posted 5/7/2009 7:45 PM

#73353

keng53140 Advanced member

Date Joined Nov 2016
Total Posts: 77

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:42:28 PM, on 5/7/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe
C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Admin\Desktop\FIX\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = [url=https://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*https://www.yahoo.com/ext/search/search.html]https://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*https://www.yahoo.com/ext/search/search.html[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = [url=https://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://www.yahoo.com]https://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://www.yahoo.com[/url]
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Gamevance] C:\Program Files\Gamevance\gamevance32.exe a
O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe"
O4 - HKLM\..\Run: [QOELOADER] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - https://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1236551307093
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - https://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: PPCtlPriv - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe
O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe

--
End of file - 8187 bytes

Posted 5/7/2009 7:51 PM

#73354

keng53140 Advanced member

Date Joined Nov 2016
Total Posts: 77

The file MalwarebytesAm.exe still won't work, however instead of
Flashing a window with what looks like the DOS prompt when I run it,

the window now hangs for roughly 1 or 2 seconds then goes away.

Also I have tried to uninstall AVG 8.0 and it won't, I get a registry error.

Posted 5/8/2009 7:02 AM

#73365

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12974

Ok. Let´s remove AVG8 manually -

Open notepad and copy/paste the text in the quotebox below into it:

Name the file as CFScript
and Save it on the desktop

[color=black>Quote: [/b]

Killall::

Snapshot::

Folder::

c:\windows\system32\drivers\avgldx86.sys

c:\windows\system32\drivers\avgtdix.sys
c:\progra~1\AVG\AVG8\avgwdsvc.exe

Folder::
c:\program files\AVG

Driver::

AvgLdx86

AvgTdiX

avg8wd

https://www.fromsej.saknet.dk/billeder/cfscript.gif[/color][/url]

Once saved, refering to the picture above, drag CFScript.txt into ComboFix.exe.

Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please post it to your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Posted 5/8/2009 6:16 PM

#73378

keng53140 Advanced member

Date Joined Nov 2016
Total Posts: 77

ComboFix 09-05-05.05 - Admin 05/08/2009 13:00.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.959.518 [GMT -5:00]
Running from: c:\documents and settings\Admin\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Admin\Desktop\cfscript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated)
AV: CA Anti-Virus *On-access scanning disabled* (Updated)
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\AVG
c:\program files\AVG\AVG8\avg.snu
c:\program files\AVG\AVG8\avg7api.dll
c:\program files\AVG\AVG8\avg8us.lng
c:\program files\AVG\AVG8\avgabout.dll
c:\program files\AVG\AVG8\avgamnot.dll
c:\program files\AVG\AVG8\avgapix.dll
c:\program files\AVG\AVG8\avgatend.stp
c:\program files\AVG\AVG8\avgatupd.stp
c:\program files\AVG\AVG8\avgbat.bav
c:\program files\AVG\AVG8\avgcclix.dll
c:\program files\AVG\AVG8\avgcfgex.exe
c:\program files\AVG\AVG8\avgcfgx.dll
c:\program files\AVG\AVG8\avg!!!!x.dll
c:\program files\AVG\AVG8\avgcmgr.exe
c:\program files\AVG\AVG8\avgcorex.dll
c:\program files\AVG\AVG8\avgcrlpx.dll
c:\program files\AVG\AVG8\avgcsrvx.exe
c:\program files\AVG\AVG8\avgdumpx.exe
c:\program files\AVG\AVG8\avgf8us.chm
c:\program files\AVG\AVG8\avgfrw.exe
c:\program files\AVG\AVG8\avginet.dll
c:\program files\AVG\AVG8\avgiproxy.exe
c:\program files\AVG\AVG8\avglngx.dll
c:\program files\AVG\AVG8\avglogx.dll
c:\program files\AVG\AVG8\avgmail.dll
c:\program files\AVG\AVG8\avgmvflx.dll
c:\program files\AVG\AVG8\avgmwdef_us.mht
c:\program files\AVG\AVG8\avgnsx.exe
c:\program files\AVG\AVG8\avgoff2k.dll
c:\program files\AVG\AVG8\avgpp.dll
c:\program files\AVG\AVG8\avgresf.dll
c:\program files\AVG\AVG8\avgrsx.exe
c:\program files\AVG\AVG8\avgscanx.dll
c:\program files\AVG\AVG8\avgscanx.exe
c:\program files\AVG\AVG8\avgsched.dll
c:\program files\AVG\AVG8\avgse.dll
c:\program files\AVG\AVG8\avgsrmax.exe
c:\program files\AVG\AVG8\avgsrmx.dll
c:\program files\AVG\AVG8\avgssie.dll
c:\program files\AVG\AVG8\avgtray.exe
c:\program files\AVG\AVG8\avgui.exe
c:\program files\AVG\AVG8\avguiadv.dll
c:\program files\AVG\AVG8\avguires.dll
c:\program files\AVG\AVG8\avgupd.dll
c:\program files\AVG\AVG8\avgupd.exe
c:\program files\AVG\AVG8\avgvvx.dll
c:\program files\AVG\AVG8\avgwd.dll
c:\program files\AVG\AVG8\avgwdsvc.exe
c:\program files\AVG\AVG8\avgwdwsc.dll
c:\program files\AVG\AVG8\avgxch32.dll
c:\program files\AVG\AVG8\avgxpl.dll
c:\program files\AVG\AVG8\cf.dat
c:\program files\AVG\AVG8\contacts_us.html
c:\program files\AVG\AVG8\dbghelp.dll
c:\program files\AVG\AVG8\dfncfg.dat
c:\program files\AVG\AVG8\Firefox\chrome.manifest
c:\program files\AVG\AVG8\Firefox\Chrome\searchshield.jar
c:\program files\AVG\AVG8\Firefox\Components\avgssff.dll
c:\program files\AVG\AVG8\Firefox\Components\ISearchShield.xpt
c:\program files\AVG\AVG8\Firefox\install.rdf
c:\program files\AVG\AVG8\fixcfg.exe
c:\program files\AVG\AVG8\Icons\background_middle_gray.gif
c:\program files\AVG\AVG8\Icons\background_middle_green.gif
c:\program files\AVG\AVG8\Icons\background_middle_orange.gif
c:\program files\AVG\AVG8\Icons\background_middle_red.gif
c:\program files\AVG\AVG8\Icons\background_middle_yellow.gif
c:\program files\AVG\AVG8\Icons\background_top_gray.gif
c:\program files\AVG\AVG8\Icons\background_top_green.gif
c:\program files\AVG\AVG8\Icons\background_top_orange.gif
c:\program files\AVG\AVG8\Icons\background_top_red.gif
c:\program files\AVG\AVG8\Icons\background_top_yellow.gif
c:\program files\AVG\AVG8\Icons\block-doc.gif
c:\program files\AVG\AVG8\Icons\blocked.gif
c:\program files\AVG\AVG8\Icons\border_bottom_gray.gif
c:\program files\AVG\AVG8\Icons\border_bottom_green.gif
c:\program files\AVG\AVG8\Icons\border_bottom_orange.gif
c:\program files\AVG\AVG8\Icons\border_bottom_red.gif
c:\program files\AVG\AVG8\Icons\border_bottom_yellow.gif
c:\program files\AVG\AVG8\Icons\border_top_gray.gif
c:\program files\AVG\AVG8\Icons\border_top_green.gif
c:\program files\AVG\AVG8\Icons\border_top_orange.gif
c:\program files\AVG\AVG8\Icons\border_top_red.gif
c:\program files\AVG\AVG8\Icons\border_top_yellow.gif
c:\program files\AVG\AVG8\Icons\box_bottom_red.gif
c:\program files\AVG\AVG8\Icons\box_top_red.gif
c:\program files\AVG\AVG8\Icons\caution.gif
c:\program files\AVG\AVG8\Icons\click_here_gray.gif
c:\program files\AVG\AVG8\Icons\click_here_green.gif
c:\program files\AVG\AVG8\Icons\click_here_orange.gif
c:\program files\AVG\AVG8\Icons\click_here_red.gif
c:\program files\AVG\AVG8\Icons\click_here_yellow.gif
c:\program files\AVG\AVG8\Icons\clock.gif
c:\program files\AVG\AVG8\Icons\close.gif
c:\program files\AVG\AVG8\Icons\icons_blocked.gif
c:\program files\AVG\AVG8\Icons\icons_caution.gif
c:\program files\AVG\AVG8\Icons\icons_close.gif
c:\program files\AVG\AVG8\Icons\icons_safe.gif
c:\program files\AVG\AVG8\Icons\icons_unknown.gif
c:\program files\AVG\AVG8\Icons\icons_warning.gif
c:\program files\AVG\AVG8\Icons\LS_Logo_Results.gif
c:\program files\AVG\AVG8\Icons\safe.gif
c:\program files\AVG\AVG8\Icons\unknown.gif
c:\program files\AVG\AVG8\Icons\warning.gif
c:\program files\AVG\AVG8\license_us.txt
c:\program files\AVG\AVG8\Notification\arrow.gif
c:\program files\AVG\AVG8\Notification\arrow.png
c:\program files\AVG\AVG8\Notification\bg.png
c:\program files\AVG\AVG8\Notification\bullet.gif
c:\program files\AVG\AVG8\Notification\button_left.png
c:\program files\AVG\AVG8\Notification\button_left_hover.png
c:\program files\AVG\AVG8\Notification\button_right.png
c:\program files\AVG\AVG8\Notification\button_right_hover.png
c:\program files\AVG\AVG8\Notification\free8085_message_01_fr.html
c:\program files\AVG\AVG8\Notification\free8085_message_01_ge.html
c:\program files\AVG\AVG8\Notification\free8085_message_01_it.html
c:\program files\AVG\AVG8\Notification\free8085_message_01_jp.html
c:\program files\AVG\AVG8\Notification\free8085_message_01_nl.html
c:\program files\AVG\AVG8\Notification\free8085_message_01_pb.html
c:\program files\AVG\AVG8\Notification\free8085_message_01_pl.html
c:\program files\AVG\AVG8\Notification\free8085_message_01_sp.html
c:\program files\AVG\AVG8\Notification\free8085_message_01_us.html
c:\program files\AVG\AVG8\Notification\free8085_message_02_fr.html
c:\program files\AVG\AVG8\Notification\free8085_message_02_ge.html
c:\program files\AVG\AVG8\Notification\free8085_message_02_it.html
c:\program files\AVG\AVG8\Notification\free8085_message_02_jp.html
c:\program files\AVG\AVG8\Notification\free8085_message_02_nl.html
c:\program files\AVG\AVG8\Notification\free8085_message_02_pb.html
c:\program files\AVG\AVG8\Notification\free8085_message_02_pl.html
c:\program files\AVG\AVG8\Notification\free8085_message_02_sp.html
c:\program files\AVG\AVG8\Notification\free8085_message_02_us.html
c:\program files\AVG\AVG8\Notification\free8085_message_03_fr.html
c:\program files\AVG\AVG8\Notification\free8085_message_03_ge.html
c:\program files\AVG\AVG8\Notification\free8085_message_03_it.html
c:\program files\AVG\AVG8\Notification\free8085_message_03_jp.html
c:\program files\AVG\AVG8\Notification\free8085_message_03_nl.html
c:\program files\AVG\AVG8\Notification\free8085_message_03_pb.html
c:\program files\AVG\AVG8\Notification\free8085_message_03_pl.html
c:\program files\AVG\AVG8\Notification\free8085_message_03_sp.html
c:\program files\AVG\AVG8\Notification\free8085_message_03_us.html
c:\program files\AVG\AVG8\Notification\free8085_message_us.html
c:\program files\AVG\AVG8\Notification\head_blue_bg.png
c:\program files\AVG\AVG8\Notification\head_red_bg.png
c:\program files\AVG\AVG8\Notification\head_yellow_bg.png
c:\program files\AVG\AVG8\Notification\image_app_-de.png
c:\program files\AVG\AVG8\Notification\image_app_-en.png
c:\program files\AVG\AVG8\Notification\image_app_-fr.png
c:\program files\AVG\AVG8\Notification\image_app_-it.png
c:\program files\AVG\AVG8\Notification\image_app_-jp.png
c:\program files\AVG\AVG8\Notification\image_app_-la-es.png
c:\program files\AVG\AVG8\Notification\image_app_-nl.png
c:\program files\AVG\AVG8\Notification\image_app_-pl.png
c:\program files\AVG\AVG8\Notification\image_app_-pt-br.png
c:\program files\AVG\AVG8\Notification\image_shield.png
c:\program files\AVG\AVG8\Notification\shield.gif
c:\program files\AVG\AVG8\Notification\style.css
c:\program files\AVG\AVG8\ph.dat
c:\program files\AVG\AVG8\sb.dat
c:\program files\AVG\AVG8\sb.dat.xcd
c:\program files\AVG\AVG8\sb2.dat
c:\program files\AVG\AVG8\sc.dat
c:\program files\AVG\AVG8\sc.dat.xcd
c:\program files\AVG\AVG8\setup.dat
c:\program files\AVG\AVG8\setup.exe
c:\program files\AVG\AVG8\setupus.lns

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_AVG8WD
-------\Legacy_AVGLDX86
-------\Legacy_AVGTDIX
-------\Service_avg8wd
-------\Service_AvgLdx86
-------\Service_AvgTdiX

((((((((((((((((((((((((( Files Created from 2009-04-08 to 2009-05-08 )))))))))))))))))))))))))))))))
.

2009-05-06 05:09 . 2009-05-08 17:53 -------- d-----w c:\windows\CAVTemp
2009-05-06 03:13 . 2009-05-06 03:12 108368 ----a-w c:\windows\system32\drivers\veteboot.sys
2009-05-06 03:13 . 2009-05-06 03:12 880560 ----a-w c:\windows\system32\drivers\vetefile.sys
2009-05-06 03:11 . 2007-08-20 18:38 32264 ----a-w c:\windows\system32\drivers\vetmonnt.sys
2009-05-06 03:11 . 2007-08-20 18:38 21512 ----a-w c:\windows\system32\drivers\vetfddnt.sys
2009-05-06 03:11 . 2007-08-20 18:38 21128 ----a-w c:\windows\system32\drivers\vet-rec.sys
2009-05-06 03:11 . 2007-08-20 18:38 26376 ----a-w c:\windows\system32\drivers\vet-filt.sys
2009-05-06 03:11 . 2007-08-20 18:26 79424 ----a-w c:\windows\system32\vetredir.dll
2009-05-06 03:11 . 2007-08-20 18:37 75016 ----a-w c:\windows\system32\isafprod.dll
2009-05-06 03:11 . 2007-08-20 18:37 99592 ----a-w c:\windows\system32\isafeif.dll
2009-05-06 03:10 . 2009-05-06 03:10 -------- d-----w c:\program files\Common Files\Scanner
2009-05-06 03:10 . 2009-05-06 03:18 -------- d-----w c:\documents and settings\All Users\Application Data\CA
2009-05-06 03:10 . 2009-05-06 03:10 -------- d-----w c:\program files\CA
2009-05-05 16:32 . 2009-05-05 16:32 -------- d-----w c:\program files\CCleaner
2009-05-05 16:30 . 2009-05-05 16:30 45145784 ----a-w c:\temp\iss_en_32.exe
2009-04-17 20:48 . 2009-04-17 20:49 -------- d-----w C:\Hijackthis
2009-04-16 13:25 . 2009-03-06 14:22 284160 -c----w c:\windows\system32\dllcache\pdh.dll
2009-04-16 13:25 . 2009-02-09 12:10 401408 -c----w c:\windows\system32\dllcache\rpcss.dll
2009-04-16 13:25 . 2009-02-06 11:11 110592 -c----w c:\windows\system32\dllcache\services.exe
2009-04-16 13:25 . 2009-02-09 12:10 473600 -c----w c:\windows\system32\dllcache\fastprox.dll
2009-04-16 13:25 . 2009-02-06 10:10 227840 -c----w c:\windows\system32\dllcache\wmiprvse.exe
2009-04-16 13:25 . 2009-02-09 12:10 453120 -c----w c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-16 13:25 . 2009-02-09 12:10 729088 -c----w c:\windows\system32\dllcache\lsasrv.dll
2009-04-16 13:25 . 2009-02-09 12:10 617472 -c----w c:\windows\system32\dllcache\advapi32.dll
2009-04-16 13:25 . 2009-02-09 12:10 714752 -c----w c:\windows\system32\dllcache\ntdll.dll
2009-04-16 13:24 . 2008-05-03 11:55 2560 ------w c:\windows\system32\xpsp4res.dll
2009-04-16 13:24 . 2008-04-21 12:08 215552 -c----w c:\windows\system32\dllcache\wordpad.exe
2009-04-16 02:25 . 2009-04-16 02:25 -------- d-----w c:\program files\MSECache

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-06 18:19 . 2009-03-25 16:24 -------- d-----w c:\program files\Gamevance
2009-05-06 03:14 . 2006-09-27 03:09 87824 ----a-w c:\documents and settings\Admin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-05-06 02:56 . 2006-03-17 14:36 -------- d-----w c:\program files\Watchtower
2009-04-29 21:40 . 2008-05-24 21:33 664 ----a-w c:\windows\system32\d3d9caps.dat
2009-03-26 01:33 . 2009-03-26 01:33 -------- d-----w c:\program files\MSBuild
2009-03-26 01:33 . 2009-03-26 01:33 -------- d-----w c:\program files\Reference Assemblies
2009-03-10 19:52 . 2009-03-07 20:01 410984 ----a-w c:\windows\system32\deploytk.dll
2009-03-10 19:21 . 2006-02-04 23:50 -------- d-----w c:\program files\Yahoo!
2009-03-06 14:22 . 2001-08-23 12:00 284160 ----a-w c:\windows\system32\pdh.dll
2009-03-03 00:18 . 2004-01-08 21:23 826368 ----a-w c:\windows\system32\wininet.dll
2009-02-26 18:57 . 2009-02-26 18:57 10520 ----a-w c:\windows\system32\avgrsstx.dll
2009-02-26 18:57 . 2009-02-26 18:57 107272 ----a-w c:\windows\system32\drivers\avgtdix.sys
2009-02-26 18:57 . 2009-02-26 18:57 325128 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-02-20 18:09 . 2004-08-04 07:56 78336 ------w c:\windows\system32\ieencode.dll
2009-02-09 12:10 . 2001-08-23 12:00 729088 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 12:10 . 2006-02-19 00:38 401408 ----a-w c:\windows\system32\rpcss.dll
2009-02-09 12:10 . 2001-08-23 12:00 714752 ----a-w c:\windows\system32\ntdll.dll
2009-02-09 12:10 . 2001-08-23 12:00 617472 ----a-w c:\windows\system32\advapi32.dll
2009-02-09 11:13 . 2001-08-23 12:00 1846784 ----a-w c:\windows\system32\win32k.sys
2009-02-08 00:02 . 2001-08-17 13:48 2066048 ----a-w c:\windows\system32\ntkrnlpa.exe
2008-12-09 20:02 . 2006-01-28 21:40 67696 ----a-w c:\program files\mozilla firefox\components\jar50.dll
2008-12-09 20:02 . 2006-01-28 21:40 54376 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll
2008-12-09 20:02 . 2008-05-22 21:25 34952 ----a-w c:\program files\mozilla firefox\components\myspell.dll
2008-12-09 20:02 . 2008-05-22 21:25 46720 ----a-w c:\program files\mozilla firefox\components\spellchk.dll
2008-12-09 20:02 . 2006-01-28 21:40 172144 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Omnipage"="c:\program files\ScanSoft\OmniPageSE\opware32.exe" [2002-02-21 49152]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-07 57344]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-10 148888]
"Gamevance"="c:\program files\Gamevance\gamevance32.exe" [2009-03-25 105472]
"cctray"="c:\program files\CA\CA Internet Security Suite\cctray\cctray.exe" [2009-05-06 177392]
"CAVRID"="c:\program files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe" [2007-08-20 230664]
"VTTimer"="VTTimer.exe" - c:\windows\system32\VTTimer.exe [2005-03-07 53248]
"VTTrayp"="VTtrayp.exe" - c:\windows\system32\VTTrayp.exe [2005-03-11 147456]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
Device Detector 3.lnk - c:\program files\Olympus\DeviceDetector\DevDtct2.exe [2007-1-23 118784]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-27 304128]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-02-26 18:57 10520 ----a-w c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ComputerAssociatesAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=

R3 PPCtlPriv;PPCtlPriv;c:\program files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe [8/16/2007 9:10 PM 189704]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [11/1/2008 5:02 PM 33752]
.
Contents of the 'Scheduled Tasks' folder

2009-03-08 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]

2009-05-06 c:\windows\Tasks\CAAntiSpywareScan_Daily as Admin at 3 00 AM.job
- c:\program files\CA\CA Internet Security Suite\CA Anti-Spyware\CAAntiSpyware.exe [2007-08-17 02:10]
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-AVG8_TRAY - c:\progra~1\AVG\AVG8\avgtray.exe

.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*https://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://www.yahoo.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
LSP: c:\windows\system32\VetRedir.dll
Trusted Zone: ebay.com\www
FF - ProfilePath -
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, https://www.gmer.net
Rootkit scan 2009-05-08 13:11
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(692)
c:\program files\CA\SharedComponents\PPRT\bin\CACheck.dll
c:\program files\CA\SharedComponents\PPRT\bin\CAHook.dll
c:\program files\CA\SharedComponents\PPRT\bin\CAServer.dll

- - - - - - - > 'lsass.exe'(748)
c:\windows\system32\VetRedir.dll
c:\windows\system32\ISafeIf.dll

- - - - - - - > 'explorer.exe'(1120)
c:\program files\CA\SharedComponents\PPRT\bin\CACheck.dll
c:\program files\CA\SharedComponents\PPRT\bin\CAHook.dll
c:\program files\CA\SharedComponents\PPRT\bin\CAServer.dll
c:\program files\ScanSoft\OmniPageSE\ophook32.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\CA\CA Internet Security Suite\CA Anti-Virus\isafe.exe
c:\program files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\CA\CA Internet Security Suite\CA Anti-Virus\vetmsg.exe
c:\windows\system32\searchindexer.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\searchprotocolhost.exe
c:\program files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe
c:\program files\CA\CA Internet Security Suite\ccprovsp.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\searchfilterhost.exe
.
**************************************************************************
.
Completion time: 2009-05-08 13:14 - machine was rebooted
ComboFix-quarantined-files.txt 2009-05-08 18:14
ComboFix2.txt 2009-05-06 19:02

Pre-Run: 97,680,015,360 bytes free
Post-Run: 97,552,990,208 bytes free

352 --- E O F --- 2009-04-17 21:51

Posted 5/9/2009 3:41 AM

#73385

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12974

No more AVG. How are things running now ?

Posted 5/9/2009 7:00 PM

#73393

keng53140 Advanced member

Date Joined Nov 2016
Total Posts: 77

so far so good if anything else pops up, ill let ya know. ty!

Posted 5/20/2009 9:37 PM

#73680

keng53140 Advanced member

Date Joined Nov 2016
Total Posts: 77

I dont think everything is fixed on here, my moms cpu is from time to time crawling on the internet, im getting popups when i try to go to this forum, and when i was using it winPC antivirus installed itself without me instructing the computer to do so, and it wont uninstall

Posted 5/21/2009 2:50 AM

#73688

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12974

Ok.

Download SmitfraudFix (by S!Ri) to your Desktop (Win2k/WinXP only!).
https://siri.urz.free.fr/Fix/SmitfraudFix.exe

Note : process.exe is part of the SmitFraudFix tool and is detected by some antivirus programs as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.

2. Reboot into Safe Mode
You can usually do this by restarting your computer and continually tapping F8 until a menu appears. Highlight Safe Mode and hit enter.

3. Once in Safe mode, open the SmitfraudFix folder and double-click smitfraudfix.cmd

Select option #2 - Clean by typing 2 and press Enter.
Wait for the tool to complete and disk cleanup to finish.
You will be prompted : "Registry cleaning - Do you want to clean the registry ?" answer Yes by typing Y and hit Enter.
The tool will also check if wininet.dll is infected. If a clean version is found, you will be prompted to replace wininet.dll. Answer Yes to the question "Replace infected file ?" by typing Y and hit Enter.

A reboot may be needed to finish the cleaning process, if you computer does not restart automatically please do it yourself manually.

Please post the log it produce -c:\rapport.txt

Posted 5/21/2009 7:58 PM

#73728

keng53140 Advanced member

Date Joined Nov 2016
Total Posts: 77

i downloaded smitfraudfix.exe rebooted in safemode ran smitfraudfix and i got an error saying that it encountered and error and connot continue

when i rebooted in normal mode and i use internet explorer to come to this forum i get a IExplorer screen saying visiting this site may be harmful to my computer and it wont let me procede, it does the same on mozilla but i am able to get around it and post.

my antivirus from time to time pops up with something wrong with ieocx.dll when i start up internet explorer

Posted 5/22/2009 5:45 AM

#73744

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12974

Ok. Let´s try malwarebyte, sightly different -

Download malwarebyte

[color=#222222>https://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?tag=mncol;pop&cdlPid=10878968[/url]

Save the file as setup.exe

Run the setup.exe file
When it gets to the final step of the installation it will seem like it froze....it hasn't but it will take anywhere from 15mins to an hour to get through that step so just let it do its thing.

If automatic update fail, download the manual update ->

https://www.gt500.org/malwarebytes/mbam-rules.exe[/color]

Go into the Malware folder in through Program Files
Rename the mbam.exe to 123.exe and run it.
Do a full computer scan
Check all and remove/fix/delete them.

Restart your computer and post the log

Posted 5/22/2009 7:14 PM

#73760

keng53140 Advanced member

Date Joined Nov 2016
Total Posts: 77

Malwarebytes' Anti-Malware 1.36
Database version: 2166
Windows 5.1.2600 Service Pack 3

5/22/2009 2:09:42 PM
mbam-log-2009-05-22 (14-09-42).txt

Scan type: Full Scan (C:\|)
Objects scanned: 150111
Time elapsed: 20 minute(s), 32 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 2
Registry Keys Infected: 13
Registry Values Infected: 4
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 8

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\WINDOWS\system32\iehelper.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\ieocx.dll (Trojan.BHO) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bbd4551a-9b23-41cd-9bcd-818aa2da7b63} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bbd4551a-9b23-41cd-9bcd-818aa2da7b63} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{bbd4551a-9b23-41cd-9bcd-818aa2da7b63} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\gamevancetext.linker.1 (Adware.Gamevance) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\WinPC Antivirus (Rogue.WinPCAntivirus) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{92dea029-400e-497b-863d-1e5cd71b6441} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{9580c756-9b78-41c8-8371-21105052831e} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b00d6c77-5229-41b0-86b9-5b31509557d4} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{eedc4410-6b4d-4d68-a6bd-c386f0335c1b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{eedc4410-6b4d-4d68-a6bd-c386f0335c1b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{eedc4410-6b4d-4d68-a6bd-c386f0335c1b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\UAC (Rootkit.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AvScan (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\system tool (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\avscan (Rogue.WinPCAntivirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\don't load\scui.cpl (Hijack.SecurityCenter) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\don't load\wscui.cpl (Hijack.SecurityCenter) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\iehelper.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\sysguard.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Admin\Local Settings\temp\install[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Admin\Start Menu\WinPC Antivirus.LNK (Rogue.WinPCAntivirus) -> Quarantined and deleted successfully.
C:\Documents and Settings\Admin\Application Data\winav.exe (Rogue.WinPCAntivirus) -> Quarantined and deleted successfully.
C:\WINDOWS\ieocx.dll (Trojan.BHO) -> Delete on reboot.
C:\WINDOWS\system32\uacinit.dll (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\Admin\Application Data\asd.bat (Rogue.WinPCDefender) -> Quarantined and deleted successfully.

Posted 5/23/2009 3:53 AM

#73771

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12974

Looks like [1]ieocx.dll are removed[/1].
[1][/1]

[1][/1]

Please post new hijackthis log, and tell how things are running ?

[1][/1]

[1][/1]

Posted 5/23/2009 5:05 PM

#73787

keng53140 Advanced member

Date Joined Nov 2016
Total Posts: 77

Logfile of HijackThis v1.99.1
Scan saved at 12:02:41 PM, on 5/23/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\Iexplore.exe
C:\Hijackthis\HijackThis.exe
C:\WINDOWS\system32\SearchProtocolHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*https://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*https://www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O1 - Hosts: 94.232.248.66 browser-security.microsoft.com
O1 - Hosts: 94.232.248.66 antivirprotection.com
O1 - Hosts: 94.232.248.66 www.antivirprotection.com
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe"
O4 - HKLM\..\Run: [QOELOADER] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - https://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1236551307093
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - https://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: PPCtlPriv - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe
O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe

Posted 5/23/2009 5:07 PM

#73788

keng53140 Advanced member

Date Joined Nov 2016
Total Posts: 77

the wowexec.exe with a space in front of the wow is back and once and awhile when i close mozilla I get a box that comes up saying that your computer is infected with adware and spyware but its not from my antivirus

Posted 5/24/2009 3:49 AM

#73803

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12974

Ok.

Download HostsExpert: [color=#0000ff>https://www.majorgeeks.com/Hoster_d4626.html[/b]

[2]Run HostsXpert 4.2 - Hosts File Manager from its new home
Click on "File Handling".
Click on "Restore MS Hosts File".
Click OK on the Confirmation box.
Click on "Make Read Only?"
Click the X to exit the program. [/2]

[2][/2]

Run a scan in HijackThis. Check each of the following and hit 'Fix checked' (after checking them) if they still exist (make sure not to miss any):
[2]O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)[/2]

[2]O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)[/2]

[2]O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)[/2]

[2]O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)[/2]

[2]Reboot, and tell if you still -"your computer is infected with adware and spyware but its not from my antivirus" message ?[/2]

Posted 5/25/2009 5:31 PM

#73828

keng53140 Advanced member

Date Joined Nov 2016
Total Posts: 77

no its gone, havn't seen it

Posted 6/1/2009 8:19 PM

#73999

keng53140 Advanced member

Date Joined Nov 2016
Total Posts: 77

It still seems like there is something wrong with my mom's computer when i run mozilla firefox or internet explorer.

The computer seems to hang when I click on links, or try to copy something, or even as I'm typing this, it's like something else is running, it takes a few seconds for it to catchup and run the program that I tell it to.

I don't know what it could be, any thought or suggestions on this matter???

Posted 6/2/2009 4:38 PM

#74032

keng53140 Advanced member

Date Joined Nov 2016
Total Posts: 77

I ran a scan last night and it found these
UACf90a.tmp is infected with Win32/Alureon
UACfafa.tmp is infected with Win32/TDSS!packed

Posted 6/7/2009 12:58 AM

#74163

keng53140 Advanced member

Date Joined Nov 2016
Total Posts: 77

any ideas on what i should do??

Posted 6/7/2009 3:11 AM

#74167

Jintan Advanced member

Date Joined Nov 2016
Total Posts: 1049

I have asked Touch if I might join in here keng53140. Those "UACxxx" suggests some unseen rootkit activity there. Let's check on that, okay?

Go to Start - Run, type devmgmt.msc (and OK).

When the Device Manager display opens click View - Show hidden devices.

Then in the list below that click the plus symbol (+) next to the following to expand that list:

Non-Plug and Play Drivers

In that list, see if you locate anything titled "UACxxx", where those "x"'s could be any character. Also looks for listings such as "Tdssxxx", or 8 character random names (for example - AB7f7rr8 or Yhg54st5). Write down any names you think I would want to review (even if some might be okay devices) and post them here in your next reply.

--------------------------

Also Click here and download the installer for Gmer to your desktop, then click that file to run Gmer.

If on it's opening scan Gmer locates items shown in red or indicates "hidden" or "rootkit", stop there, and click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please. We don't want any crashes just from taking an initial look at things.

If not, then click on Scan (before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan).

When completed, click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please.

Posted 6/9/2009 3:12 AM

#74229

keng53140 Advanced member

Date Joined Nov 2016
Total Posts: 77

none of the programs you told me to look for in device manager

GMER 1.0.15.14972 - https://www.gmer.net
Rootkit scan 2009-06-08 22:10:25
Windows 5.1.2600 Service Pack 3

---- User code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\SearchIndexer.exe[3740] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[364] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ c:\windows\system32\rpcss.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[984] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\winlogon.exe [ADVAPI32.dll!CreateProcessAsUserW] [10010290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1060] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] [10010290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1200] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [00F6F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [00F6FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [00F6FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [00F6FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [00F6FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [00F6FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [00F6F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [00F6FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [00F6FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [00F6F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [00F6FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [00F6FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [00F6F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [00F6FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [00F70640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [00F6FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [00F6F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [00F6FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [00F6FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [00F6FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [00F6F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [00F6FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [00F6F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [00F6FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [00F6FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [00F6FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [00F6F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [00F70640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [00F6F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [00F6FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [00F70470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [00F70640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [00F70290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [00F6FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [00F70640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [00F6FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [00F6F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [00F6FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [00F6F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [00F6F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [00F6FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [00F6FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [00F70470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [00F70640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [00F6FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [00F6F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [00F70290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [00F6FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [00F6F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [00F70640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [00F6F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [00F6FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ c:\windows\system32\rpcss.dll [ADVAPI32.dll!CreateProcessAsUserW] [00F70290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryA] [00F6FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!GetProcAddress] [00F6F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!CreateProcessW] [00F70640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExA] [00F6F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryW] [00F6FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExW] [00F6FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [00F6F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [00F6FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [00F6FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [00F6F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [00F6F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [00F6FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [00F6FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1320] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [00F6F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1344] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!CreateProcessAsUserA] [100100B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1424] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcAddress] [00D4F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [00D4FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] [00D4FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [00D4FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [00D4FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [00D4FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [00D4F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [00D4FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [00D4FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [00D4F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [00D4FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [00D4FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [00D4F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [00D4FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [00D50640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [00D4FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [00D4F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [00D4FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [00D4FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [00D4FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [00D4F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [00D4FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [00D4F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [00D4FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [00D4FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [00D4FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [00D4F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [00D50640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [00D4F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [00D4FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [00D50470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [00D50640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [00D50290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [00D4FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [00D50640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [00D4FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [00D4F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [00D4FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [00D4F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [00D4F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [00D4FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [00D4FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [00D50470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [00D50640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [00D4FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [00D4F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [00D50290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [00D4FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [00D4F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [00D50640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [00D4F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [00D4FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [00D4FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [00D4FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [00D4F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [00D4F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [00D4FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [00D4F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [00D4FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [00D4FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1688] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [00D4F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryExA] [01A8F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryExW] [01A8FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryA] [01A8FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!CreateProcessW] [01A90640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryW] [01A8FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!GetProcAddress] [01A8F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [01A8FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [01A8FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [01A8FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [01A8F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [01A8FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [01A8FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [01A8F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [01A8FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [01A8FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [01A8F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [01A8FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [01A8FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [01A8F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [01A8FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [01A8FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [01A90640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [01A8FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [01A8F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [01A8FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [01A8F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [01A8FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [01A90470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [01A90640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [01A8F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [01A8FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [01A8FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [01A8FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [01A8F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [01A90640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [01A8F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [01A8FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [01A8FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [01A90470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [01A90640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [01A8FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [01A8F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [01A8F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [01A8FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [01A8F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [01A8FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [01A8FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [01A8FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [01A8F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!CreateProcessAsUserA] [01A900B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [01A8FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [01A8FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [01A8F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [01A8FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [01A90290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [01A8FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [01A90640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [01A8FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [01A8F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [01A8FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [01A8F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [01A90290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [01A8FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [01A8F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [01A90640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [01A8F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [01A8FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [01A8FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [01A8F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [01A8F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [01A8FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [01A8F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [01A8FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [01A8FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1728] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [01A8F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcAddress] [02B4F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [02B4FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] [02B4FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [02B4FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [02B4FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [02B4FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [02B4F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [02B4FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [02B4FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [02B4F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [02B4FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [02B4FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [02B4F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [02B4FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [02B50640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [02B4FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [02B4F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [02B4FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [02B4FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [02B4FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [02B4F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [02B4FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [02B4F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [02B4FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [02B4FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [02B4FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [02B4F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [02B50640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [02B4F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [02B4FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [02B50470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [02B50640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [02B50290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [02B4FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [02B50640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [02B4FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [02B4F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [02B4FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [02B4F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [02B4F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [02B4FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [02B4FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [02B50470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [02B50640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [02B4FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [02B4F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [02B50290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [02B4FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [02B4F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [02B50640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [02B4F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [02B4FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [02B4FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [02B4FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [02B4F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [02B4F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [02B4FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [02B4FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [02B4F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [02B4F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [02B4FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [02B4F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [02B4FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [02B4F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [02B4FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!CreateProcessAsUserA] [02B500B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [02B4FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [02B4FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [02B4F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [02B4FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [02B4FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1804] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [02B4F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs VET-REC.SYS (CA Antivirus File Protection Driver/Computer Associates International, Inc.)

---- EOF - GMER 1.0.15 ----

Post a reply

Page

Unread posts or replies
No unread posts or replies
Unread Posts (Read Only Forum)
No Unread Posts (Read Only Forum)

Forum Information

Currently it is Monday, July 4, 2022, 8:05 AM (GMT +2)
There are a total of 61,974 posts in 13,697 threads.
In the last 3 days there were 0 new threads and 0 reply posts.

Touch Advanced member

Touch Advanced member

Change language

FORUMS

SEARCH FORUM

My Moms Computer

keng53140 Advanced member

keng53140 Advanced member

Touch Advanced member

keng53140 Advanced member

keng53140 Advanced member

keng53140 Advanced member

Touch Advanced member

keng53140 Advanced member

Touch Advanced member

keng53140 Advanced member

keng53140 Advanced member

Touch Advanced member

keng53140 Advanced member

keng53140 Advanced member

Touch Advanced member

keng53140 Advanced member

keng53140 Advanced member

keng53140 Advanced member

keng53140 Advanced member

keng53140 Advanced member

keng53140 Advanced member

Jintan Advanced member

keng53140 Advanced member

Forum Information

Who's online