Rdw

RR is offering free CA 2010 Internet Suite but won't install until Malwarebytes is removed. Any way around this? I realize some don't like CA but the price is right... Malwarebytes has come to my rescue in the past and I hate to give it up.

Maurice, thanks for the patience and time to walk thru this with me. Roger

Maurice, all 3 logs are attached Malwarebytes' Anti-Malware 1.44 Database version: 3640 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.13 1/26/2010 8:56:07 AM mbam-log-2010-01-26 (08-56-07).txt Scan type: Full Scan (C:\|D:\|G:\|H:\|I:\|K:\|) Objects scanned: 263147 Time elapsed: 1 hour(s), 16 minute(s), 7 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_09-12-01.01) Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume2 Install Date: 3/4/2008 8:52:22 PM System Uptime: 1/24/2010 8:45:09 AM (49 hours ago) Motherboard: Intel Corporation | | OEMD975XLAG1 Processor: Intel® Core2 CPU 6700 @ 2.66GHz | J3E1 | 2666/266mhz ==== Disk Partitions ========================= A: is Removable C: is FIXED (NTFS) - 70 GiB total, 20.778 GiB free. D: is FIXED (FAT32) - 4 GiB total, 2.73 GiB free. E: is CDROM (UDF) F: is CDROM () G: is FIXED (NTFS) - 19 GiB total, 7.216 GiB free. H: is FIXED (NTFS) - 488 GiB total, 310.208 GiB free. I: is FIXED (NTFS) - 293 GiB total, 236.827 GiB free. K: is FIXED (NTFS) - 150 GiB total, 127.406 GiB free. N: is Removable ==== Disabled Device Manager Items ============= ==== System Restore Points =================== RP15: 1/18/2010 10:19:30 PM - System Checkpoint RP16: 1/20/2010 12:18:34 AM - System Checkpoint RP17: 1/20/2010 1:54:23 PM - Spybot-S&D Spyware removal RP18: 1/21/2010 5:54:11 PM - System Checkpoint RP19: 1/21/2010 10:59:46 PM - Installed Windows XP -- Software Updates KB952011. RP20: 1/22/2010 8:14:19 AM - Software Distribution Service 3.0 RP21: 1/23/2010 2:23:48 PM - System Checkpoint RP22: 1/24/2010 7:32:35 PM - System Checkpoint RP23: 1/25/2010 9:05:37 PM - System Checkpoint ==== Installed Programs ====================== Ad-Aware Adobe Flash Player 10 ActiveX Adobe Reader 8.2.0 Adobe SVG Viewer 3.0 AnswerWorks 4.0 Runtime - English AnswerWorks 5.0 English Runtime ATI - Software Uninstall Utility ATI Catalyst Control Center ATI Display Driver ATI Parental Control & Encoder CA Anti-Spam CA Anti-Spyware CA Anti-Virus CA Internet Security Suite Canon MP Navigator 2.2 Canon MP830 Canon Utilities Easy-PhotoPrint CCleaner Compatibility Pack for the 2007 Office system Critical Update for Windows Media Player 11 (KB959772) DartViewer Data Lifeguard Diagnostic for Windows DxO Optics Pro 6 Easy-WebPrint EMBASSY Security Center ERUNT 1.1j Garmin Communicator Plugin Garmin MapSource Garmin TOPO U.S. 2008 Garmin USB Drivers Garmin WebUpdater Google Gears Google Toolbar for Internet Explorer Google Update Helper Greeting Card Factory Deluxe 7.0 gtw_logo GWCares High Definition Audio Driver Package - KB888111 HiJackThis Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Format SDK (KB902344) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB970653-v3) Hotfix for Windows XP (KB976098-v2) ieSpell Intel Audio Studio 2.0 Intel® PRO Network Connections Drivers InterVideo DeviceService Java 2 Runtime Environment, SE v1.4.2 Java 6 Update 17 Java 6 Update 7 Juniper Networks Host Checker Juniper Networks Secure Application Manager K-Lite Codec Pack 3.4.0 Full Malwarebytes' Anti-Malware Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB953297) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Base Smart Card Cryptographic Service Provider Package Microsoft Compression Client Pack 1.0 for Windows XP Microsoft English TTS Engine Microsoft Internationalized Domain Names Mitigation APIs Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 Microsoft Location Finder Microsoft National Language Support Downlevel APIs Microsoft Office Small Business Edition 2003 Microsoft Office XP Media Content Microsoft Streets & Trips 2007 Microsoft USB Flash Drive Manager Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable Microsoft Works MSXML 4.0 SP2 (KB925672) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK MSXML 6.0 Parser (KB925673) Multimedia Keyboard Driver Nero 8 neroxml Network USB Utility Noiseware Standard Edition NTRU Hybrid TSS v1.05 O&O Defrag Professional Edition OmniPage SE 2.0 Photo Story 3 for Windows Picasa 3 PowerDVD Presto! PageManager 7.15.11 QuickTime Recover My Files Recovery Software Suite Gateway Security Update for Step By Step Interactive Training (KB898458) Security Update for Windows Internet Explorer 7 (KB938127-v2) Security Update for Windows Internet Explorer 7 (KB953838) Security Update for Windows Internet Explorer 7 (KB956390) Security Update for Windows Internet Explorer 7 (KB958215) Security Update for Windows Internet Explorer 7 (KB960714) Security Update for Windows Internet Explorer 7 (KB961260) Security Update for Windows Internet Explorer 7 (KB963027) Security Update for Windows Internet Explorer 7 (KB969897) Security Update for Windows Internet Explorer 7 (KB972260) Security Update for Windows Internet Explorer 7 (KB974455) Security Update for Windows Internet Explorer 7 (KB976325) Security Update for Windows Internet Explorer 7 (KB978207) Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player 10 (KB911565) Security Update for Windows Media Player 10 (KB917734) Security Update for Windows Media Player 10 (KB936782) Security Update for Windows Media Player 11 (KB936782) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows Media Player 6.4 (KB925398) Security Update for Windows XP (KB913433) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923689) Security Update for Windows XP (KB938464) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950759) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951376) Security Update for Windows XP (KB951698) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB953838) Security Update for Windows XP (KB953839) Security Update for Windows XP (KB954211) Security Update for Windows XP (KB954459) Security Update for Windows XP (KB954600) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956391) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956841) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957095) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958690) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371) Security Update for Windows XP (KB961373) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969898) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB971961) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) SigmaTel Audio Smilebox Spelling Dictionaries Support For Adobe Reader 8 Spybot - Search & Destroy STMicroelectronics TPM Software Package TurboTax 2008 TurboTax 2008 WinPerFedFormset TurboTax 2008 WinPerProgramHelp TurboTax 2008 WinPerReleaseEngine TurboTax 2008 WinPerTaxSupport TurboTax 2008 WinPerUserEducation TurboTax 2008 wohiper TurboTax 2008 wrapper TurboTax Home & Business 2007 Ulead VideoStudio 11 Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Windows (KB971513) Update for Windows Internet Explorer 7 (KB976749) Update for Windows XP (KB951072-v2) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB955839) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) VideoStudio Viewpoint Media Player WD Backup WD Diagnostics WD Firewire HID Driver WebFldrs XP WIBU-KEY Setup (WIBU-KEY Remove) Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray Windows Genuine Advantage Notifications (KB905474) Windows Genuine Advantage Validation Tool (KB892130) Windows Internet Explorer 7 Windows Media Format 11 runtime Windows Media Format SDK Hotfix - KB891122 Windows Media Player 11 Windows Presentation Foundation Windows XP Service Pack 3 WinRAR archiver XML Paper Specification Shared Components Pack 1.0 ==== Event Viewer Messages From Past Week ======== 1/26/2010 7:28:13 AM, error: Service Control Manager [7034] - The NTRU Hybrid TSS v1.05 TCSD service terminated unexpectedly. It has done this 1 time(s). ==== End Of File =========================== DDS (Ver_09-12-01.01) - NTFSx86 Run by Administrator at 9:03:19.29 on Tue 01/26/2010 Internet Explorer: 7.0.5730.13 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2045.1217 [GMT -5:00] AV: CA Anti-Virus *On-access scanning disabled* (Updated) {17CFD1EA-56CF-40B5-A06B-BD3A27397C93} ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\Ati2evxx.exe svchost.exe C:\WINDOWS\System32\svchost.exe -k eapsvcs svchost.exe C:\WINDOWS\System32\svchost.exe -k dot3svc C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\zHotkey.exe C:\WINDOWS\system32\WDBtnMgr.exe C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe C:\Program Files\D-Link\Network USB Utility\Network USB Utility.exe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe C:\Program Files\Wave Systems Corp\Common\DataServer.exe C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\oodag.exe C:\WINDOWS\system32\IoctlSvc.exe C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Documents and Settings\Administrator\Application Data\Juniper Networks\Host Checker\dsHostChecker.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\explorer.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\Administrator\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.foxnews.com/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mStart Page = about:blank uSearchURL,(Default) = hxxp://www.google.com/search?q=%s BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: EWPBrowseObject Class: {68f9551e-0411-48e4-9aaf-4bc42a6a46be} - c:\program files\canon\easy-webprint\EWPBrowseLoader.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - c:\program files\google\google gears\internet explorer\0.5.33.0\gears.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\program files\canon\easy-webprint\Toolband.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe" mRun: [CHotkey] zHotkey.exe mRun: [WD Button Manager] WDBtnMgr.exe mRun: [OODefragTray] c:\windows\system32\oodtray.exe mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe" mRun: [cctray] "c:\program files\ca\ca internet security suite\cctray\cctray.exe" mRun: [QOELOADER] "c:\program files\ca\ca internet security suite\ca anti-spam\qsp-5.1.18.0\QOELoader.exe" mRun: [CAVRID] "c:\program files\ca\ca internet security suite\ca anti-virus\CAVRID.exe" mRun: [NeroFilterCheck] c:\program files\common files\nero\lib\NeroCheck.exe mRun: [D-Link Network USB Utility] c:\program files\d-link\network usb utility\Network USB Utility.exe -mini mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [CaPPcl] c:\program files\ca\ca internet security suite\ca anti-spyware\CAAntiSpyware.exe /scan /startup mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" IE: &ieSpell Options - c:\program files\iespell\iespell.dll/SPELLOPTION.HTM IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Check &Spelling - c:\program files\iespell\iespell.dll/SPELLCHECK.HTM IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html IE: Lookup on Merriam Webster - file://c:\program files\iespell\Merriam Webster.HTM IE: Lookup on Wikipedia - file://c:\program files\iespell\wikipedia.HTM IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://c:\program files\iespell\iespell.dll/SPELLCHECK.HTM IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://c:\program files\iespell\iespell.dll/SPELLOPTION.HTM IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.33.0\gears.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll LSP: c:\windows\system32\VetRedir.dll Trusted Zone: copcp.com\vpn Trusted Zone: copcp.com\www Trusted Zone: copcp.local\integreat Trusted Zone: iccchartweb1 Trusted Zone: icchart Trusted Zone: iccsql Trusted Zone: iccsql01 Trusted Zone: iccsql1 Trusted Zone: iccsql2 Trusted Zone: iccweb1 Trusted Zone: iccweb2 Trusted Zone: iccweb3 Trusted Zone: iccweb4 Trusted Zone: integreat Trusted Zone: integreat2 Trusted Zone: intradocs2 Trusted Zone: intuit.com Trusted Zone: plaxo.com\www Trusted Zone: turbotax.com DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://go.microsoft.com/fwlink/?linkid=58813 DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab DPF: {474F00F5-3853-492C-AC3A-476512BBC336} - hxxp://picasaweb.google.com/s/v/40.14/uploader2.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {92CAE93B-B7A5-4CC5-A3D2-DD215B8B4658} - hxxps://vpn.copcp.com/,DanaInfo=integreat+prsetupctl.ocx DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} - hxxps://vpn.copcp.com/dana-cached/setup/JuniperSetupSP1.cab Notify: AtiExtEvent - Ati2evxx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll Hosts: 127.0.0.1 www.spywareinfo.com ============= SERVICES / DRIVERS =============== R0 stmtpm;STM TPM Service;c:\windows\system32\drivers\stm_tpm.sys [2006-10-10 21504] R1 NEOFLTR_550_12129;Juniper Networks TDI Filter Driver (NEOFLTR_550_12129);c:\windows\system32\drivers\NEOFLTR_550_12129.sys [2007-10-3 63008] R1 VET-FILT;VET File System Filter;c:\windows\system32\drivers\vet-filt.sys [2008-9-25 26352] R1 VET-REC;VET File System Recognizer;c:\windows\system32\drivers\vet-rec.sys [2008-9-25 21104] R1 VETEFILE;VET File Scan Engine;c:\windows\system32\drivers\vetefile.sys [2009-10-13 739696] R1 VETFDDNT;VET Floppy Boot Sector Monitor;c:\windows\system32\drivers\vetfddnt.sys [2008-9-25 21488] R1 VETMONNT;VET File Monitor;c:\windows\system32\drivers\vetmonnt.sys [2008-9-25 32240] R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-7-7 611664] R2 CAISafe;CAISafe;c:\program files\ca\ca internet security suite\ca anti-virus\isafe.exe [2008-9-25 144960] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2009-12-23 236368] R2 VETMSGNT;VET Message Service;c:\program files\ca\ca internet security suite\ca anti-virus\vetmsg.exe [2008-9-25 238832] R3 DlinkUDSMBus;UDS Master Bus of Kernel USB Software Bus by TCP;c:\windows\system32\drivers\DlinkUDSMBus.sys [2008-8-18 73600] R3 DlinkUDSTcpBus;DlinkUDSTcpBus;c:\windows\system32\drivers\DlinkUDSTcpBus.sys [2008-8-18 97408] R3 IAMTXP;Driver for Intel® Active Management Technology - KCS;c:\windows\system32\drivers\IAMTXP.sys [2006-10-10 40448] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-12-23 19160] R3 PPCtlPriv;PPCtlPriv;c:\program files\ca\ca internet security suite\ca anti-spyware\PPCtlPriv.exe [2007-8-16 189704] R3 VETEBOOT;VET Boot Scan Engine;c:\windows\system32\drivers\veteboot.sys [2009-10-13 133520] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-7-18 133104] S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\31.tmp --> c:\windows\system32\31.tmp [?] S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2009-2-2 18688] S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2009-2-2 8320] S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [2009-2-2 42112] S3 motport;Motorola USB Diagnostic Port;c:\windows\system32\drivers\motport.sys [2009-2-2 23680] =============== Created Last 30 ================ 2010-01-17 04:28:52 0 d-----w- c:\program files\Western Digital 2010-01-17 04:27:41 0 d-----w- c:\program files\Western Digital Corporation 2010-01-17 04:27:31 20992 ----a-w- c:\windows\jestertb.dll 2010-01-16 23:42:14 0 d-----w- c:\documents and settings\administrator\New Folder 2010-01-12 13:22:42 0 d-----w- c:\program files\TrendMicro 2010-01-12 03:07:29 0 d-----w- C:\DCE 2010-01-03 13:20:28 0 d-----w- C:\_OTL 2009-12-31 03:27:09 0 d-----w- c:\docume~1\admini~1\applic~1\DxO Labs 2009-12-30 19:15:51 0 d-sha-r- C:\cmdcons 2009-12-30 19:15:15 98816 ----a-w- c:\windows\sed.exe 2009-12-30 19:15:15 77312 ----a-w- c:\windows\MBR.exe 2009-12-30 19:15:15 261632 ----a-w- c:\windows\PEV.exe 2009-12-30 19:15:15 161792 ----a-w- c:\windows\SWREG.exe ==================== Find3M ==================== 2010-01-07 21:07:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-07 21:07:04 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-01-05 10:00:29 832512 ----a-w- c:\windows\system32\wininet.dll 2010-01-05 10:00:21 78336 ----a-w- c:\windows\system32\ieencode.dll 2010-01-05 10:00:20 17408 ----a-w- c:\windows\system32\corpol.dll 2009-12-14 19:15:14 2146304 ----a-w- c:\windows\system32\GPhotos.scr 2009-12-01 16:29:33 739696 ----a-w- c:\windows\system32\drivers\vetefile.sys 2009-12-01 16:29:33 32240 ----a-w- c:\windows\system32\drivers\vetmonnt.sys 2009-12-01 16:29:33 26352 ----a-w- c:\windows\system32\drivers\vet-filt.sys 2009-12-01 16:29:33 21488 ----a-w- c:\windows\system32\drivers\vetfddnt.sys 2009-12-01 16:29:33 21104 ----a-w- c:\windows\system32\drivers\vet-rec.sys 2009-12-01 16:29:33 133520 ----a-w- c:\windows\system32\drivers\veteboot.sys 2009-11-13 22:57:16 922112 ------w- c:\windows\system32\imapi2fs.dll 2009-11-13 22:57:16 426496 ------w- c:\windows\system32\imapi2.dll ============= FINISH: 9:03:36.82 ===============

Sorry that was for the Bifrost trojan only

fyi -- I found 'camfrog 5.5.exe' in registry - a site suggested that was the bad file so I deleted it.

Maurice - sorry but I don't think it is over....Here is the log from routine scan today from CA antivirus... Computer is running fine. I am very concerned re passwords etc. CA Anti-Spyware Log Report This report was generated on: 1/19/2010-6:01:59 PM 1/19/2010-7:55:24 AM , Deleted , Bifrost , Backdoor , Key "hkey_users \s-1-5-21-1749186680-1974409891-280849654-500\software\wget" , -1 1/19/2010-7:55:24 AM , Deleted , WinSpywareProtect , Rogue Security Software , Key "hkey_users \s-1-5-21-1749186680-1974409891-280849654-500\software\microsoft\windows\currentversion\drivers" , -1 1/19/2010-7:55:24 AM , Deleted , WinAntiVirus Pro 2006 , Rogue Security Software , Key "hkey_classes_root \*\shellex\contextmenuhandlers\shellextension" , -1 1/19/2010-7:55:24 AM , Deleted , Bifrost , Backdoor , Key "hkey_users \s-1-5-21-1749186680-1974409891-280849654-500\software\wget" , -1 1/19/2010-7:55:24 AM , Deleted , WinSpywareProtect , Rogue Security Software , Key "hkey_users \s-1-5-21-1749186680-1974409891-280849654-500\software\microsoft\windows\currentversion\drivers" , -1 1/19/2010-7:55:24 AM , Deleted , WinAntiVirus Pro 2006 , Rogue Security Software , Key "hkey_classes_root \*\shellex\contextmenuhandlers\shellextension" , -1 ***End Report*** Roger

Removed both - was related to the f-online scanner. I hate to say "all is well" but no more issues unless you are seeing something in the log files. Anything else I need to do now?

Maurice, Overall definitely better but CA picked up again tolt.339 and trivial.25.C viruses in files cran.ivd and cran.cvd in the Settings\Temp\OnlineScanner\updates\aquawin32 this morning. it has done this 3 times since we started working on this. Is it a false + ? With Trend Micro, I saw the DivX folder had a virus found - I don't use it anymore so deleted it even though it said it was repaired. I found this thread that suggested trival.25 was related to F online scanner http://forum.avira.com/wbb/index.php?page=...p;postID=826152 Can I just perm delete the cran.cvd, cran.ivd files? Roger

Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 8:23:44 AM, on 1/12/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16945) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe C:\Program Files\Wave Systems Corp\Common\DataServer.exe C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\oodag.exe C:\WINDOWS\system32\IoctlSvc.exe C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS C:\WINDOWS\system32\svchost.exe C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v1.05\bin\tcsd_win32.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\zHotkey.exe C:\WINDOWS\system32\WDBtnMgr.exe C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [CHotkey] zHotkey.exe O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe" O4 - HKLM\..\Run: [QOELOADER] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-5.1.18.0\QOELoader.exe" O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [D-Link Network USB Utility] C:\Program Files\D-Link\Network USB Utility\Network USB Utility.exe -mini O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [CaPPcl] C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAAntiSpyware.exe /scan /startup O4 - HKLM\..\RunOnce: [TSC] "C:\DCE\TSC_Temp\tsc.exe" /HD O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O8 - Extra context menu item: Lookup on Merriam Webster - file://C:\Program Files\ieSpell\Merriam Webster.HTM O8 - Extra context menu item: Lookup on Wikipedia - file://C:\Program Files\ieSpell\wikipedia.HTM O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://vpn.copcp.com O15 - Trusted Zone: http://www.copcp.com O15 - Trusted Zone: http://integreat.copcp.local O15 - Trusted Zone: http://*.iccchartweb1 O15 - Trusted Zone: http://*.icchart O15 - Trusted Zone: http://*.iccsql O15 - Trusted Zone: http://*.iccsql01 O15 - Trusted Zone: http://*.iccsql1 O15 - Trusted Zone: http://*.iccsql2 O15 - Trusted Zone: http://*.iccweb1 O15 - Trusted Zone: http://*.iccweb2 O15 - Trusted Zone: http://*.iccweb3 O15 - Trusted Zone: http://*.iccweb4 O15 - Trusted Zone: http://*.integreat O15 - Trusted Zone: http://*.integreat2 O15 - Trusted Zone: http://*.intradocs2 O15 - Trusted Zone: *.intuit.com O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813 O16 - DPF: {22492231-AEF0-49FC-9180-CE8969AB1273} (F-Secure Online Scanner Launcher) - http://download.sp.f-secure.com/ols/f-secu.../fslauncher.cab O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.com/s/v/40.14/uploader2.cab O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {92CAE93B-B7A5-4CC5-A3D2-DD215B8B4658} (Setup Class) - https://vpn.copcp.com/,DanaInfo=integreat+prsetupctl.ocx O16 - DPF: {C42B23DF-334C-4AD0-9AB4-91FF53D04239} (AbImporter Class) - file:///C:/Documents%20and%20Settings/Administrator/Application%20Data/Smilebox/OzDesktopImporter.cab O16 - DPF: {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} (JuniperSetupSP1 Control) - https://vpn.copcp.com/dana-cached/setup/JuniperSetupSP1.cab O16 - DPF: {FF1CD9A3-00CD-45C1-8182-4EEC229A182D} (Plaxo Auto-Import Utility) - https://www.plaxo.com/activex/plx_upldr-2k-xp.cab O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: CaCCProvSP - Unknown owner - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe O23 - Service: DataSvr - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Common\DataServer.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: PPCtlPriv - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS O23 - Service: NTRU Hybrid TSS v1.05 TCSD (tcsd_win32.exe) - Unknown owner - C:\Program Files\NTRU Cryptosystems\NTRU Hybrid TSS v1.05\bin\tcsd_win32.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe -- End of file - 12753 bytes

Malwarebytes' Anti-Malware 1.44 Database version: 3545 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.13 1/12/2010 1:08:54 AM mbam-log-2010-01-12 (01-08-54).txt Scan type: Quick Scan Objects scanned: 110444 Time elapsed: 3 minute(s), 48 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)

sysclean.log /--------------------------------------------------------------\ | Trend Micro System Cleaner | | Copyright 2009-2010, Trend Micro, Inc. | | http://www.trendmicro.com | \--------------------------------------------------------------/ 2010-01-11, 22:22:55, Auto-clean mode specified. 2010-01-11, 22:22:55, Initialized Rootkit Driver version 2.2.0.1004. 2010-01-11, 22:22:55, Running scanner "C:\DCE\TSC.BIN"... 2010-01-11, 22:23:03, Scanner "C:\DCE\TSC.BIN" has finished running. 2010-01-11, 22:23:03, TSC Log:

Scanning Report Monday, January 11, 2010 21:02:34 - 21:52:35 Computer name: GATEWAY Scanning type: Scan system for malware, spyware and rootkits Target: C:\ D:\ G:\ I:\ M:\ -------------------------------------------------------------------------------- 3 malware found TrackingCookie.2o7 (spyware) System (Disinfected) TrackingCookie.Revsci (spyware) System (Disinfected) TrackingCookie.Atwola (spyware) System (Disinfected) -------------------------------------------------------------------------------- Statistics Scanned: Files: 377269 System: 4156 Not scanned: 116 Actions: Disinfected: 3 Renamed: 0 Deleted: 0 Not cleaned: 0 Submitted: 0 Files not scanned: C:\PAGEFILE.SYS C:\WINDOWS\TEMP\PERFLIB_PERFDATA_3B4.DAT C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG C:\WINDOWS\SYSTEM32\CONFIG\SAM C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG C:\WINDOWS\SYSTEM32\CONFIG\SECURITY C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG C:\SYSTEM VOLUME INFORMATION\MOUNTPOINTMANAGERREMOTEDATABASE C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\Quarantine\20100101060710.zip\0 C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\Quarantine\20100101060710.zip\1 C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\Quarantine\20100102060713.zip\0 C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\Quarantine\20100102060713.zip\1 C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\Quarantine\20100101060710.zip\2 C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\Quarantine\20100102060713.zip\2 C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\ZF612707.CAB\REFSPCL.TTF C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\ZF612707.CAB\REFSAN.TTF C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\ZF612707.CAB\MISTRAL.TTF C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\ZF612707.CAB\PAPYRUS.TTF C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\ZF612707.CAB\FREESCPT.TTF C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\ZF612707.CAB\ARIALNB.TTF C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\ZF612707.CAB\ARIALNBI.TTF C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\ZF612707.CAB\ARIALNI.TTF C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\ZF612707.CAB\ARIALN.TTF C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\NTUSER.DAT C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\NTUSER.DAT.LOG C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS\USRCLASS.DAT C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS\USRCLASS.DAT.LOG C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\NTUSER.DAT C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\NTUSER.DAT.LOG C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS\USRCLASS.DAT C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS\USRCLASS.DAT.LOG C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FraudSysguard.zip\sbRecovery.reg C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\FraudSysguard.zip\sbRecovery.ini C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityCenterdisabled.zip\sbRecovery.reg C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityCenterdisabled.zip\sbRecovery.ini C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\NTUSER.DAT C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\NTUSER.DAT.LOG C:\Documents and Settings\Administrator\My Documents\Ulead VideoStudio\11.0\DMF_TEMP\CvtedTitle\Mar13_2354x000Untitled_00.mpg C:\Documents and Settings\Administrator\My Documents\Ulead VideoStudio\11.0\DMF_TEMP\CvtedTitle\May01_2304x000Untitled_00.mpg C:\Documents and Settings\Administrator\My Documents\NeroVision\CapturedVideo\Deer 09.avi C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\~DF52C3.TMP C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\~DF5403.TMP C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\GOOGLE TOOLBAR\GOOGLETOOLBARWELCOME.LOG C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS\USRCLASS.DAT C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS\USRCLASS.DAT.LOG C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{F6354BD0-5428-4037-A494-CF67115CFFEC}\MICROSOFT\OUTLOOK EXPRESS\BILOXI TRIP.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{F6354BD0-5428-4037-A494-CF67115CFFEC}\MICROSOFT\OUTLOOK EXPRESS\BASKETBALL.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{F6354BD0-5428-4037-A494-CF67115CFFEC}\MICROSOFT\OUTLOOK EXPRESS\CME.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{F6354BD0-5428-4037-A494-CF67115CFFEC}\MICROSOFT\OUTLOOK EXPRESS\DELETED ITEMS.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{F6354BD0-5428-4037-A494-CF67115CFFEC}\MICROSOFT\OUTLOOK EXPRESS\GOLDENS.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{F6354BD0-5428-4037-A494-CF67115CFFEC}\MICROSOFT\OUTLOOK EXPRESS\EBAY.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{F6354BD0-5428-4037-A494-CF67115CFFEC}\MICROSOFT\OUTLOOK EXPRESS\INBOX.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{F6354BD0-5428-4037-A494-CF67115CFFEC}\MICROSOFT\OUTLOOK EXPRESS\ITUNES.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{F6354BD0-5428-4037-A494-CF67115CFFEC}\MICROSOFT\OUTLOOK EXPRESS\KIDS STUFF.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{F6354BD0-5428-4037-A494-CF67115CFFEC}\MICROSOFT\OUTLOOK EXPRESS\MG AUTO.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{F6354BD0-5428-4037-A494-CF67115CFFEC}\MICROSOFT\OUTLOOK EXPRESS\MYRTLE BEACH TRIP.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{F6354BD0-5428-4037-A494-CF67115CFFEC}\MICROSOFT\OUTLOOK EXPRESS\SENT ITEMS.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{F6354BD0-5428-4037-A494-CF67115CFFEC}\MICROSOFT\OUTLOOK EXPRESS\WANDA'S .DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{84238591-BD2B-446E-956C-1C33B0286B78}\MICROSOFT\OUTLOOK EXPRESS\BASKETBALL.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{84238591-BD2B-446E-956C-1C33B0286B78}\MICROSOFT\OUTLOOK EXPRESS\BILOXI TRIP (1).DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{84238591-BD2B-446E-956C-1C33B0286B78}\MICROSOFT\OUTLOOK EXPRESS\BILOXI TRIP.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{84238591-BD2B-446E-956C-1C33B0286B78}\MICROSOFT\OUTLOOK EXPRESS\BOATHOUSE.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{84238591-BD2B-446E-956C-1C33B0286B78}\MICROSOFT\OUTLOOK EXPRESS\CA ANTI-SPAM.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{84238591-BD2B-446E-956C-1C33B0286B78}\MICROSOFT\OUTLOOK EXPRESS\CME.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{84238591-BD2B-446E-956C-1C33B0286B78}\MICROSOFT\OUTLOOK EXPRESS\CREW (1).DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{84238591-BD2B-446E-956C-1C33B0286B78}\MICROSOFT\OUTLOOK EXPRESS\CREW.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{84238591-BD2B-446E-956C-1C33B0286B78}\MICROSOFT\OUTLOOK EXPRESS\DELETED ITEMS.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{84238591-BD2B-446E-956C-1C33B0286B78}\MICROSOFT\OUTLOOK EXPRESS\GOLDENS (1).DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{84238591-BD2B-446E-956C-1C33B0286B78}\MICROSOFT\OUTLOOK EXPRESS\HD WRESTLING.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{84238591-BD2B-446E-956C-1C33B0286B78}\MICROSOFT\OUTLOOK EXPRESS\HGSA SOFTBALL.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{84238591-BD2B-446E-956C-1C33B0286B78}\MICROSOFT\OUTLOOK EXPRESS\INBOX.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{84238591-BD2B-446E-956C-1C33B0286B78}\MICROSOFT\OUTLOOK EXPRESS\ITUNES.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{84238591-BD2B-446E-956C-1C33B0286B78}\MICROSOFT\OUTLOOK EXPRESS\KIDS STUFF (1).DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{84238591-BD2B-446E-956C-1C33B0286B78}\MICROSOFT\OUTLOOK EXPRESS\KIDS STUFF.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{84238591-BD2B-446E-956C-1C33B0286B78}\MICROSOFT\OUTLOOK EXPRESS\LADY LAKERS.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{84238591-BD2B-446E-956C-1C33B0286B78}\MICROSOFT\OUTLOOK EXPRESS\LAND.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{84238591-BD2B-446E-956C-1C33B0286B78}\MICROSOFT\OUTLOOK EXPRESS\MG AUTO (1).DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{84238591-BD2B-446E-956C-1C33B0286B78}\MICROSOFT\OUTLOOK EXPRESS\MISC..DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{84238591-BD2B-446E-956C-1C33B0286B78}\MICROSOFT\OUTLOOK EXPRESS\MYRTLE BEACH TRIP (1).DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{84238591-BD2B-446E-956C-1C33B0286B78}\MICROSOFT\OUTLOOK EXPRESS\MYRTLE BEACH TRIP.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{84238591-BD2B-446E-956C-1C33B0286B78}\MICROSOFT\OUTLOOK EXPRESS\RECEIPTS.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{84238591-BD2B-446E-956C-1C33B0286B78}\MICROSOFT\OUTLOOK EXPRESS\RED DEVILS.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{84238591-BD2B-446E-956C-1C33B0286B78}\MICROSOFT\OUTLOOK EXPRESS\SENT ITEMS (1).DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{84238591-BD2B-446E-956C-1C33B0286B78}\MICROSOFT\OUTLOOK EXPRESS\SUMMER BASEBALL.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{84238591-BD2B-446E-956C-1C33B0286B78}\MICROSOFT\OUTLOOK EXPRESS\WANDA'S (1).DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{84238591-BD2B-446E-956C-1C33B0286B78}\MICROSOFT\OUTLOOK EXPRESS\WANDA'S .DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{48A71D91-AEA7-4031-8448-5B0899D97FDF}\MICROSOFT\OUTLOOK EXPRESS\BASKETBALL.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{48A71D91-AEA7-4031-8448-5B0899D97FDF}\MICROSOFT\OUTLOOK EXPRESS\BILOXI TRIP.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{48A71D91-AEA7-4031-8448-5B0899D97FDF}\MICROSOFT\OUTLOOK EXPRESS\CME.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{48A71D91-AEA7-4031-8448-5B0899D97FDF}\MICROSOFT\OUTLOOK EXPRESS\CREW.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{48A71D91-AEA7-4031-8448-5B0899D97FDF}\MICROSOFT\OUTLOOK EXPRESS\DELETED ITEMS.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{48A71D91-AEA7-4031-8448-5B0899D97FDF}\MICROSOFT\OUTLOOK EXPRESS\EBAY.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{48A71D91-AEA7-4031-8448-5B0899D97FDF}\MICROSOFT\OUTLOOK EXPRESS\GOLDENS.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{48A71D91-AEA7-4031-8448-5B0899D97FDF}\MICROSOFT\OUTLOOK EXPRESS\INBOX.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{48A71D91-AEA7-4031-8448-5B0899D97FDF}\MICROSOFT\OUTLOOK EXPRESS\ITUNES.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{48A71D91-AEA7-4031-8448-5B0899D97FDF}\MICROSOFT\OUTLOOK EXPRESS\KIDS STUFF.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{48A71D91-AEA7-4031-8448-5B0899D97FDF}\MICROSOFT\OUTLOOK EXPRESS\LAND.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{48A71D91-AEA7-4031-8448-5B0899D97FDF}\MICROSOFT\OUTLOOK EXPRESS\MG AUTO.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{48A71D91-AEA7-4031-8448-5B0899D97FDF}\MICROSOFT\OUTLOOK EXPRESS\MISC..DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{48A71D91-AEA7-4031-8448-5B0899D97FDF}\MICROSOFT\OUTLOOK EXPRESS\MYRTLE BEACH TRIP.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{48A71D91-AEA7-4031-8448-5B0899D97FDF}\MICROSOFT\OUTLOOK EXPRESS\SENT ITEMS.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{48A71D91-AEA7-4031-8448-5B0899D97FDF}\MICROSOFT\OUTLOOK EXPRESS\WANDA'S .DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{0D6D0973-DA53-4C95-8CBB-C6A680FD3FF5}\MICROSOFT\OUTLOOK EXPRESS\DELETED ITEMS.DBX C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\{0D6D0973-DA53-4C95-8CBB-C6A680FD3FF5}\MICROSOFT\OUTLOOK EXPRESS\INBOX.DBX C:\Documents and Settings\Administrator\Application Data\Juniper Networks\Host Checker\scpt.dat\DefenderPro.lua C:\Documents and Settings\Administrator\Application Data\Juniper Networks\Host Checker\scpt.dat\DriveCrypt.lua C:\Documents and Settings\Administrator\Application Data\Juniper Networks\Host Checker\scpt.dat\LuaCommon.lua C:\Documents and Settings\Administrator\Application Data\Juniper Networks\Host Checker\scpt.dat\NetMotion.lua C:\Documents and Settings\Administrator\Application Data\Juniper Networks\Host Checker\scpt.dat\Safari.lua C:\Documents and Settings\Administrator\Application Data\Juniper Networks\Host Checker\scpt.dat\TenebrilAS.lua C:\Documents and Settings\Administrator\Application Data\Juniper Networks\Host Checker\tables.dat\tables.xml -------------------------------------------------------------------------------- Options Scanning engines: Scanning options: Scan all files Scan inside archives Use advanced heuristics -------------------------------------------------------------------------------- Copyright

IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\System32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\System32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\System32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\System32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [011CF810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [011CFBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [011CFDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [011CFBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [011CFF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [011CFDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [011CF810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [011CFDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [011CFF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [011CF810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [011CFDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [011CFF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [011CF810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [011CFBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [011D0640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [011CFDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [011CF810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [011CFF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [011CFBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [011CFDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [011CF810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [011CFF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [011CF810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [011CFDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [011CFF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [011CFBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [011CF990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [011D0640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [011CF810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [011CFDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [011D0470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [011D0640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [011D0290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [011CFDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [011D0640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [011CFF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [011CF810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [011CFBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [011CF990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [011CF990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [011CFBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [011CFF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [011D0470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [011D0640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [011CFDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [011CF810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [011D0290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [011CFF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [011CF990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [011D0640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [011CF810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [011CFDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [011CFF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [011CFDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [011CF810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [011CF810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [011CFDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [011CF990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [011CFBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [011CFDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[3708] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [011CF810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) ---- Devices - GMER 1.0.15 ---- AttachedDevice \FileSystem\Ntfs \Ntfs VET-FILT.SYS (CA Antivirus File Protection Driver/Computer Associates International, Inc.) AttachedDevice \Driver\Tcpip \Device\Ip NEOFLTR_550_12129.SYS (NetBIOS Redirector/Juniper Networks) AttachedDevice \Driver\Tcpip \Device\Tcp NEOFLTR_550_12129.SYS (NetBIOS Redirector/Juniper Networks) AttachedDevice \Driver\Tcpip \Device\Udp NEOFLTR_550_12129.SYS (NetBIOS Redirector/Juniper Networks) AttachedDevice \Driver\Tcpip \Device\RawIp NEOFLTR_550_12129.SYS (NetBIOS Redirector/Juniper Networks) AttachedDevice \FileSystem\Fastfat \Fat VET-FILT.SYS (CA Antivirus File Protection Driver/Computer Associates International, Inc.) AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) AttachedDevice \FileSystem\Fastfat \Fat VET-REC.SYS (CA Antivirus File Protection Driver/Computer Associates International, Inc.) ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x68 0xAF 0xFA 0x7B ... Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x40 0x6C 0xCE 0x39 ... Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x8A 0xC6 0x32 0x8A ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x68 0xAF 0xFA 0x7B ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x40 0x6C 0xCE 0x39 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x8A 0xC6 0x32 0x8A ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x68 0xAF 0xFA 0x7B ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x40 0x6C 0xCE 0x39 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x8A 0xC6 0x32 0x8A ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x68 0xAF 0xFA 0x7B ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x40 0x6C 0xCE 0x39 ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x8A 0xC6 0x32 0x8A ... Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System@OODEFRAG10.00.00.01WORKSTATION 961D19B5A4D2B5FEEA23C325AE57D2EB806360A74FF32983A317CE75CEFB2D0827041FD127C3AA4C FD143FE4EA5C80F3F23B4AEDC626700B6A375AB60234FEEAB3106EE9A2F35DEBEAF665AA12B6EEED 6 DE8FE7FD900D027DB2BF612ED23FBCEAA9529BA86B5F48DC825C6DC8A5086C44E68A1138B9D129EB E B77C2A4EBC6FF7DDBDF47366F05A9214CDFB5861A3F016DA8E59CF7FAE3FECC174BF15FE06E55F85 8 37B3578A23D8EABF01F6D45C09E36B981D155FD7AAB42F6CBA15C049AAF31B9B96A1998570F4D536 4 4EDE8BCEC12B7A3C3BB175596881527E7FFE01A6E24E7A0473A843B205CAB153ACFEBC9E127BECC7 4 CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74 C A6A0AC4980AC7933A2D97226D213B555A6A0AC4980AC79335D575E7D6A3B98083E681C41394E3955 1 D22C1DF347E8E78F6EEECB7E4E2840CCAF4CAE8859ED3F4C715EA3C58FED507DB44ACD62613993D9 2 740274FCE9527FBC94813648CA08FA6D15C586310F2A864B881B7E5881DC1A28C6836E54CFABD5F0 A C07620E127A95E5E552CBDBD5539DACC628A3FD4679C92736A2B35EDD595925A741DDA626B6C2DB2 9 4CFD260DC29A377A05D802C5E50CF336A298BF3E73DB0A1228DA151C1D82ECA580D30FD33C4F17C0 7 2F402C8EAA1E55FDCB3D482EA2FC31E4A5392EDDFD82B43D2C3C ---- EOF - GMER 1.0.15 ----

IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryW] [00CBFF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryA] [00CBFDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [00CBF810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [00CBFDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [00CBFDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [00CBF810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [00CC0290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [00CBFDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [00CC0640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [00CBFF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [00CBF810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [00CBFBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [00CBF990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [00CBF990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [00CBFBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [00CBFF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [00CC0470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [00CC0640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [00CBFDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [00CBF810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [00CBF810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [00CBFDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [00CBFF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [00CBFBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [00CBF990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [00CC0640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [00CBF810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [00CBFDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] [10010290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[1736] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!CreateProcessAsUserA] [100100B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\System32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\System32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\System32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\System32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[1768] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[2160] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)

IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [0124FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [0124F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!CreateProcessAsUserA] [100100B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [1000FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [1000FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1196] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [00F2F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [00F2FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [00F2FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [00F2FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [00F2FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [00F2FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [00F2F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [00F2FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [00F2FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [00F2F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [00F2FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [00F2FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [00F2F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [00F2FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [00F30640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [00F2FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [00F2F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [00F2FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [00F2FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [00F2FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [00F2F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [00F2FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [00F2F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [00F2FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [00F2FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [00F2FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [00F2F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [00F30640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [00F2F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [00F2FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [00F30470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [00F30640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [00F30290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [00F2FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [00F30640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [00F2FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [00F2F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [00F2FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [00F2F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [00F2F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [00F2FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [00F2FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [00F30470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [00F30640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [00F2FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [00F2F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [00F30290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [00F2FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [00F2F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [00F30640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [00F2F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [00F2FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ c:\windows\system32\rpcss.dll [ADVAPI32.dll!CreateProcessAsUserW] [00F30290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryA] [00F2FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!GetProcAddress] [00F2F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!CreateProcessW] [00F30640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExA] [00F2F990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryW] [00F2FF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExW] [00F2FBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [00F2F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [00F2FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [00F2FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [00F2F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [00F2F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [00F2FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [00F2FDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1532] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [00F2F810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\winlogon.exe [ADVAPI32.dll!CreateProcessAsUserW] [00CC0290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!GetProcAddress] [00CBF810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryW] [00CBFF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryExW] [00CBFBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryA] [00CBFDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryExA] [00CBF990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!CreateProcessW] [00CC0640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [00CBFBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [00CBFF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [00CBFDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [00CBF810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [00CBFDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [00CBFF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [00CBF810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [00CBFDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [00CBFF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [00CBF810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [00CBF810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [00CBFDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [00CC0470] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [00CC0640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [00CBF810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [00CBFDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [00CBF990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [00CBFBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [00CBFBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [00CC0640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [00CBFDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [00CBF810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [00CBFF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [00CBFBA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [00CBFDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [00CBF810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [00CBFF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [00CBFF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [00CBFDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [00CBF810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [00CC0290] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [00CBFF30] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [00CBF990] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [00CC0640] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [00CBF810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [00CBFDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [00CBFDB0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [00CBF810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[1580] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!GetProcAddress] [00CBF810] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)