Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Spyware SillyBHO CJ .. Win32/SillyBHO.CJ [CA AV]

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Spyware SillyBHO CJ .. Win32/SillyBHO.CJ [CA AV]

Unread postby Dakeyras » March 14th, 2009, 3:32 pm

Hmmm OK let me have a wee bit of a think on this and I will get back to your goodself.
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8804
Joined: November 21st, 2007, 5:30 am
Location: The Tundra
Advertisement
Register to Remove

Re: Spyware SillyBHO CJ .. Win32/SillyBHO.CJ [CA AV]

Unread postby anvosm » March 14th, 2009, 3:35 pm

OK, I will wait for your next instructions .

:) have a nice evening

Anne
anvosm
Regular Member
 
Posts: 45
Joined: March 1st, 2009, 7:05 pm

Re: Spyware SillyBHO CJ .. Win32/SillyBHO.CJ [CA AV]

Unread postby Dakeyras » March 14th, 2009, 3:44 pm

Hi Anne :)

:) have a nice evening
Thank you! You too!

Try this please:

Click on Start >> Run >> cut n paste the following: "%userprofile%\desktop\Dakeyras1.exe" then select OK

If the above method does not work try the below:

Open Task Manager by pressing the Ctrl Alt and Del keys, at the same time.

In the menu at the top of the dialog box, click File >> New Task (Run...)

Copy/paste (or type) the following in the Run box and click OK:

"%userprofile%\desktop\Dakeyras1.exe"

If the above method does not work try the below:

Delete your current copy of ComboFix/Dakeyras1 and re-download a new copy please.
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8804
Joined: November 21st, 2007, 5:30 am
Location: The Tundra

Re: Spyware SillyBHO CJ .. Win32/SillyBHO.CJ [CA AV]

Unread postby anvosm » March 14th, 2009, 5:21 pm

Hello again :?:

Well I tried all three options and still nothing, it only says the program is preparing to run.

so, then I went to bleepingcomputers.com for combo fix and read all the instructions, still got nowhere.

now I did a right click on combofix icon and read the properties, it is:

1 - an application on my desktop

2 - attributes are: read only and archives

3 - then I checked the compatability,
" if you have problems with this program and it worked correctly on an earlier version of windows, select the compatability mode that maches the earlier version. "

now: I have 4 options: Windows 95 - Windows / 98 Windows me - Windows NT 4.0 (service pack 5) - windows 2000
do you think this could be my problem.

I then checked the help section for program compatability below is an excerpt:
" Getting older programs to run on Windows XPMost programs run properly on Windows XP. The exceptions are some older games and other programs that were written specifically for an earlier version of Windows. To run your program on Windows XP, try the following:

Run the Program Compatibility Wizard. As an alternative, you can set the compatibility properties manually. "


Do you think my problem could be one of compatability or am I going off in the wrong direction.

Your thoughts please, I am very confused :?
anvosm
Regular Member
 
Posts: 45
Joined: March 1st, 2009, 7:05 pm

Re: Spyware SillyBHO CJ .. Win32/SillyBHO.CJ [CA AV]

Unread postby Dakeyras » March 14th, 2009, 5:41 pm

Hi Anne :)

It is entirely possible the malware still present on your computer is hindering ComboFix and not a compatibility issue I am thinking.

OK delete the latest ComboFix you downloaded and we will try a different scan first before addressing the aborted ComboFix attempts.

Make sure to re-enable your AntiVirus application if it is still disabled.

Next:

Download GMER and extract it to your desktop.

***Please close any open programs ***

  • Now right click on gmer.exe and choose the option Rename , rename it Dakeyras please.
  • Now double-click Dakeyras.exe. The program will begin to run.

**Caution**
These types of scans can produce false positives. Do NOT take any action on any "<--- ROOKIT" entries unless advised by a trained Security Analyst


  • If possible rootkit activity is found, you will be asked if you would like to perform a full scan.
  • Click Yes.
  • Once the scan is complete, you may receive another notice about rootkit activity.
  • Click OK.
  • GMER/Dakeyras will produce a log. Click on the Save button, and save the log as dakeyras.txt somewhere you can easily find it, such as your desktop.
  • If you do not receive notice about possible rootkit activity remain on the Rootkit/Malware tab & make sure the 'Show All' button is unticked.
  • Click the Scan button and let the program do its work. GMER/Dakeyras will produce a log.
  • Click on the Save button, and save the log as Dakeyras.txt somewhere you can easily find it, such as your desktop.

DO NOT touch the PC at ALL for Whatever reason/s until it has 100% completed its scan, or attempted scan in case of some error etc !

Please post the results from the GMER/Dakeyras scan in your reply.

Next:

Please make sure that RSIT.exe is still on the Desktop.(if not inform myself straight away please)

  • Double click once on RSIT.exe
  • RSIT will start running, at the disclaimer click on Continue.
  • When done, 1 log will be produced.
  • Post that in your next reply.

When completed the above, please post back the following in the order asked for:

  • How is you computer performing now, any other symptoms and or problems encountered?
  • Dakeyras.txt.
  • A new RSIT Log.
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8804
Joined: November 21st, 2007, 5:30 am
Location: The Tundra

Re: Spyware SillyBHO CJ .. Win32/SillyBHO.CJ [CA AV]

Unread postby anvosm » March 14th, 2009, 6:18 pm

Hello

I cannot find RSIT.exe on my desktop, I guess I need help again LOL

:) Anne
anvosm
Regular Member
 
Posts: 45
Joined: March 1st, 2009, 7:05 pm

Re: Spyware SillyBHO CJ .. Win32/SillyBHO.CJ [CA AV]

Unread postby Dakeyras » March 15th, 2009, 7:35 am

Hi :)

OK no problem, if I recall we encountered problems last time with RSIT and its exact location on your computer.

From researching prior logs it appears to be located here:

C:\Documents and Settings\DEFAULT\Local Settings\Temporary Internet Files\Content.IE5\UV0N0SUL\RSIT[1].exe

Not a ideal location and it may no longer be present, so please re-download from here and save it to the Desktop.

Post both the RSIT log(s) and the GMER/Dakeyras log in you next reply please.
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8804
Joined: November 21st, 2007, 5:30 am
Location: The Tundra

Re: Spyware SillyBHO CJ .. Win32/SillyBHO.CJ [CA AV]

Unread postby anvosm » March 15th, 2009, 8:56 am

Goodmorning :)

Thank you for the link, I will be out for the most part of the day.... the sun is shinning :D

I will continue when I return later.

Bye for now, have a great day.

Anne
anvosm
Regular Member
 
Posts: 45
Joined: March 1st, 2009, 7:05 pm

Re: Spyware SillyBHO CJ .. Win32/SillyBHO.CJ [CA AV]

Unread postby Dakeyras » March 15th, 2009, 10:20 am

You're welcome!

No problem and thank you for informing myself :thumbup:
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8804
Joined: November 21st, 2007, 5:30 am
Location: The Tundra

Re: Spyware SillyBHO CJ .. Win32/SillyBHO.CJ [CA AV]

Unread postby anvosm » March 15th, 2009, 10:41 pm

Goodevening,
Here are my logs as you requested, waiting for news.

Nite :)

**********************************************************

GMER 1.0.15.14939 - http://www.gmer.net
Rootkit scan 2009-03-15 21:33:18
Windows 5.1.2600 Service Pack 2


---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat VET-FILT.SYS (CA Antivirus File Protection Driver/Computer Associates International, Inc.)
AttachedDevice \FileSystem\Fastfat \Fat VET-REC.SYS (CA Antivirus File Protection Driver/Computer Associates International, Inc.)

---- EOF - GMER 1.0.15 ----
*********************************************************


Logfile of random's system information tool 1.05 (written by random/random)
Run by DEFAULT at 2009-03-15 21:34:00
Microsoft Windows XP Professional Service Pack 2
System drive C: has 62 GB (81%) free of 76 GB
Total RAM: 510 MB (32% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:34:05 PM, on 3/15/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\ISafe.exe
C:\Program Files\CA\eTrust Internet Security Suite\ccschedulersvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\VetMsg.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVRID.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\CA\eTrust Internet Security Suite\casc.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\CAPPActiveProtection.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\CA\eTrust Internet Security Suite\ccprovsp.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPCtlPriv.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\DEFAULT\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\DEFAULT.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
O1 - Hosts: 195.245.119.131 browser-security.microsoft.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] c:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [cctray] C:\Program Files\CA\eTrust Internet Security Suite\casc.exe
O4 - HKLM\..\Run: [CAPPActiveProtection] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\CAPPActiveProtection.exe"
O4 - HKLM\..\Run: [CaPPcl] C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\CAAntiSpyware.exe /scan /startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.ca.com/securityadvisor/pestscan/pestscan.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 9618271031
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 5445185281
O17 - HKLM\System\CCS\Services\Tcpip\..\{CB0C6283-2840-409F-BF46-1CC7FE0F639A}: NameServer = 216.252.64.75 216.252.64.76
O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\eTrust Internet Security Suite\ccprovsp.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\ISafe.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: CA Common Scheduler Service (ccSchedulerSVC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Internet Security Suite\ccschedulersvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - c:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: PPCtlPriv - CA, Inc. - C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPCtlPriv.exe
O23 - Service: HIPS Event Manager (UmxAgent) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
O23 - Service: HIPS Configuration Interpreter (UmxCfg) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
O23 - Service: HIPS Policy Manager (UmxPol) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\VetMsg.exe

--
End of file - 9989 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-02-01 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-01-25 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2009-01-25 657904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2009-01-25 522224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-02-01 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-02-01 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2009-01-25 251504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2004-08-10 59392]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2004-02-10 155648]
"PRONoMgr.exe"=c:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe [2002-10-23 86016]
"CAVRID"=C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVRID.exe [2008-12-18 271600]
"eTrustPPAP"=C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe []
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe [2003-09-01 176128]
"HP Software Update"=C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe [2003-06-25 49152]
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2003-10-23 233472]
"DeviceDiscovery"=C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-05-21 229437]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2003-04-24 54784]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"=C:\Program Files\Google\Gmail Notifier\gnotify.exe [2005-07-15 479232]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-14 644696]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-02-01 136600]
"cctray"=C:\Program Files\CA\eTrust Internet Security Suite\casc.exe [2009-03-29 374000]
"CAPPActiveProtection"=C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\CAPPActiveProtection.exe [2009-03-29 324848]
"CaPPcl"=C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\CAAntiSpyware.exe [2009-03-29 570608]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2006-03-15 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-05 68856]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\Documents and Settings\DEFAULT\Start Menu\Programs\Startup
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2004-02-10 339968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\PFW]
C:\WINDOWS\system32\UmxWnp.Dll [2007-06-06 79368]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\MSMSGS.EXE"="C:\Program Files\Messenger\MSMSGS.EXE:*:Enabled:Windows Messenger"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\WINDOWS\svcho.exe"="C:\WINDOWS\svcho.exe:*:Enabled:enable"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7f743dfb-3fe1-11d9-88b1-806d6172696f}]
shell\AutoRun\command - D:\autorun.exe


======List of files/folders created in the last 1 months======

2009-03-29 17:26:14 ----D---- C:\Program Files\Trend Micro
2009-03-14 15:05:13 ----A---- C:\WINDOWS\system32\CF16512.exe
2009-03-14 15:03:43 ----A---- C:\WINDOWS\system32\CF16205.exe
2009-03-14 14:19:35 ----A---- C:\WINDOWS\system32\CF7567.exe
2009-03-14 14:18:43 ----A---- C:\WINDOWS\system32\CF7401.exe
2009-03-14 12:34:53 ----A---- C:\WINDOWS\system32\CF19831.exe
2009-03-14 11:39:42 ----A---- C:\WINDOWS\NIRCMD.exe
2009-03-14 11:39:26 ----D---- C:\WINDOWS\ERDNT
2009-03-14 11:39:23 ----A---- C:\WINDOWS\system32\CF8943.exe
2009-03-14 11:30:46 ----A---- C:\WINDOWS\system32\CF7238.exe
2009-03-14 11:30:35 ----D---- C:\Qoobox
2009-03-11 19:22:14 ----SHD---- C:\FOUND.008
2009-03-05 21:26:42 ----D---- C:\rsit
2009-03-05 00:29:50 ----D---- C:\Documents and Settings\DEFAULT\Application Data\Malwarebytes
2009-03-05 00:29:40 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-03-05 00:29:40 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-02-24 19:11:11 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-02-24 19:11:10 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-02-22 22:17:53 ----D---- C:\WINDOWS\pss
2009-02-22 21:30:16 ----A---- C:\WINDOWS\system32\isafprod.dll

======List of files/folders modified in the last 1 months======

2009-03-15 19:31:10 ----A---- C:\WINDOWS\ModemLog_U.S. Robotics V.92 Fax Host Int.txt
2009-03-15 07:57:54 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-22 23:38:02 ----SH---- C:\boot.ini
2009-02-22 23:38:02 ----A---- C:\WINDOWS\win.ini
2009-02-22 23:38:02 ----A---- C:\WINDOWS\system.ini
2009-02-22 21:32:54 ----A---- C:\caisslog.txt
2009-02-22 21:30:18 ----A---- C:\caavsetupLog.txt

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2006-03-15 36096]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2006-03-15 14848]
R1 KmxAgent;KmxAgent; C:\WINDOWS\System32\DRIVERS\kmxagent.sys [2008-11-18 72696]
R1 VETEFILE;VET File Scan Engine; C:\WINDOWS\system32\drivers\VETEFILE.sys [2008-12-18 879760]
R1 VETFDDNT;VET Floppy Boot Sector Monitor; C:\WINDOWS\system32\drivers\VETFDDNT.sys [2008-12-18 21488]
R1 VET-FILT;VET File System Filter; C:\WINDOWS\system32\drivers\VET-FILT.sys [2008-12-18 26352]
R1 VETMONNT;VET File Monitor; C:\WINDOWS\system32\drivers\VETMONNT.sys [2008-12-18 161008]
R1 VET-REC;VET File System Recognizer; C:\WINDOWS\system32\drivers\VET-REC.sys [2008-12-18 21104]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-04-24 730092]
R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2002-09-25 140800]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2006-03-15 9600]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\USR_MDMV.sys [2005-08-08 1035008]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\USR_BSC2.sys [2005-08-08 231168]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-02-10 681469]
R3 KmxCfg;KmxCfg; C:\WINDOWS\System32\DRIVERS\kmxcfg.sys [2008-12-12 205304]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-15 12160]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2006-03-15 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2006-03-15 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2006-03-15 57600]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2006-03-15 20480]
R3 VETEBOOT;VET Boot Scan Engine; C:\WINDOWS\system32\drivers\VETEBOOT.sys [2008-12-18 108288]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_USR.sys [2005-08-08 729728]
S3 aujasnkj;aujasnkj; \??\C:\DOCUME~1\DEFAULT\LOCALS~1\Temp\aujasnkj.sys []
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2006-03-15 26496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CAISafe;CAISafe; C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\ISafe.exe [2008-12-18 144696]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2005-09-30 96341]
R2 ccSchedulerSVC;CA Common Scheduler Service; C:\Program Files\CA\eTrust Internet Security Suite\ccschedulersvc.exe [2009-03-29 128240]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2004-08-10 194560]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2004-08-10 102912]
R2 ITMRTSVC;CA Pest Patrol Realtime Protection Service; C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe [2008-09-29 283888]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-02-01 152984]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2005-09-22 53248]
R2 UmxAgent;HIPS Event Manager; C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe [2008-12-12 1153528]
R2 UmxCfg;HIPS Configuration Interpreter; C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe [2008-12-10 797176]
R2 UmxPol;HIPS Policy Manager; C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe [2008-12-19 297464]
R2 VETMSGNT;VET Message Service; C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\VetMsg.exe [2008-12-18 292080]
R3 CaCCProvSP;CaCCProvSP; C:\Program Files\CA\eTrust Internet Security Suite\ccprovsp.exe [2009-03-29 259312]
R3 PPCtlPriv;PPCtlPriv; C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPCtlPriv.exe [2009-03-29 222448]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-25 137200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2006-03-15 14336]
S3 NetSvc;Intel NCS NetService; c:\Program Files\Intel\NCS\Sync\NetSvc.exe [2002-09-27 139264]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2006-03-15 38912]
S4 iPodService;iPodService; C:\Program Files\iPod\bin\iPodService.exe [2006-06-14 323584]

-----------------EOF-----------------
anvosm
Regular Member
 
Posts: 45
Joined: March 1st, 2009, 7:05 pm

Re: Spyware SillyBHO CJ .. Win32/SillyBHO.CJ [CA AV]

Unread postby anvosm » March 15th, 2009, 11:05 pm

oops... forgot this :oops:



GMER 1.0.15.14939 - http://www.gmer.net
Rootkit scan 2009-03-15 21:55:12
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\DRIVERS\kmxagent.sys (HIPS Agent Driver/CA) ZwSetInformationProcess [0xEFCA7CE8]

---- Kernel code sections - GMER 1.0.15 ----

.text ntoskrnl.exe!_abnormal_termination + 3DF 804E30B0 4 Bytes CALL DE3DFB31

---- User code sections - GMER 1.0.15 ----

.text C:\WINDOWS\eHome\ehSched.exe[228] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 100031F8
.text C:\WINDOWS\eHome\ehSched.exe[228] ws2_32.dll!connect 71AB406A 5 Bytes JMP 10003140
.text C:\WINDOWS\eHome\ehSched.exe[228] ws2_32.dll!send 71AB428A 5 Bytes JMP 10002BA4
.text C:\WINDOWS\eHome\ehSched.exe[228] ws2_32.dll!WSARecv 71AB4318 5 Bytes JMP 10002404
.text C:\WINDOWS\eHome\ehSched.exe[228] ws2_32.dll!recv 71AB615A 5 Bytes JMP 10002388
.text C:\WINDOWS\eHome\ehSched.exe[228] ws2_32.dll!WSASend 71AB6233 5 Bytes JMP 100030F4
.text C:\WINDOWS\system32\svchost.exe[248] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 100031F8
.text C:\WINDOWS\system32\svchost.exe[248] ws2_32.dll!connect 71AB406A 5 Bytes JMP 10003140
.text C:\WINDOWS\system32\svchost.exe[248] ws2_32.dll!send 71AB428A 5 Bytes JMP 10002BA4
.text C:\WINDOWS\system32\svchost.exe[248] ws2_32.dll!WSARecv 71AB4318 5 Bytes JMP 10002404
.text C:\WINDOWS\system32\svchost.exe[248] ws2_32.dll!recv 71AB615A 5 Bytes JMP 10002388
.text C:\WINDOWS\system32\svchost.exe[248] ws2_32.dll!WSASend 71AB6233 5 Bytes JMP 100030F4
.text C:\WINDOWS\System32\alg.exe[368] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 100031F8
.text C:\WINDOWS\System32\alg.exe[368] WS2_32.dll!connect 71AB406A 5 Bytes JMP 10003140
.text C:\WINDOWS\System32\alg.exe[368] WS2_32.dll!send 71AB428A 5 Bytes JMP 10002BA4
.text C:\WINDOWS\System32\alg.exe[368] WS2_32.dll!WSARecv 71AB4318 5 Bytes JMP 10002404
.text C:\WINDOWS\System32\alg.exe[368] WS2_32.dll!recv 71AB615A 5 Bytes JMP 10002388
.text C:\WINDOWS\System32\alg.exe[368] WS2_32.dll!WSASend 71AB6233 5 Bytes JMP 100030F4
.text C:\WINDOWS\system32\svchost.exe[400] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 100031F8
.text C:\WINDOWS\system32\svchost.exe[400] ws2_32.dll!connect 71AB406A 5 Bytes JMP 10003140
.text C:\WINDOWS\system32\svchost.exe[400] ws2_32.dll!send 71AB428A 5 Bytes JMP 10002BA4
.text C:\WINDOWS\system32\svchost.exe[400] ws2_32.dll!WSARecv 71AB4318 5 Bytes JMP 10002404
.text C:\WINDOWS\system32\svchost.exe[400] ws2_32.dll!recv 71AB615A 5 Bytes JMP 10002388
.text C:\WINDOWS\system32\svchost.exe[400] ws2_32.dll!WSASend 71AB6233 5 Bytes JMP 100030F4
.text C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe[620] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 100031F8
.text C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe[620] ws2_32.dll!connect 71AB406A 5 Bytes JMP 10003140
.text C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe[620] ws2_32.dll!send 71AB428A 5 Bytes JMP 10002BA4
.text C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe[620] ws2_32.dll!WSARecv 71AB4318 5 Bytes JMP 10002404
.text C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe[620] ws2_32.dll!recv 71AB615A 5 Bytes JMP 10002388
.text C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe[620] ws2_32.dll!WSASend 71AB6233 5 Bytes JMP 100030F4
.text C:\WINDOWS\system32\spoolsv.exe[792] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 100031F8
.text C:\WINDOWS\system32\spoolsv.exe[792] ws2_32.dll!connect 71AB406A 5 Bytes JMP 10003140
.text C:\WINDOWS\system32\spoolsv.exe[792] ws2_32.dll!send 71AB428A 5 Bytes JMP 10002BA4
.text C:\WINDOWS\system32\spoolsv.exe[792] ws2_32.dll!WSARecv 71AB4318 5 Bytes JMP 10002404
.text C:\WINDOWS\system32\spoolsv.exe[792] ws2_32.dll!recv 71AB615A 5 Bytes JMP 10002388
.text C:\WINDOWS\system32\spoolsv.exe[792] ws2_32.dll!WSASend 71AB6233 5 Bytes JMP 100030F4
.text C:\WINDOWS\system32\svchost.exe[852] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 100031F8
.text C:\WINDOWS\system32\svchost.exe[852] ws2_32.dll!connect 71AB406A 5 Bytes JMP 10003140
.text C:\WINDOWS\system32\svchost.exe[852] ws2_32.dll!send 71AB428A 5 Bytes JMP 10002BA4
.text C:\WINDOWS\system32\svchost.exe[852] ws2_32.dll!WSARecv 71AB4318 5 Bytes JMP 10002404
.text C:\WINDOWS\system32\svchost.exe[852] ws2_32.dll!recv 71AB615A 5 Bytes JMP 10002388
.text C:\WINDOWS\system32\svchost.exe[852] ws2_32.dll!WSASend 71AB6233 5 Bytes JMP 100030F4
.text C:\WINDOWS\ehome\ehtray.exe[1100] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 100031F8
.text C:\WINDOWS\ehome\ehtray.exe[1100] ws2_32.dll!connect 71AB406A 5 Bytes JMP 10003140
.text C:\WINDOWS\ehome\ehtray.exe[1100] ws2_32.dll!send 71AB428A 5 Bytes JMP 10002BA4
.text C:\WINDOWS\ehome\ehtray.exe[1100] ws2_32.dll!WSARecv 71AB4318 5 Bytes JMP 10002404
.text C:\WINDOWS\ehome\ehtray.exe[1100] ws2_32.dll!recv 71AB615A 5 Bytes JMP 10002388
.text C:\WINDOWS\ehome\ehtray.exe[1100] ws2_32.dll!WSASend 71AB6233 5 Bytes JMP 100030F4
.text C:\WINDOWS\system32\svchost.exe[1124] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 100031F8
.text C:\WINDOWS\system32\svchost.exe[1124] ws2_32.dll!connect 71AB406A 5 Bytes JMP 10003140
.text C:\WINDOWS\system32\svchost.exe[1124] ws2_32.dll!send 71AB428A 5 Bytes JMP 10002BA4
.text C:\WINDOWS\system32\svchost.exe[1124] ws2_32.dll!WSARecv 71AB4318 5 Bytes JMP 10002404
.text C:\WINDOWS\system32\svchost.exe[1124] ws2_32.dll!recv 71AB615A 5 Bytes JMP 10002388
.text C:\WINDOWS\system32\svchost.exe[1124] ws2_32.dll!WSASend 71AB6233 5 Bytes JMP 100030F4
.text C:\WINDOWS\system32\winlogon.exe[1204] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 100031F8
.text C:\WINDOWS\system32\winlogon.exe[1204] WS2_32.dll!connect 71AB406A 5 Bytes JMP 10003140
.text C:\WINDOWS\system32\winlogon.exe[1204] WS2_32.dll!send 71AB428A 5 Bytes JMP 10002BA4
.text C:\WINDOWS\system32\winlogon.exe[1204] WS2_32.dll!WSARecv 71AB4318 5 Bytes JMP 10002404
.text C:\WINDOWS\system32\winlogon.exe[1204] WS2_32.dll!recv 71AB615A 5 Bytes JMP 10002388
.text C:\WINDOWS\system32\winlogon.exe[1204] WS2_32.dll!WSASend 71AB6233 5 Bytes JMP 100030F4
.text C:\WINDOWS\system32\services.exe[1352] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 100031F8
.text C:\WINDOWS\system32\services.exe[1352] ws2_32.dll!connect 71AB406A 5 Bytes JMP 10003140
.text C:\WINDOWS\system32\services.exe[1352] ws2_32.dll!send 71AB428A 5 Bytes JMP 10002BA4
.text C:\WINDOWS\system32\services.exe[1352] ws2_32.dll!WSARecv 71AB4318 5 Bytes JMP 10002404
.text C:\WINDOWS\system32\services.exe[1352] ws2_32.dll!recv 71AB615A 5 Bytes JMP 10002388
.text C:\WINDOWS\system32\services.exe[1352] ws2_32.dll!WSASend 71AB6233 5 Bytes JMP 100030F4
.text C:\WINDOWS\system32\lsass.exe[1412] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 100031F8
.text C:\WINDOWS\system32\lsass.exe[1412] WS2_32.dll!connect 71AB406A 5 Bytes JMP 10003140
.text C:\WINDOWS\system32\lsass.exe[1412] WS2_32.dll!send 71AB428A 5 Bytes JMP 10002BA4
.text C:\WINDOWS\system32\lsass.exe[1412] WS2_32.dll!WSARecv 71AB4318 5 Bytes JMP 10002404
.text C:\WINDOWS\system32\lsass.exe[1412] WS2_32.dll!recv 71AB615A 5 Bytes JMP 10002388
.text C:\WINDOWS\system32\lsass.exe[1412] WS2_32.dll!WSASend 71AB6233 5 Bytes JMP 100030F4
.text C:\WINDOWS\System32\svchost.exe[1444] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 100031F8
.text C:\WINDOWS\System32\svchost.exe[1444] ws2_32.dll!connect 71AB406A 5 Bytes JMP 10003140
.text C:\WINDOWS\System32\svchost.exe[1444] ws2_32.dll!send 71AB428A 5 Bytes JMP 10002BA4
.text C:\WINDOWS\System32\svchost.exe[1444] ws2_32.dll!WSARecv 71AB4318 5 Bytes JMP 10002404
.text C:\WINDOWS\System32\svchost.exe[1444] ws2_32.dll!recv 71AB615A 5 Bytes JMP 10002388
.text C:\WINDOWS\System32\svchost.exe[1444] ws2_32.dll!WSASend 71AB6233 5 Bytes JMP 100030F4
.text C:\Program Files\CA\eTrust Internet Security Suite\casc.exe[1628] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 100631F8
.text C:\Program Files\CA\eTrust Internet Security Suite\casc.exe[1628] WS2_32.dll!connect 71AB406A 5 Bytes JMP 10063140
.text C:\Program Files\CA\eTrust Internet Security Suite\casc.exe[1628] WS2_32.dll!send 71AB428A 5 Bytes JMP 10062BA4
.text C:\Program Files\CA\eTrust Internet Security Suite\casc.exe[1628] WS2_32.dll!WSARecv 71AB4318 5 Bytes JMP 10062404
.text C:\Program Files\CA\eTrust Internet Security Suite\casc.exe[1628] WS2_32.dll!recv 71AB615A 5 Bytes JMP 10062388
.text C:\Program Files\CA\eTrust Internet Security Suite\casc.exe[1628] WS2_32.dll!WSASend 71AB6233 5 Bytes JMP 100630F4
.text C:\WINDOWS\system32\svchost.exe[1740] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 100031F8
.text C:\WINDOWS\system32\svchost.exe[1740] ws2_32.dll!connect 71AB406A 5 Bytes JMP 10003140
.text C:\WINDOWS\system32\svchost.exe[1740] ws2_32.dll!send 71AB428A 5 Bytes JMP 10002BA4
.text C:\WINDOWS\system32\svchost.exe[1740] ws2_32.dll!WSARecv 71AB4318 5 Bytes JMP 10002404
.text C:\WINDOWS\system32\svchost.exe[1740] ws2_32.dll!recv 71AB615A 5 Bytes JMP 10002388
.text C:\WINDOWS\system32\svchost.exe[1740] ws2_32.dll!WSASend 71AB6233 5 Bytes JMP 100030F4
.text C:\WINDOWS\eHome\ehRecvr.exe[1952] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 100031F8
.text C:\WINDOWS\eHome\ehRecvr.exe[1952] ws2_32.dll!connect 71AB406A 5 Bytes JMP 10003140
.text C:\WINDOWS\eHome\ehRecvr.exe[1952] ws2_32.dll!send 71AB428A 5 Bytes JMP 10002BA4
.text C:\WINDOWS\eHome\ehRecvr.exe[1952] ws2_32.dll!WSARecv 71AB4318 5 Bytes JMP 10002404
.text C:\WINDOWS\eHome\ehRecvr.exe[1952] ws2_32.dll!recv 71AB615A 5 Bytes JMP 10002388
.text C:\WINDOWS\eHome\ehRecvr.exe[1952] ws2_32.dll!WSASend 71AB6233 5 Bytes JMP 100030F4
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[2064] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 100231F8
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[2064] WS2_32.dll!connect 71AB406A 5 Bytes JMP 10023140
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[2064] WS2_32.dll!send 71AB428A 5 Bytes JMP 10022BA4
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[2064] WS2_32.dll!WSARecv 71AB4318 5 Bytes JMP 10022404
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[2064] WS2_32.dll!recv 71AB615A 5 Bytes JMP 10022388
.text C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[2064] WS2_32.dll!WSASend 71AB6233 5 Bytes JMP 100230F4
.text C:\WINDOWS\system32\dllhost.exe[2568] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 100031F8
.text C:\WINDOWS\system32\dllhost.exe[2568] ws2_32.dll!connect 71AB406A 5 Bytes JMP 10003140
.text C:\WINDOWS\system32\dllhost.exe[2568] ws2_32.dll!send 71AB428A 5 Bytes JMP 10002BA4
.text C:\WINDOWS\system32\dllhost.exe[2568] ws2_32.dll!WSARecv 71AB4318 5 Bytes JMP 10002404
.text C:\WINDOWS\system32\dllhost.exe[2568] ws2_32.dll!recv 71AB615A 5 Bytes JMP 10002388
.text C:\WINDOWS\system32\dllhost.exe[2568] ws2_32.dll!WSASend 71AB6233 5 Bytes JMP 100030F4
.text C:\Program Files\Google\Gmail Notifier\gnotify.exe[2764] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 100031F8
.text C:\Program Files\Google\Gmail Notifier\gnotify.exe[2764] WS2_32.dll!connect 71AB406A 5 Bytes JMP 10003140
.text C:\Program Files\Google\Gmail Notifier\gnotify.exe[2764] WS2_32.dll!send 71AB428A 5 Bytes JMP 10002BA4
.text C:\Program Files\Google\Gmail Notifier\gnotify.exe[2764] WS2_32.dll!WSARecv 71AB4318 5 Bytes JMP 10002404
.text C:\Program Files\Google\Gmail Notifier\gnotify.exe[2764] WS2_32.dll!recv 71AB615A 5 Bytes JMP 10002388
.text C:\Program Files\Google\Gmail Notifier\gnotify.exe[2764] WS2_32.dll!WSASend 71AB6233 5 Bytes JMP 100030F4
.text C:\Program Files\Java\jre6\bin\jusched.exe[2952] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 100031F8
.text C:\Program Files\Java\jre6\bin\jusched.exe[2952] ws2_32.dll!connect 71AB406A 5 Bytes JMP 10003140
.text C:\Program Files\Java\jre6\bin\jusched.exe[2952] ws2_32.dll!send 71AB428A 5 Bytes JMP 10002BA4
.text C:\Program Files\Java\jre6\bin\jusched.exe[2952] ws2_32.dll!WSARecv 71AB4318 5 Bytes JMP 10002404
.text C:\Program Files\Java\jre6\bin\jusched.exe[2952] ws2_32.dll!recv 71AB615A 5 Bytes JMP 10002388
.text C:\Program Files\Java\jre6\bin\jusched.exe[2952] ws2_32.dll!WSASend 71AB6233 5 Bytes JMP 100030F4
.text C:\WINDOWS\system32\ctfmon.exe[3092] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 100031F8
.text C:\WINDOWS\system32\ctfmon.exe[3092] ws2_32.dll!connect 71AB406A 5 Bytes JMP 10003140
.text C:\WINDOWS\system32\ctfmon.exe[3092] ws2_32.dll!send 71AB428A 5 Bytes JMP 10002BA4
.text C:\WINDOWS\system32\ctfmon.exe[3092] ws2_32.dll!WSARecv 71AB4318 5 Bytes JMP 10002404
.text C:\WINDOWS\system32\ctfmon.exe[3092] ws2_32.dll!recv 71AB615A 5 Bytes JMP 10002388
.text C:\WINDOWS\system32\ctfmon.exe[3092] ws2_32.dll!WSASend 71AB6233 5 Bytes JMP 100030F4
.text C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe[3620] kernel32.dll!CreateProcessW 7C802332 5 Bytes JMP 100031F8
.text C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe[3620] ws2_32.dll!connect 71AB406A 5 Bytes JMP 10003140
.text C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe[3620] ws2_32.dll!send 71AB428A 5 Bytes JMP 10002BA4
.text C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe[3620] ws2_32.dll!WSARecv 71AB4318 5 Bytes JMP 10002404
.text C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe[3620] ws2_32.dll!recv 71AB615A 5 Bytes JMP 10002388
.text C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe[3620] ws2_32.dll!WSASend 71AB6233 5 Bytes JMP 100030F4

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [00BCF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [00BCFC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [00BCFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [00BCFC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [00BCFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [00BCFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [00BCF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [00BCFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [00BCFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [00BCF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [00BCFC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [00BD06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [00BCFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [00BCF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [00BCFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [00BCFC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [00BCFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [00BCF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [00BCFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [00BCF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [00BCFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [00BCFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [00BCFC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [00BCFA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [00BD06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [00BCF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [00BCFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [00BD04E0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [00BD06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [00BD06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [00BCFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [00BCFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [00BCF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [00BCFC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [00BCFA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [00BD0300] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [00BCFA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [00BCFC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [00BCFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [00BD04E0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [00BD06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [00BCFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [00BCF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [00BD0300] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [00BCFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [00BCFA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [00BD06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [00BCF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [00BCFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\ws2_32.dll [KERNEL32.dll!GetProcAddress] [00BCF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\ws2_32.dll [KERNEL32.dll!LoadLibraryA] [00BCFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [00BCFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [00BCF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\wininet.dll [ADVAPI32.dll!CreateProcessAsUserA] [00BD0120] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryW] [00BCFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryExW] [00BCFC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!GetProcAddress] [00BCF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryA] [00BCFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [00BCF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [00BCFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [00BCFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [00BCFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [00BCF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [00BCFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[248] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [00BCF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [00A9F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [00A9FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [00A9FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [00A9FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [00A9FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [00A9FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [00A9F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [00A9FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [00A9FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [00A9F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [00A9FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [00AA06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [00A9FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [00A9F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [00A9FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [00A9FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [00A9FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [00A9F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [00A9FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [00A9F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [00A9FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [00A9FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [00A9FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [00A9FA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [00AA06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [00A9F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [00A9FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [00AA04E0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [00AA06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [00AA06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [00A9FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [00A9FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [00A9F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [00A9FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [00A9FA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [00AA0300] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [00A9FA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [00A9FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [00A9FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [00AA04E0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [00AA06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [00A9FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [00A9F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [00AA0300] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [00A9FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [00A9FA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [00AA06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [00A9F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [00A9FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\ws2_32.dll [KERNEL32.dll!GetProcAddress] [00A9F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\ws2_32.dll [KERNEL32.dll!LoadLibraryA] [00A9FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [00A9FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [00A9F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\wininet.dll [ADVAPI32.dll!CreateProcessAsUserA] [00AA0120] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryW] [00A9FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryExW] [00A9FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!GetProcAddress] [00A9F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryA] [00A9FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [00A9FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [00A9FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [00A9F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [00A9F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [00A9FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [00A9FA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [00A9FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [00A9FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [00A9F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [0096F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [0096FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [0096FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [0096FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [0096FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [0096FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [0096F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [0096FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [0096FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [0096F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [0096FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [009706B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [0096FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [0096F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [0096FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [0096FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [0096FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [0096F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [0096FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [0096F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [0096FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [0096FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [0096FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [0096FA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [009706B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [0096F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [0096FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [009704E0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [009706B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [009706B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [0096FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [0096FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [0096F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [0096FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [0096FA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [00970300] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [0096FA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [0096FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [0096FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [009704E0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [009706B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [0096FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [0096F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [00970300] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [0096FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [0096FA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [009706B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [0096F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [0096FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\ws2_32.dll [KERNEL32.dll!GetProcAddress] [0096F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\ws2_32.dll [KERNEL32.dll!LoadLibraryA] [0096FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [0096FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [0096F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\wininet.dll [ADVAPI32.dll!CreateProcessAsUserA] [00970120] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryW] [0096FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryExW] [0096FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!GetProcAddress] [0096F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryA] [0096FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ c:\windows\system32\rpcss.dll [ADVAPI32.dll!CreateProcessAsUserW] [00970300] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryA] [0096FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!GetProcAddress] [0096F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!CreateProcessW] [009706B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExA] [0096FA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryW] [0096FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExW] [0096FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [0096FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [0096FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [0096F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [0096FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [0096F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [0096F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [0096FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [0096FA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [0096FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [0096FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [0096FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [0096F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!GetProcAddress] [0096F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryW] [0096FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryA] [0096FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [0096F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[852] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [0096FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [00B3F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [00B3FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [00B3FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [00B3FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [00B3FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [00B3FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [00B3F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [00B3FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [00B3FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [00B3F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [00B3FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [00B406B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [00B3FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [00B3F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [00B3FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [00B3FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [00B3FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [00B3F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [00B3FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [00B3F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [00B3FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [00B3FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [00B3FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [00B3FA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [00B406B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [00B3F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [00B3FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [00B404E0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [00B406B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [00B406B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [00B3FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [00B3FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [00B3F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [00B3FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [00B3FA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [00B40300] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [00B3FA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [00B3FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [00B3FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [00B404E0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [00B406B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [00B3FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [00B3F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [00B40300] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [00B3FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [00B3FA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [00B406B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [00B3F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [00B3FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\ws2_32.dll [KERNEL32.dll!GetProcAddress] [00B3F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\ws2_32.dll [KERNEL32.dll!LoadLibraryA] [00B3FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [00B3FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [00B3F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\wininet.dll [ADVAPI32.dll!CreateProcessAsUserA] [00B40120] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryW] [00B3FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryExW] [00B3FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!GetProcAddress] [00B3F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryA] [00B3FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ c:\windows\system32\rpcss.dll [ADVAPI32.dll!CreateProcessAsUserW] [00B40300] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryA] [00B3FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!GetProcAddress] [00B3F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!CreateProcessW] [00B406B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExA] [00B3FA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryW] [00B3FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExW] [00B3FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [00B3FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [00B3FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [00B3F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [00B3F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [00B3FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [00B3FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1124] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress]
anvosm
Regular Member
 
Posts: 45
Joined: March 1st, 2009, 7:05 pm

Re: Spyware SillyBHO CJ .. Win32/SillyBHO.CJ [CA AV]

Unread postby anvosm » March 15th, 2009, 11:07 pm

the log was sooo.... big, I had to do 2 posts

IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\winlogon.exe [ADVAPI32.dll!CreateProcessAsUserW] [011D0300] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!GetProcAddress] [011CF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryW] [011CFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryExW] [011CFC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryA] [011CFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryExA] [011CFA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!CreateProcessW] [011D06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [011CFC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [011CFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [011CFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [011CF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [011CFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [011CFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [011CF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [011CF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [011CFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [011D04E0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [011D06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [011CF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [011CFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [011CFA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [011CFC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [011CFC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [011D06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [011CFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [011CF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [011CFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [011CFC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [011CFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [011CF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [011CFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [011CFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [011CFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [011CF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [011D0300] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [011CFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [011CFA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [011D06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [011CF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [011CFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [011CFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [011CF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!GetProcAddress] [011CF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryW] [011CFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryA] [011CFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [011CFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [011CFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [011CF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [011CF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [011CFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [011CFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [011CF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [011D06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [011CFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [011CFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [011CF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [011CFC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [011CFA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [011D0300] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [011CFA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [011CFC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [011CFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [011D04E0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [011D06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [011CFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [011CF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [011CF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [011CFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [011CFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [011CFC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [011CFA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [011D06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\wininet.dll [ADVAPI32.dll!CreateProcessAsUserA] [011D0120] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryW] [011CFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryExW] [011CFC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!GetProcAddress] [011CF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryA] [011CFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [011CF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1204] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [011CFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] [00FD0300] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!LoadLibraryA] [00FCFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] [00FD06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!GetProcAddress] [00FCF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!LoadLibraryW] [00FCFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [00FCF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [00FCFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [00FD04E0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [00FD06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [00FCFC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [00FCFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [00FCFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [00FCF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [00FCFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [00FCFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [00FCF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [00FCFC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [00FD06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [00FCFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [00FCF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [00FCFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [00FCFC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [00FCFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [00FCF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [00FCFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [00FD0300] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [00FCFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [00FCFA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [00FD06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [00FCF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [00FCFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [00FCFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [00FCFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [00FCF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [00FCF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [00FCFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [00FCFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [00FCFC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [00FCFA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [00FD06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [00FD06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [00FCFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [00FCFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [00FCF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [00FCFC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [00FCFA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [00FD0300] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [00FCFA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [00FCFC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [00FCFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [00FD04E0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [00FD06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [00FCFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [00FCF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\ws2_32.dll [KERNEL32.dll!GetProcAddress] [00FCF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\ws2_32.dll [KERNEL32.dll!LoadLibraryA] [00FCFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [00FCFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [00FCF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\wininet.dll [ADVAPI32.dll!CreateProcessAsUserA] [00FD0120] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryW] [00FCFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryExW] [00FCFC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!GetProcAddress] [00FCF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryA] [00FCFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!LoadLibraryA] [00FCFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!LoadLibraryW] [00FCFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\secur32.dll [KERNEL32.dll!GetProcAddress] [00FCF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [00FCFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1352] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [00FCF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcAddress] [0109F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [0109FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] [0109FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [0109FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [0109FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [0109FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [0109F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [0109FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [0109FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [0109F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [0109FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [010A06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [0109FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [0109F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [0109FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [0109FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [0109FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [0109F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [0109FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [0109F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [0109FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [0109FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [0109FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [0109FA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [010A06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [0109F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [0109FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [010A04E0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [010A06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [010A06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [0109FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [0109FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [0109F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [0109FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [0109FA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [010A0300] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [0109FA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [0109FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [0109FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [010A04E0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [010A06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [0109FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [0109F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [010A0300] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [0109FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [0109FA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [010A06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [0109F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [0109FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\System32\ws2_32.dll [KERNEL32.dll!GetProcAddress] [0109F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\System32\ws2_32.dll [KERNEL32.dll!LoadLibraryA] [0109FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\System32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [0109FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\System32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [0109F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\wininet.dll [ADVAPI32.dll!CreateProcessAsUserA] [010A0120] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryW] [0109FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryExW] [0109FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!GetProcAddress] [0109F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryA] [0109FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [0109FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [0109FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [0109F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [0109F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [0109FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [0109FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [0109FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ c:\windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [0109F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [0109F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [0109FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [0109FA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [0109FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ c:\windows\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [0109FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1444] @ c:\windows\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [0109F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [008DF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [008DFC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [008DFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [008DFC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [008DFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [008DFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [008DF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [008DFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [008DFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [008DF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [008DFC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [008E06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [008DFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [008DF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [008DFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [008DFC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [008DFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [008DF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [008DFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [008DF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [008DFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [008DFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [008DFC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [008DFA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [008E06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [008DF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [008DFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [008E04E0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [008E06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [008E06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [008DFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [008DFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [008DF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [008DFC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [008DFA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [008E0300] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [008DFA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [008DFC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [008DFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [008E04E0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [008E06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [008DFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [008DF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [008E0300] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [008DFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [008DFA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [008E06B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [008DF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [008DFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\ws2_32.dll [KERNEL32.dll!GetProcAddress] [008DF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\ws2_32.dll [KERNEL32.dll!LoadLibraryA] [008DFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [008DFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [008DF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\wininet.dll [ADVAPI32.dll!CreateProcessAsUserA] [008E0120] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryW] [008DFFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryExW] [008DFC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!GetProcAddress] [008DF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryA] [008DFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [008DF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [008DFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [008DFE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1740] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [008DF890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [00C6F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [00C6FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [00C704E0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [00C706B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [00C6F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [00C6FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [00C6FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [00C6FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [00C6FA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [00C706B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [00C6FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [00C6FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [00C6F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [00C6FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [00C6FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [00C706B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [00C6FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [00C6F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [00C6FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [00C6FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [00C6FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [00C6FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [00C6F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [00C6FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [00C6FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [00C6F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [00C706B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [00C6FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [00C6FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [00C6F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [00C6FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [00C6FA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [00C70300] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [00C6FA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [00C6FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [00C6FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [00C704E0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [00C706B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [00C6FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [00C6F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [00C70300] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [00C6FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [00C6FA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [00C706B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [00C6F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [00C6FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\ws2_32.dll [KERNEL32.dll!GetProcAddress] [00C6F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\ws2_32.dll [KERNEL32.dll!LoadLibraryA] [00C6FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [00C6FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [00C6F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\wininet.dll [ADVAPI32.dll!CreateProcessAsUserA] [00C70120] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryW] [00C6FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryExW] [00C6FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!GetProcAddress] [00C6F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\wininet.dll [KERNEL32.dll!LoadLibraryA] [00C6FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [00C6FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [00C6FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [00C6F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [00C6FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [00C6FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [00C6F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [00C6FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2568] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [00C6F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\explorer.exe [KERNEL32.dll!LoadLibraryExA] [1000FA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\explorer.exe [KERNEL32.dll!LoadLibraryExW] [1000FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\explorer.exe [KERNEL32.dll!LoadLibraryA] [1000FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\explorer.exe [KERNEL32.dll!CreateProcessW] [100106B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\explorer.exe [KERNEL32.dll!LoadLibraryW] [1000FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\explorer.exe [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [100104E0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [100106B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [1000FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [1000FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [1000FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [100106B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [1000FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [1000FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [100104E0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [100106B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [100106B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [1000FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010300] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [1000FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [100106B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [1000FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [1000FA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [1000FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [1000FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!CreateProcessAsUserA] [10010120] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [1000FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [1000FC10] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [1000FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010300] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [1000FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FA00] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [100106B0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [1000FFA0] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\explorer.exe[4004] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [1000FE20] C:\Program Files\CA\SharedComponents\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat VET-FILT.SYS (CA Antivirus File Protection Driver/Computer Associates International, Inc.)
AttachedDevice \FileSystem\Fastfat \Fat VET-REC.SYS (CA Antivirus File Protection Driver/Computer Associates International, Inc.)

---- EOF - GMER 1.0.15 ----
anvosm
Regular Member
 
Posts: 45
Joined: March 1st, 2009, 7:05 pm

Re: Spyware SillyBHO CJ .. Win32/SillyBHO.CJ [CA AV]

Unread postby Dakeyras » March 16th, 2009, 7:39 am

Hi :)

Reboot(restart) your computer please. Make sure you do this Anne OK.

Next:

Download Combofix from any of the links below. You must rename it before saving it. Save it to your desktop.

Link 1
Link 2
Link 3

Image

Image
--------------------------------------------------------------------

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
Right click on CA Antivirus icon near the clock (a shield).
Click on CA Anti-Virus > Snooze Anti-Virus Protection.
When prompted, enter in 30 and click on Snooze.

Double click on Combo-Fix.exe & follow the prompts.
    When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt along with a HijackThis log so we can continue cleaning the system.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

When completed the above, please post back the following in the order asked for:

  • Any problems encountered and or further symptoms ?
  • ComboFix Log.
  • A new HijackThis Log.
User avatar
Dakeyras
MRU Honors Graduate
MRU Honors Graduate
 
Posts: 8804
Joined: November 21st, 2007, 5:30 am
Location: The Tundra

Re: Spyware SillyBHO CJ .. Win32/SillyBHO.CJ [CA AV]

Unread postby anvosm » March 16th, 2009, 8:53 pm

Goodevening :)


I did as you requested, here are a copy of my logs, hopefully you will have good news for me.... ;)

Anne


ComboFix 09-03-15.01 - DEFAULT 2009-03-16 19:11:23.1 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.510.182 [GMT -5:00]
Running from: c:\documents and settings\DEFAULT\Desktop\Combo-Fix.exe
AV: CA Anti-Virus *On-access scanning enabled* (Outdated)
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\syssvc.exe
c:\windows\system\oeminfo.ini

.
((((((((((((((((((((((((( Files Created from 2009-02-16 to 2009-03-16 )))))))))))))))))))))))))))))))
.

2009-03-29 17:26 . 2009-03-29 17:26 <DIR> d-------- c:\program files\Trend Micro
2009-03-13 09:39 . 2009-03-13 09:39 54,156 --ah----- c:\windows\QTFont.qfn
2009-03-13 09:39 . 2009-03-13 09:39 1,409 --a------ c:\windows\QTFont.for
2009-03-11 19:22 . 2009-03-11 19:22 <DIR> d--hs---- C:\FOUND.008
2009-03-05 21:26 . 2009-03-05 21:26 <DIR> d-------- C:\rsit
2009-03-05 00:29 . 2009-03-05 00:29 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-03-05 00:29 . 2009-03-05 00:29 <DIR> d-------- c:\documents and settings\DEFAULT\Application Data\Malwarebytes
2009-03-05 00:29 . 2009-03-05 00:29 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-03-05 00:29 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-03-05 00:29 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-02-24 19:11 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll
2009-02-24 19:11 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui
2009-02-22 21:30 . 2008-12-18 15:14 879,760 --a------ c:\windows\system32\drivers\vetefile.sys
2009-02-22 21:30 . 2008-12-18 15:14 161,008 --a------ c:\windows\system32\drivers\vetmonnt.sys
2009-02-22 21:30 . 2008-12-18 15:14 111,856 --a------ c:\windows\system32\isafprod.dll
2009-02-22 21:30 . 2008-12-18 15:14 108,288 --a------ c:\windows\system32\drivers\veteboot.sys
2009-02-22 21:30 . 2008-12-18 15:14 26,352 --a------ c:\windows\system32\drivers\vet-filt.sys
2009-02-22 21:30 . 2008-12-18 15:14 21,488 --a------ c:\windows\system32\drivers\vetfddnt.sys
2009-02-22 21:30 . 2008-12-18 15:14 21,104 --a------ c:\windows\system32\drivers\vet-rec.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-01 21:33 410,984 ----a-w c:\windows\system32\deploytk.dll
2009-02-01 21:33 --------- d-----w c:\program files\Java
2008-12-18 20:14 99,568 ----a-w c:\windows\system32\ISafeIf.dll
2008-12-18 20:14 83,256 ----a-w c:\windows\system32\VetRedir.dll
2008-11-02 18:44 11,148 ----a-w c:\documents and settings\DEFAULT\Application Data\wklnhst.dat
2007-06-16 03:02 59,056 ----a-w c:\documents and settings\DEFAULT\Application Data\GDIPFONTCACHEV1.DAT
2007-01-01 07:13 0 ----a-w c:\documents and settings\Donald\Application Data\wklnhst.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2006-03-15 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-05 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2004-08-10 59392]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-02-10 155648]
"PRONoMgr.exe"="c:\program files\Intel\NCS\PROSet\PRONoMgr.exe" [2002-10-23 86016]
"CAVRID"="c:\program files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVRID.exe" [2008-12-18 271600]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-09-01 176128]
"HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2003-06-25 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-10-23 233472]
"DeviceDiscovery"="c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe" [2003-05-21 229437]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-01 136600]
"cctray"="c:\program files\CA\eTrust Internet Security Suite\casc.exe" [2009-03-29 374000]
"CAPPActiveProtection"="c:\program files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\CAPPActiveProtection.exe" [2009-03-29 324848]
"CaPPcl"="c:\program files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\CAAntiSpyware.exe" [2009-03-29 570608]
"SoundMan"="SOUNDMAN.EXE" [2003-04-24 c:\windows\SOUNDMAN.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-15 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2006-10-26 434528]

c:\documents and settings\DEFAULT\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
InterVideo WinCinema Manager.lnk - c:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2006-08-05 114688]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PFW]
2007-06-06 15:46 79368 c:\windows\system32\UmxWNP.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"= c:\windows\system32\..\fucxt.iye

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ComputerAssociatesAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\MSMSGS.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

R0 KmxStart;KmxStart;c:\windows\system32\drivers\KmxStart.sys [2009-01-05 107512]
R1 KmxAgent;KmxAgent;c:\windows\system32\drivers\KmxAgent.sys [2008-11-18 72696]
R2 ccSchedulerSVC;CA Common Scheduler Service;c:\program files\CA\eTrust Internet Security Suite\ccschedulersvc.exe [2009-02-15 128240]
R2 UmxAgent;HIPS Event Manager;c:\program files\CA\SharedComponents\HIPSEngine\UmxAgent.exe [2008-12-12 1153528]
R2 UmxCfg;HIPS Configuration Interpreter;c:\program files\CA\SharedComponents\HIPSEngine\UmxCfg.exe [2008-12-10 797176]
R2 UmxPol;HIPS Policy Manager;c:\program files\CA\SharedComponents\HIPSEngine\UmxPol.exe [2008-12-19 297464]
R3 KmxCfg;KmxCfg;c:\windows\system32\drivers\KmxCfg.sys [2008-12-12 205304]
R3 PPCtlPriv;PPCtlPriv;c:\program files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPCtlPriv.exe [2009-02-15 222448]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7f743dfb-3fe1-11d9-88b1-806d6172696f}]
\Shell\AutoRun\command - D:\autorun.exe
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-eTrustPPAP - c:\program files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ca/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
LSP: c:\windows\system32\VetRedir.dll
TCP: {CB0C6283-2840-409F-BF46-1CC7FE0F639A} = 216.252.64.75 216.252.64.76
FF - ProfilePath -
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-16 19:13:49
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-568730901-4070995279-2856520603-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1204)
c:\windows\system32\UmxWnp.Dll
c:\program files\CA\SharedComponents\PPRT\bin\CACheck.dll
c:\program files\CA\SharedComponents\PPRT\bin\CAHook.dll
c:\program files\CA\SharedComponents\PPRT\bin\CAServer.dll

- - - - - - - > 'lsass.exe'(1412)
c:\windows\system32\VetRedir.dll
c:\windows\system32\ISafeIf.dll
.
Completion time: 2009-03-16 19:15:23
ComboFix-quarantined-files.txt 2009-03-17 00:15:22

Pre-Run: 64,603,324,416 bytes free
Post-Run: 65,619,525,632 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

148


*********************************************

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:19:38 PM, on 3/16/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\ISafe.exe
C:\Program Files\CA\eTrust Internet Security Suite\ccschedulersvc.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\VetMsg.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\igfxtray.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVRID.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\CA\eTrust Internet Security Suite\ccprovsp.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPCtlPriv.exe
C:\WINDOWS\explorer.exe
C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\CAPPActiveProtection.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O1 - Hosts: 195.245.119.131 browser-security.microsoft.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] c:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\CAVRID.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [cctray] C:\Program Files\CA\eTrust Internet Security Suite\casc.exe
O4 - HKLM\..\Run: [CAPPActiveProtection] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\CAPPActiveProtection.exe"
O4 - HKLM\..\Run: [CaPPcl] C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\CAAntiSpyware.exe /scan /startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://www.ca.com/securityadvisor/pestscan/pestscan.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 9618271031
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 5445185281
O17 - HKLM\System\CCS\Services\Tcpip\..\{CB0C6283-2840-409F-BF46-1CC7FE0F639A}: NameServer = 216.252.64.75 216.252.64.76
O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\eTrust Internet Security Suite\ccprovsp.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\ISafe.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: CA Common Scheduler Service (ccSchedulerSVC) - Computer Associates International, Inc. - C:\Program Files\CA\eTrust Internet Security Suite\ccschedulersvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - c:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: PPCtlPriv - CA, Inc. - C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPCtlPriv.exe
O23 - Service: HIPS Event Manager (UmxAgent) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
O23 - Service: HIPS Configuration Interpreter (UmxCfg) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
O23 - Service: HIPS Policy Manager (UmxPol) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\eTrust Internet Security Suite\eTrust EZ Antivirus\VetMsg.exe

--
End of file - 9938 bytes
anvosm
Regular Member
 
Posts: 45
Joined: March 1st, 2009, 7:05 pm

Re: Spyware SillyBHO CJ .. Win32/SillyBHO.CJ [CA AV]

Unread postby anvosm » March 16th, 2009, 10:11 pm

Hi, me again,

After I posted my logs, I took a break and then came back and restarted my computer. My anti-spyware scan started and said I had 3 anti-spyware, this has not happened for quite some time.

I have copied my CA anti-spyware log and posted it below, I do hope that I am not having more difficulities.

Will await your reply in the morning.

Thanks
Anne

PS: I did delete the spyware immediately

*************************************************

CA Anti-Spyware Quarantined Spyware Report
This report was generated on: 3/16/2009-9:01:09 PM

3/16/2009 8:58:36 PM <<20090317015836>>
(0) KaZaA
hkey_users \s-1-5-21-568730901-4070995279-2856520603-1003\software\kazaa

() Bifrost
hkey_users \s-1-5-21-568730901-4070995279-2856520603-1003\software\wget

() WinSpywareProtect
hkey_users \s-1-5-21-568730901-4070995279-2856520603-1003\software\microsoft\windows\currentversion\drivers

3/16/2009 8:58:36 PM <<20090317015836>>
***End Report***
anvosm
Regular Member
 
Posts: 45
Joined: March 1st, 2009, 7:05 pm
Advertisement
Register to Remove

PreviousNext

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 296 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware