Solved Search Redirect Virus Help Needed

Status
Not open for further replies.

amg123

Posts: 18   +0
Hi, it looks like I have the search redirect virus (affecting all search sites I visit), and have tried MBAM, SuperAntiSpyware, and McAfee AntiVirus -- none have helped.
MBAM made it go away for a few hours, but it came back.

Below are the logs from MBAM and DSS. GMER log is too big to fit into one post and too big for one attachment so I am following up with the GMER log split into two attachments in the next post.

Thanks in advance!


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4052

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

10/16/2010 4:03:31 PM
mbam-log-2010-10-16 (16-03-31).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 211320
Time elapsed: 1 hour(s), 25 minute(s), 25 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{afd4ad01-58c1-47db-a404-fbe00a6c5486} (Trojan.BHO) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Program Files\Shared\lib.sig (Adware.Deepdive) -> No action taken.



DDS (Ver_10-10-10.03) - NTFSx86
Run by Andre at 8:58:55.59 on Sun 10/17/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.385 [GMT -5:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\UStorSrv.exe
C:\WINDOWS\system32\dllhost.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\NetWaiting\netWaiting.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Documents and Settings\Andre\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.comcast.net?cid=NET_mmhpset
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5060912
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.5.0_06\bin\ssv.dll
BHO: Comcast Toolbar: {79ceea4e-c231-4614-9e3b-53b2a02f39b7} - c:\program files\comcasttb\comcastdx.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Comcast Toolbar: {79ceea4e-c231-4614-9e3b-53b2a02f39b7} - c:\program files\comcasttb\comcastdx.dll
TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [ModemOnHold] c:\program files\netwaiting\netWaiting.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [EasyLinkAdvisor] "c:\program files\linksys easylink advisor\LinksysAgent.exe" /startup
uRun: [ComcastAntispyClient] "c:\program files\comcasttb\comcastspywarescan\ComcastAntispy.exe" /hide
uRun: [Google Update] "c:\documents and settings\andre\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [Dell QuickSet] c:\program files\dell\quickset\quickset.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [Acrobat Assistant 7.0] "c:\program files\adobe\acrobat 7.0\distillr\Acrotray.exe"
mRun: [<NO NAME>]
mRun: [QuickFinder Scheduler] "c:\program files\wordperfect office x3\programs\QFSCHD130.EXE"
mRun: [ddoctorv2] "c:\program files\comcast\desktop doctor\bin\sprtcmd.exe" /P ddoctorv2
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [PaperPort PTD] "c:\program files\scansoft\paperport\pptd40nt.exe"
mRun: [IndexSearch] "c:\program files\scansoft\paperport\IndexSearch.exe"
mRun: [PPort11reminder] "c:\program files\scansoft\paperport\ereg\ereg.exe" -r "c:\documents and settings\all users\application data\scansoft\paperport\11\config\ereg\Ereg.ini"
mRun: [BrMfcWnd] c:\program files\brother\brmfcmon\BrMfcWnd.exe /AUTORUN
mRun: [ControlCenter3] c:\program files\brother\controlcenter3\brctrcen.exe /autorun
mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobea~1.lnk - c:\windows\installer\{ac76ba86-1033-0000-ba7e-100000000002}\SC_Acrobat.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\servic~1.lnk - c:\program files\microsoft sql server\80\tools\binn\sqlmangr.exe
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Open with WordPerfect - c:\program files\wordperfect office x3\programs\WPLauncher.hta
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_06\bin\ssv.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: {15E31F81-702C-48F8-97B1-75AE9155B5E3} - hxxps://remote.lw.com/TSWebCtl.CAB
DPF: {30439117-02CA-4FBA-ADAF-84C2D8E2004D} - hxxps://remote.lw.com/v3rdpchk.cab
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://www1.snapfish.com/SnapfishActivia.cab
DPF: {4ECE056F-E50F-4F9D-B069-EB342D21F26A} - hxxp://www1.snapfish.com/SnapfishActivia3.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
Filter: text/html - {26e86495-885c-4534-af34-09236e637dfa} -
Notify: igfxcui - igfxdev.dll

============= SERVICES / DRIVERS ===============

R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-5-13 214664]
R2 AntiSpywareService;Comcast AntiSpyware;c:\program files\comcasttb\comcastspywarescan\ComcastAntiSpyService.exe [2009-6-17 616408]
R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2010-10-13 359952]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2010-10-13 144704]
R3 Eacfilt;Eacfilt Miniport;c:\windows\system32\drivers\eacfilt.sys [2008-1-18 9161]
R3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2010-10-13 606736]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2010-10-13 79816]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2010-10-13 35272]
R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2010-10-13 40552]
RUnknown SASDIFSV;SASDIFSV; [x]
RUnknown SASKUTIL;SASKUTIL; [x]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-5 135664]
S2 IPSECEXT;Nortel Extranet Access Protocol;c:\windows\system32\drivers\ipsecw2k.sys [2008-1-18 114016]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2010-10-13 34248]

=============== Created Last 30 ================

2010-10-16 19:23:15 -------- d-----w- c:\docume~1\andre\applic~1\Malwarebytes
2010-10-16 19:18:28 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-16 19:18:26 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-16 19:18:26 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-10-16 19:18:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-14 17:40:58 954368 ------w- c:\windows\system32\dllcache\mfc40.dll
2010-10-14 17:40:57 974848 ------w- c:\windows\system32\dllcache\mfc42.dll
2010-10-14 17:40:57 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll
2010-10-14 17:40:44 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
2010-10-14 00:33:41 79816 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2010-10-14 00:33:41 40552 ----a-w- c:\windows\system32\drivers\mfesmfk.sys
2010-10-14 00:33:41 35272 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2010-10-14 00:33:28 120136 ----a-w- c:\windows\system32\drivers\Mpfp.sys
2010-10-14 00:31:57 -------- d-----w- c:\program files\common files\McAfee
2010-10-14 00:31:53 -------- d-----w- c:\program files\McAfee.com
2010-10-14 00:31:18 -------- d-----w- c:\program files\McAfee
2010-10-14 00:30:00 34248 ----a-w- c:\windows\system32\drivers\mferkdk.sys
2010-10-13 04:40:23 -------- d-----w- c:\docume~1\andre\locals~1\applic~1\Scansoft
2010-10-13 03:37:13 -------- d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2010-10-12 01:29:43 -------- d-----w- C:\QUARANTINE
2010-10-11 17:19:47 57344 ----a-w- c:\windows\system32\BRSVC01A.EXE
2010-10-11 17:19:47 45056 ----a-w- c:\windows\system32\BRSS01A.EXE
2010-10-11 17:15:30 733184 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iKernel.dll
2010-10-11 17:15:30 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\ctor.dll
2010-10-11 17:15:30 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\DotNetInstaller.exe
2010-10-11 17:15:30 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iscript.dll
2010-10-11 17:15:30 172032 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iuser.dll
2010-10-11 17:15:29 303236 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\setup.dll
2010-10-11 17:15:29 180356 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iGdi.dll
2010-10-08 22:34:45 -------- d-----r- c:\docume~1\andre\applic~1\Brother
2010-10-08 22:12:19 6784 ----a-w- c:\windows\system32\drivers\serscan.sys
2010-10-08 22:12:19 6784 ----a-w- c:\windows\system32\dllcache\serscan.sys
2010-10-08 22:09:59 131072 ----a-w- c:\windows\brunin03.dll
2010-10-08 22:09:59 -------- d-----w- c:\program files\Brother
2010-10-08 22:06:07 -------- d-----w- c:\program files\Nuance
2010-10-08 22:03:01 -------- d-----w- c:\program files\common files\ScanSoft Shared
2010-10-08 22:02:40 -------- d-----w- c:\program files\ScanSoft
2010-10-08 22:00:40 -------- d-----w- c:\docume~1\alluse~1\applic~1\Brother
2010-10-01 22:33:52 -------- d-----w- c:\docume~1\andre\applic~1\Jaran Nilsen
2010-10-01 22:33:38 -------- d-----w- c:\program files\iTunes Agent

==================== Find3M ====================

2010-09-18 17:23:26 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53:25 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53:25 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53:25 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-14 18:35:39 5798 --sha-w- c:\windows\system32\KGyGaAvL.sys
2010-09-10 05:58:08 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:58:06 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:58:06 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-09-01 11:51:14 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-08-31 13:42:52 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:02:29 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57:43 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-26 12:52:45 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-23 16:12:04 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-17 13:17:06 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-16 08:45:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-08-10 10:15:58 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-08-10 10:15:58 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-07-27 23:44:10 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-07-27 23:44:10 197920 ----a-w- c:\windows\system32\dnssdX.dll
2010-07-27 23:44:10 107808 ----a-w- c:\windows\system32\dns-sd.exe

============= FINISH: 9:00:40.42 ===============



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-10-10.03)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 9/18/2006 6:40:27 PM
System Uptime: 10/17/2010 8:46:24 AM (1 hours ago)

Motherboard: Dell Inc. | | 0KD882
Processor: Genuine Intel(R) CPU T2050 @ 1.60GHz | Microprocessor | 1595/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 37 GiB total, 4.773 GiB free.
D: is FIXED (NTFS) - 13 GiB total, 12.47 GiB free.
E: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1: 10/12/2010 11:40:17 PM - System Checkpoint
RP2: 10/13/2010 7:28:45 PM - Removed McAfee VirusScan Enterprise
RP3: 10/14/2010 8:02:16 PM - System Checkpoint
RP4: 10/14/2010 9:48:24 PM - Software Distribution Service 3.0
RP5: 10/16/2010 9:50:46 PM - System Checkpoint

==== Installed Programs ======================

3300 Software Uninstall
ABBYY FineReader 6.0 Sprint
Adobe Acrobat 7.0 Standard
Adobe Acrobat 7.1.0 Standard
Adobe Flash Player 10 ActiveX
Adobe Reader 7.0.8
AOLIcon
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATT-PRT22
Bonjour
Broadcom Management Programs
Brother BRAdmin Light 1.12
Brother Driver Deployment Wizard
Brother MFL-Pro Suite
CA Pest Patrol Realtime Protection
Citrix ICA Client
Citrix ICA Client ( Accessories )
Citrix XenApp Plugin for Hosted Apps
Comcast Desktop Software (v1.2.0.9)
Comcast High-Speed Internet Install Wizard
Comcast Toolbar 3.0
Compatibility Pack for the 2007 Office system
Conexant HDA D110 MDC V.92 Modem
Corel Paint Shop Pro Photo XI
Corel WordPerfect Office - iFilter
Dell Digital Jukebox Driver
Dell Support 3.1
Dell System Restore
Dell Wireless WLAN Card
DellConnect
Desktop Doctor
Digital Content Portal
Digital Line Detect
Documentation & Support Launcher
Drivers Install For Linksys Easylink Advisor
EarthLink setup files
EducateU
ELIcon
ESPNMotion
Games, Music, & Photos Launcher
GemMaster Mystic
Google Chrome
Google Toolbar for Internet Explorer
High Definition Audio Driver Package - KB835221
Hotfix 2055 for SQL Server 2000 ENU (KB960082)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Imation Disk Manager V a Service
Intel(R) Graphics Media Accelerator Driver
Internet Dialer
Internet Service Offers Launcher
iTunes
iTunes Agent 1.3.3
J2SE Runtime Environment 5.0 Update 6
Jasc Paint Shop Photo Album 5
Jasc Paint Shop Pro Studio, Dell Editon
Juniper Terminal Services Client
Learn2 Player (Uninstall Only)
Linksys EasyLink Advisor 1.6 (0032)
LiveUpdate 2.6 (Symantec Corporation)
Malwarebytes' Anti-Malware
McAfee SecurityCenter
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Outlook 2003 with Business Contact Manager Update
Microsoft Office Professional Edition 2003
Microsoft Office Small Business Edition 2003
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Silverlight
Microsoft SQL Server Desktop Engine (MICROSOFTSMLBIZ)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Modem Helper
Move Networks Media Player for Internet Explorer
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
NetWaiting
NetZeroInstallers
Nortel Networks Contivity VPN Client
Otto
PaperPort Image Printer
PowerDVD 5.7
QuickSet
QuickTime
RealPlayer Basic
ScanSoft PaperPort 11
ScrewDrivers Client v3
SearchAssist
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Sonic DLA
Sonic Encoders
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Synaptics Pointing Device Driver
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB972636)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
v3 RDP Only Web Push (nstl chk)
Viewpoint Media Player
WebCyberCoach 3.2 Dell
WebFldrs XP
WinAVI Video Converter
Windows Genuine Advantage Notifications (KB905474)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format Runtime
Windows Media Player 10
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB908250
Windows XP Media Center Edition 2005 KB912067
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
WordPerfect Office 2002 Professional
WordPerfect Office X3

==== Event Viewer Messages From Past Week ========

10/16/2010 8:04:27 PM, error: Service Control Manager [7034] - The McciCMService service terminated unexpectedly. It has done this 1 time(s).
10/16/2010 8:04:27 PM, error: Service Control Manager [7034] - The CA Pest Patrol Realtime Protection Service service terminated unexpectedly. It has done this 1 time(s).
10/16/2010 8:04:27 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
10/16/2010 8:04:26 PM, error: Service Control Manager [7034] - The Dell Wireless WLAN Tray Service service terminated unexpectedly. It has done this 1 time(s).
10/16/2010 8:04:26 PM, error: Service Control Manager [7034] - The Comcast AntiSpyware service terminated unexpectedly. It has done this 1 time(s).
10/16/2010 8:04:26 PM, error: Service Control Manager [7034] - The BrSplService service terminated unexpectedly. It has done this 1 time(s).
10/16/2010 8:04:26 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
10/16/2010 1:44:54 PM, error: System Error [1003] - Error code 00000024, parameter1 001902fe, parameter2 f7a380b4, parameter3 f7a37db0, parameter4 85f50852.
10/11/2010 7:59:27 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
10/11/2010 12:11:25 PM, error: Print [6161] - The document Microsoft Word - New wireless key.doc owned by Andre failed to print on printer Brother MFC-7840W Printer. Data type: NT EMF 1.008. Size of the spool file in bytes: 65536. Number of bytes printed: 0. Total number of pages in the document: 1. Number of pages printed: 0. Client machine: \\BUBBLE. Win32 error code returned by the print processor: 123 (0x7b).
10/11/2010 12:11:05 PM, error: Print [6161] - The document Microsoft Word - Quebec.doc owned by Andre failed to print on printer Brother MFC-7840W Printer. Data type: NT EMF 1.008. Size of the spool file in bytes: 65536. Number of bytes printed: 0. Total number of pages in the document: 1. Number of pages printed: 0. Client machine: \\BUBBLE. Win32 error code returned by the print processor: 123 (0x7b).
10/11/2010 10:38:21 AM, error: Print [6161] - The document Microsoft Word - New wireless key.doc owned by Andre failed to print on printer Brother MFC-7840W Printer. Data type: NT EMF 1.008. Size of the spool file in bytes: 7752. Number of bytes printed: 0. Total number of pages in the document: 1. Number of pages printed: 0. Client machine: \\BUBBLE. Win32 error code returned by the print processor: 123 (0x7b).
10/11/2010 1:37:59 PM, error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\D.
10/11/2010 1:23:12 PM, error: Service Control Manager [7034] - The Network Associates McShield service terminated unexpectedly. It has done this 1 time(s).
10/11/2010 1:06:36 PM, error: Service Control Manager [7016] - The BrSplService service has reported an invalid current state 0.

==== End Of File ===========================
 
The GMER Logs are attached

It was too big for one attachment so I split it into two.
 

Attachments

  • GMER Part 2.txt
    107.9 KB · Views: 1
  • GMER Part 1.txt
    108.5 KB · Views: 1
Your MBAM log says "No action taken" after each line.
Please, re-run it, FIX all issues and post new log.

==========================================================================

If you need to split some log(s) into more than 2 replies, please do so.
It'll save me some time, so I don't have to do it for you.

=========================================================================

GMER 1.0.15.15319 - http://www.gmer.net
Rootkit scan 2010-10-17 11:58:58
Windows 5.1.2600 Service Pack 3
Running: 3zxt5rnq.exe; Driver: C:\DOCUME~1\Andre\LOCALS~1\Temp\pwtdqpoc.sys


---- User code sections - GMER 1.0.15 ----

.text C:\WINDOWS\Explorer.EXE[1004] kernel32.dll!CreateProcessInternalW 7C8197B0 5 Bytes JMP 00B485CB

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\System32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\System32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\System32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\System32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ c:\windows\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ c:\windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ c:\windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ c:\windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ c:\windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!CreateProcessAsUserA] [10010380] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[292] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
 
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[400] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[820] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [00FDF890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [00FDFD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!FreeLibrary] [00FDFA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [00FDFFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [00FDFD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [00FE01B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [00FDFA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [00FDFFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [00FDF890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [00FDFFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [00FE01B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [00FDF890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [00FDFA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [00FDFFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [00FE01B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [00FDF890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [00FDFA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [00FDFD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [00FE0910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [00FDFFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [00FDF890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [00FE01B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [00FDFA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [00FDFD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [00FDFFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [00FDFA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [00FDF890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [00FE01B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [00FDF890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [00FDFFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [00FDFA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [00FE01B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [00FDFD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [00FDFB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [00FE0910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [00FDF890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [00FDFFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [00FDFA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [00FE0740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [00FE0910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [00FE0560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [00FDFFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [00FE0910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [00FE01B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [00FDF890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [00FDFD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [00FDFA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [00FDFB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [00FDFB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [00FDFD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [00FE01B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [00FE0740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [00FE0910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [00FDFA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [00FDFFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [00FDF890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [00FE0560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [00FE01B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [00FDFB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [00FE0910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [00FDF890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [00FDFA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [00FDFFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ c:\windows\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [00FE01B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ c:\windows\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [00FDFFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ c:\windows\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] [00FDFA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ c:\windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [00FDF890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] [00FDFA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [00FDF890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [00FDFFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [00FDFB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [00FDFD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [00FDF890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [00FDFFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [00FDFA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [00FDFA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [00FDFFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [00FDF890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] [00FDFA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [00FDF890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [00FDFFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [00FDFFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [00FDFA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[856] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [00FDF890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
 
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[924] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!CreateProcessAsUserA] [10010380] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[1004] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
 
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!CreateProcessAsUserA] [10010380] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1304] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\winlogon.exe [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\shell32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\winlogon.exe[1668] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
 
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[1720] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ c:\windows\system32\rpcss.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ c:\windows\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ c:\windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ c:\windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ c:\windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ c:\windows\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ c:\windows\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ c:\windows\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ c:\windows\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ c:\windows\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ c:\windows\system32\rpcss.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
 
IAT C:\WINDOWS\system32\svchost.exe[1976] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1976] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\dllhost.exe[2072] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\msiexec.exe[2552] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

Device \FileSystem\Fastfat \Fat A8AB9D20
Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Cdfs \Cdfs tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)

---- EOF - GMER 1.0.15 ----
 
New MBAM Log

Thanks for your help. The new MBAM log is below.


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4052

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

10/17/2010 8:26:02 PM
mbam-log-2010-10-17 (20-26-02).txt

Scan type: Quick scan
Objects scanned: 138355
Time elapsed: 18 minute(s), 27 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
 
Good :)

Download MBRCheck to your desktop

Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
It will show a black screen with some data on it.
Enter N to exit.
A report called MBRcheckxxxx.txt will be on your desktop
Open this report and post its content in your next reply.
 
MBRCheck Log - Thanks!

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 154):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E4000 \WINDOWS\system32\hal.dll
0xF7AFD000 \WINDOWS\system32\KDCOM.DLL
0xF7A0D000 \WINDOWS\system32\BOOTVID.dll
0xF74CE000 ACPI.sys
0xF7AFF000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF74BD000 pci.sys
0xF75FD000 isapnp.sys
0xF7A11000 compbatt.sys
0xF7A15000 \WINDOWS\system32\DRIVERS\BATTC.SYS
0xF7BC5000 pciide.sys
0xF787D000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF760D000 MountMgr.sys
0xF749E000 ftdisk.sys
0xF7478000 dmio.sys
0xF7885000 PartMgr.sys
0xF761D000 VolSnap.sys
0xF7460000 atapi.sys
0xF762D000 disk.sys
0xF763D000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF7440000 fltmgr.sys
0xF742E000 sr.sys
0xF7419000 drvmcdb.sys
0xF7402000 KSecDD.sys
0xF7375000 Ntfs.sys
0xF7348000 NDIS.sys
0xF764D000 ohci1394.sys
0xF765D000 \WINDOWS\system32\DRIVERS\1394BUS.SYS
0xF732E000 Mup.sys
0xF76FD000 \SystemRoot\system32\DRIVERS\nic1394.sys
0xF784D000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xF7AE1000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0xF6DFC000 \SystemRoot\system32\DRIVERS\ialmnt5.sys
0xF6DE8000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF6DC0000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xF6D58000 \SystemRoot\system32\DRIVERS\bcmwl5.sys
0xF798D000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xF6D34000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF7995000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF785D000 \SystemRoot\system32\DRIVERS\bcm4sbxp.sys
0xF6D20000 \SystemRoot\system32\DRIVERS\sdbus.sys
0xF799D000 \SystemRoot\system32\DRIVERS\rimmptsk.sys
0xF786D000 \SystemRoot\system32\DRIVERS\rimsptsk.sys
0xF6CD4000 \SystemRoot\system32\DRIVERS\rixdptsk.sys
0xF767D000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xF6CA5000 \SystemRoot\system32\DRIVERS\SynTP.sys
0xF7B29000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF79A5000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF79AD000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF768D000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF7B2B000 \SystemRoot\system32\drivers\sscdbhk5.sys
0xF769D000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF76AD000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF6C82000 \SystemRoot\system32\DRIVERS\ks.sys
0xF79B5000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0xF7B2D000 \SystemRoot\system32\DRIVERS\serscan.sys
0xF7BE0000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF76BD000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF7AF5000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF6C6B000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF76CD000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF76DD000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF79BD000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF6C5A000 \SystemRoot\system32\DRIVERS\psched.sys
0xF76ED000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF79C5000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF79CD000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF72FA000 \SystemRoot\system32\DRIVERS\eacfilt.sys
0xF6C3F000 \SystemRoot\system32\DRIVERS\ipsecw2k.sys
0xF6C0F000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xF770D000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF7B2F000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF6B11000 \SystemRoot\system32\DRIVERS\update.sys
0xF72F2000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF79D5000 \SystemRoot\system32\DRIVERS\omci.sys
0xF771D000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xAA667000 \SystemRoot\system32\drivers\sthda.sys
0xAA643000 \SystemRoot\system32\drivers\portcls.sys
0xF773D000 \SystemRoot\system32\drivers\drmk.sys
0xAA611000 \SystemRoot\system32\DRIVERS\HSFHWAZL.sys
0xAA514000 \SystemRoot\system32\DRIVERS\HSF_DPV.sys
0xAA464000 \SystemRoot\system32\DRIVERS\HSF_CNXT.sys
0xF79DD000 \SystemRoot\System32\Drivers\Modem.SYS
0xF774D000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF7AC1000 \SystemRoot\System32\Drivers\i2omgmt.SYS
0xF7B3D000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7CEC000 \SystemRoot\System32\Drivers\Null.SYS
0xF7B3F000 \SystemRoot\System32\Drivers\Beep.SYS
0xF79ED000 \SystemRoot\system32\drivers\ssrtln.sys
0xF79F5000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xF79FD000 \SystemRoot\System32\drivers\vga.sys
0xF7B41000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF7B43000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF7A05000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF7895000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF7AC9000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xAA052000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xA9FF9000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xA9FD2000 \SystemRoot\System32\Drivers\Mpfp.sys
0xA9FAC000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xF775D000 \SystemRoot\system32\DRIVERS\ipfltdrv.sys
0xA9F84000 \SystemRoot\system32\DRIVERS\netbt.sys
0xA9F62000 \SystemRoot\System32\drivers\afd.sys
0xF776D000 \SystemRoot\system32\DRIVERS\netbios.sys
0xA9F37000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xA9EC7000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xA9E94000 \SystemRoot\system32\drivers\mfehidk.sys
0xF778D000 \SystemRoot\System32\Drivers\Fips.SYS
0xF779D000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xF77AD000 \SystemRoot\system32\DRIVERS\arp1394.sys
0xF6AF5000 \SystemRoot\SYSTEM32\DRIVERS\APPDRV.SYS
0xF77CD000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xA9DB4000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF7B51000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xAA330000 \SystemRoot\System32\drivers\Dxapi.sys
0xF78AD000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF7BE2000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF020000 \SystemRoot\System32\ialmdnt5.dll
0xBF012000 \SystemRoot\System32\ialmrnt5.dll
0xBF042000 \SystemRoot\System32\ialmdev5.DLL
0xBF077000 \SystemRoot\System32\ialmdd5.DLL
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xF6B9F000 \SystemRoot\system32\drivers\drvnddm.sys
0xF7C1B000 \SystemRoot\system32\dla\tfsndres.sys
0xA9C5E000 \SystemRoot\system32\dla\tfsnifs.sys
0xA9D84000 \SystemRoot\system32\dla\tfsnopio.sys
0xF7B5B000 \SystemRoot\system32\dla\tfsnpool.sys
0xF78C5000 \SystemRoot\system32\dla\tfsnboio.sys
0xF6B8F000 \SystemRoot\system32\dla\tfsncofs.sys
0xF7C1C000 \SystemRoot\system32\dla\tfsndrct.sys
0xA9C45000 \SystemRoot\system32\dla\tfsnudf.sys
0xA9C2C000 \SystemRoot\system32\dla\tfsnudfa.sys
0xF78DD000 \SystemRoot\system32\DRIVERS\elagopro.sys
0xA9C94000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA99A7000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xF7B8D000 \SystemRoot\System32\Drivers\ASCTRM.SYS
0xF7B91000 \SystemRoot\system32\DRIVERS\elaunidr.sys
0xA9786000 \SystemRoot\System32\Drivers\HTTP.sys
0xA963E000 \SystemRoot\system32\DRIVERS\srv.sys
0xA94AA000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0xF793D000 \SystemRoot\system32\drivers\mfebopk.sys
0xA8D1C000 \SystemRoot\system32\drivers\mfeavfk.sys
0xA9B0C000 \SystemRoot\system32\drivers\mfesmfk.sys
0xA8BEF000 \SystemRoot\system32\drivers\wdmaud.sys
0xA9D04000 \SystemRoot\system32\drivers\sysaudio.sys
0xF7B27000 \SystemRoot\system32\drivers\splitter.sys
0xA8BCC000 \SystemRoot\system32\drivers\aec.sys
0xA8C44000 \SystemRoot\system32\drivers\swmidi.sys
0xA930E000 \SystemRoot\system32\drivers\DMusic.sys
0xA8BA1000 \SystemRoot\system32\drivers\kmixer.sys
0xF7C04000 \SystemRoot\system32\drivers\drmkaud.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 80):
0 System Idle Process
4 System
1604 C:\WINDOWS\system32\smss.exe
1656 csrss.exe
1680 C:\WINDOWS\system32\winlogon.exe
1732 C:\WINDOWS\system32\services.exe
1744 C:\WINDOWS\system32\lsass.exe
1948 C:\WINDOWS\system32\svchost.exe
1996 svchost.exe
316 C:\WINDOWS\system32\svchost.exe
488 svchost.exe
880 svchost.exe
1052 C:\WINDOWS\system32\WLTRYSVC.EXE
1064 C:\WINDOWS\system32\BCMWLTRY.EXE
1220 C:\WINDOWS\system32\BRSVC01A.EXE
1236 C:\WINDOWS\system32\spoolsv.exe
1280 C:\WINDOWS\system32\BRSS01A.EXE
1348 svchost.exe
1400 C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
1432 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1464 C:\Program Files\Bonjour\mDNSResponder.exe
1484 C:\WINDOWS\ehome\ehrecvr.exe
1524 C:\WINDOWS\ehome\ehSched.exe
492 C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
544 C:\Program Files\Common Files\Motive\McciCMService.exe
752 C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
784 C:\PROGRA~1\COMMON~1\McAfee\MNA\McNASvc.exe
868 C:\PROGRA~1\COMMON~1\McAfee\McProxy\McProxy.exe
908 C:\PROGRA~1\McAfee\VIRUSS~1\Mcshield.exe
1116 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
1360 C:\Program Files\McAfee\MPF\MpfSrv.exe
1476 C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
1636 C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
1896 C:\WINDOWS\system32\PSIService.exe
2072 locator.exe
2112 C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
2236 svchost.exe
2264 C:\WINDOWS\system32\svchost.exe
2440 C:\WINDOWS\system32\UStorSrv.exe
2984 mcrdsvc.exe
3420 wmiprvse.exe
3908 C:\WINDOWS\system32\dllhost.exe
2680 alg.exe
2356 C:\WINDOWS\system32\svchost.exe
3012 C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
1044 C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
3384 C:\WINDOWS\explorer.exe
2360 C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
3876 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
608 C:\WINDOWS\stsystra.exe
620 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
2232 C:\WINDOWS\system32\igfxpers.exe
2904 C:\WINDOWS\system32\hkcmd.exe
2576 C:\WINDOWS\ehome\ehtray.exe
3948 C:\WINDOWS\system32\igfxsrvc.exe
2652 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
260 C:\WINDOWS\system32\dla\tfswctrl.exe
3644 C:\WINDOWS\ehome\ehmsas.exe
3256 C:\Program Files\Dell\QuickSet\quickset.exe
3332 C:\WINDOWS\system32\ctfmon.exe
3008 C:\WINDOWS\system32\WLTRAY.EXE
1144 C:\WINDOWS\system32\msiexec.exe
208 C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
368 C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
3432 C:\Program Files\iTunes\iTunesHelper.exe
3884 C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
1900 C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
3720 C:\Program Files\NetWaiting\netwaiting.exe
3816 C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
2408 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
2296 C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
2096 C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
896 C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
3960 C:\Program Files\Digital Line Detect\DLG.exe
3920 C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
760 C:\Program Files\iPod\bin\iPodService.exe
3800 C:\Documents and Settings\Andre\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
3272 C:\Documents and Settings\Andre\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
1156 C:\Documents and Settings\Andre\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
3680 C:\Documents and Settings\Andre\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`02f10c00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000009`53198a00 (NTFS)

PhysicalDrive0 Model Number: HitachiHTS541060G9SA00, Rev: MB3OC60R

Size Device Name MBR Status
--------------------------------------------
54 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 86489E3B39BA71CCD7428B67894DE6732DFFF0C8


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!
 
Your MBR seems to be infected.

Please download NTBR by noahdfear and save it to your Desktop.
File size: 2.44 MB (2,565,432 bytes)

  • Place a blank CD in your CD drive.
  • Double click on NTBR_CD.exe file and a folder of the same name will appear.
  • Open the folder and double click on BurnItCD.cmd file. If your CD drive will open, simply close it back.
  • Follow the prompts to burn the CD.
  • Now you will need to set the CD-Rom as first boot device if it isn't already (if you don't know how to do it, see HERE)
  • If you have any questions about this step, ask before you proceed. If you enter the BIOS and are unsure if you have carried out the step correctly, there should be an option to exit without keeping changes, so you won't do any harm.
  • Insert the newly created CD into your infected PC and reboot your computer.
  • Once you have rebooted please press Enter when prompted to continue booting from CD - you have a whole 15 seconds to do this!
  • Read the warning and then continue as prompted.
  • You first need to select your keyboard layout - press Enter for English.
  • Next you want to select the appropriate tool. Enter 1 to choose 1. MBRWORK
  • On the following screen enter 5 to select Install Standard MBR code.
  • Enter 1 to overwrite the infected MBR Code with the Standard MBR code.
  • When asked to confirm please do so.
  • Afterwards, please enter E to leave MBRWORK, then 6 to leave the bootable CD.
  • Eject the disc and then press ctrl+alt+del to reboot the PC.
Once rebooted, run MBRCheck again and post its log.
 
New MBRCheck Log

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000001c

Kernel Drivers (total 148):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806E4000 \WINDOWS\system32\hal.dll
0xF7AFD000 \WINDOWS\system32\KDCOM.DLL
0xF7A0D000 \WINDOWS\system32\BOOTVID.dll
0xF74CE000 ACPI.sys
0xF7AFF000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF74BD000 pci.sys
0xF75FD000 isapnp.sys
0xF7A11000 compbatt.sys
0xF7A15000 \WINDOWS\system32\DRIVERS\BATTC.SYS
0xF7BC5000 pciide.sys
0xF787D000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF760D000 MountMgr.sys
0xF749E000 ftdisk.sys
0xF7478000 dmio.sys
0xF7885000 PartMgr.sys
0xF761D000 VolSnap.sys
0xF7460000 atapi.sys
0xF762D000 disk.sys
0xF763D000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF7440000 fltmgr.sys
0xF742E000 sr.sys
0xF7419000 drvmcdb.sys
0xF7402000 KSecDD.sys
0xF7375000 Ntfs.sys
0xF7348000 NDIS.sys
0xF764D000 ohci1394.sys
0xF765D000 \WINDOWS\system32\DRIVERS\1394BUS.SYS
0xF732E000 Mup.sys
0xF771D000 \SystemRoot\system32\DRIVERS\nic1394.sys
0xF767D000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xF7AF1000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0xF6E1E000 \SystemRoot\system32\DRIVERS\ialmnt5.sys
0xF6E0A000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF6DE2000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xF6D7A000 \SystemRoot\system32\DRIVERS\bcmwl5.sys
0xF798D000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xF6D56000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF7995000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF768D000 \SystemRoot\system32\DRIVERS\bcm4sbxp.sys
0xF6D42000 \SystemRoot\system32\DRIVERS\sdbus.sys
0xF799D000 \SystemRoot\system32\DRIVERS\rimmptsk.sys
0xF769D000 \SystemRoot\system32\DRIVERS\rimsptsk.sys
0xF6CF6000 \SystemRoot\system32\DRIVERS\rixdptsk.sys
0xF76AD000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xF6CC7000 \SystemRoot\system32\DRIVERS\SynTP.sys
0xF7B2D000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF79A5000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF79AD000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF76BD000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF7B2F000 \SystemRoot\system32\drivers\sscdbhk5.sys
0xF76CD000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF76DD000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF6CA4000 \SystemRoot\system32\DRIVERS\ks.sys
0xF79B5000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0xF7B31000 \SystemRoot\system32\DRIVERS\serscan.sys
0xF7BEB000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF76ED000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF7302000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF6C8D000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF76FD000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF770D000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF79BD000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xF6C7C000 \SystemRoot\system32\DRIVERS\psched.sys
0xF772D000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF79C5000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF79CD000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF72F2000 \SystemRoot\system32\DRIVERS\eacfilt.sys
0xF6C61000 \SystemRoot\system32\DRIVERS\ipsecw2k.sys
0xF6C31000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xF773D000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF7B33000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF6B33000 \SystemRoot\system32\DRIVERS\update.sys
0xF6F90000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF79D5000 \SystemRoot\system32\DRIVERS\omci.sys
0xF775D000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xAA667000 \SystemRoot\system32\drivers\sthda.sys
0xAA643000 \SystemRoot\system32\drivers\portcls.sys
0xF777D000 \SystemRoot\system32\drivers\drmk.sys
0xAA4E1000 \SystemRoot\system32\DRIVERS\HSFHWAZL.sys
0xAA3E4000 \SystemRoot\system32\DRIVERS\HSF_DPV.sys
0xAA334000 \SystemRoot\system32\DRIVERS\HSF_CNXT.sys
0xF79DD000 \SystemRoot\System32\Drivers\Modem.SYS
0xF778D000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF7ADD000 \SystemRoot\System32\Drivers\i2omgmt.SYS
0xF7B45000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7D14000 \SystemRoot\System32\Drivers\Null.SYS
0xF7B47000 \SystemRoot\System32\Drivers\Beep.SYS
0xF79F5000 \SystemRoot\system32\drivers\ssrtln.sys
0xF79FD000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xF7A05000 \SystemRoot\System32\drivers\vga.sys
0xF7B49000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF7B4B000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF7895000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF790D000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF7AE5000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xAA052000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xA9FF9000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xA9FD2000 \SystemRoot\System32\Drivers\Mpfp.sys
0xA9FAC000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xF779D000 \SystemRoot\system32\DRIVERS\ipfltdrv.sys
0xA9F84000 \SystemRoot\system32\DRIVERS\netbt.sys
0xA9F62000 \SystemRoot\System32\drivers\afd.sys
0xF77AD000 \SystemRoot\system32\DRIVERS\netbios.sys
0xA9F37000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xA9EC7000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xA9E94000 \SystemRoot\system32\drivers\mfehidk.sys
0xF77CD000 \SystemRoot\System32\Drivers\Fips.SYS
0xF77DD000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xF77ED000 \SystemRoot\system32\DRIVERS\arp1394.sys
0xF7AA1000 \SystemRoot\SYSTEM32\DRIVERS\APPDRV.SYS
0xF783D000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xA9DB4000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF7B57000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xAA304000 \SystemRoot\System32\drivers\Dxapi.sys
0xF78D5000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF7C3F000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF020000 \SystemRoot\System32\ialmdnt5.dll
0xBF012000 \SystemRoot\System32\ialmrnt5.dll
0xBF042000 \SystemRoot\System32\ialmdev5.DLL
0xBF077000 \SystemRoot\System32\ialmdd5.DLL
0xBFFA0000 \SystemRoot\System32\ATMFD.DLL
0xA9E4C000 \SystemRoot\system32\drivers\drvnddm.sys
0xF7BD7000 \SystemRoot\system32\dla\tfsndres.sys
0xA9C5E000 \SystemRoot\system32\dla\tfsnifs.sys
0xA9D88000 \SystemRoot\system32\dla\tfsnopio.sys
0xF7B79000 \SystemRoot\system32\dla\tfsnpool.sys
0xF78E5000 \SystemRoot\system32\dla\tfsnboio.sys
0xA9E3C000 \SystemRoot\system32\dla\tfsncofs.sys
0xF7C23000 \SystemRoot\system32\dla\tfsndrct.sys
0xA9C1D000 \SystemRoot\system32\dla\tfsnudf.sys
0xA9C04000 \SystemRoot\system32\dla\tfsnudfa.sys
0xF78FD000 \SystemRoot\system32\DRIVERS\elagopro.sys
0xA9C56000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA99A7000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xF7B17000 \SystemRoot\System32\Drivers\ASCTRM.SYS
0xF7B23000 \SystemRoot\system32\DRIVERS\elaunidr.sys
0xA97AE000 \SystemRoot\System32\Drivers\HTTP.sys
0xA9706000 \SystemRoot\system32\DRIVERS\srv.sys
0xA9546000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0xA8EF9000 \SystemRoot\system32\drivers\wdmaud.sys
0xA93DE000 \SystemRoot\system32\drivers\sysaudio.sys
0xF78AD000 \SystemRoot\system32\drivers\mfebopk.sys
0xA87D9000 \SystemRoot\system32\drivers\mfeavfk.sys
0xA85D1000 \SystemRoot\system32\drivers\mfesmfk.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 79):
0 System Idle Process
4 System
1608 C:\WINDOWS\system32\smss.exe
1660 csrss.exe
1684 C:\WINDOWS\system32\winlogon.exe
1736 C:\WINDOWS\system32\services.exe
1748 C:\WINDOWS\system32\lsass.exe
1952 C:\WINDOWS\system32\svchost.exe
2000 svchost.exe
316 C:\WINDOWS\system32\svchost.exe
568 svchost.exe
888 svchost.exe
1064 C:\WINDOWS\system32\WLTRYSVC.EXE
1084 C:\WINDOWS\system32\BCMWLTRY.EXE
1228 C:\WINDOWS\system32\BRSVC01A.EXE
1260 C:\WINDOWS\system32\BRSS01A.EXE
1256 C:\WINDOWS\system32\spoolsv.exe
1324 svchost.exe
1372 C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
1408 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1436 C:\Program Files\Bonjour\mDNSResponder.exe
1452 C:\WINDOWS\ehome\ehrecvr.exe
1496 C:\WINDOWS\ehome\ehSched.exe
252 C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
304 C:\Program Files\Common Files\Motive\McciCMService.exe
456 C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
500 C:\PROGRA~1\COMMON~1\McAfee\MNA\McNASvc.exe
696 C:\PROGRA~1\COMMON~1\McAfee\McProxy\McProxy.exe
740 C:\PROGRA~1\McAfee\VIRUSS~1\Mcshield.exe
944 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
1016 C:\Program Files\McAfee\MPF\MpfSrv.exe
1464 C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
1568 C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
1632 C:\WINDOWS\system32\PSIService.exe
1824 locator.exe
1960 C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
2120 svchost.exe
2236 C:\WINDOWS\system32\svchost.exe
2412 C:\WINDOWS\system32\UStorSrv.exe
2936 C:\WINDOWS\system32\wuauclt.exe
2992 mcrdsvc.exe
3028 C:\WINDOWS\explorer.exe
548 C:\WINDOWS\system32\dllhost.exe
3220 alg.exe
3388 wmiprvse.exe
3828 C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
2780 C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
2872 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
3620 C:\WINDOWS\stsystra.exe
3616 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
3884 C:\WINDOWS\system32\igfxpers.exe
3020 C:\WINDOWS\system32\hkcmd.exe
1740 C:\WINDOWS\ehome\ehtray.exe
3108 C:\WINDOWS\system32\igfxsrvc.exe
144 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
592 C:\WINDOWS\system32\dla\tfswctrl.exe
980 C:\WINDOWS\system32\msiexec.exe
2816 C:\Program Files\Dell\QuickSet\quickset.exe
3428 C:\WINDOWS\system32\WLTRAY.EXE
148 C:\WINDOWS\ehome\ehmsas.exe
2676 C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
3592 C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
1792 C:\Program Files\iTunes\iTunesHelper.exe
2668 C:\WINDOWS\system32\svchost.exe
1076 C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
4088 C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
3784 C:\Program Files\NetWaiting\netwaiting.exe
3024 C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
3996 C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
2108 C:\WINDOWS\system32\ctfmon.exe
2956 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
2692 C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
3516 C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
556 C:\Program Files\Digital Line Detect\DLG.exe
572 C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
964 C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
3796 C:\Program Files\iPod\bin\iPodService.exe
1928 wmiprvse.exe
3232 C:\Documents and Settings\Andre\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`02f10c00 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000009`53198a00 (NTFS)

PhysicalDrive0 Model Number: HitachiHTS541060G9SA00, Rev: MB3OC60R

Size Device Name MBR Status
--------------------------------------------
54 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A


Done!
 
Looks good :)

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  1. Please, never rename Combofix unless instructed.
  2. Close any open browsers.
  3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
  4. Double click on combofix.exe & follow the prompts.
  5. When finished, it will produce a report for you.
  6. Please post the "C:\ComboFix.txt"
**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Make sure, you re-enable your security programs, when you're done with Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
 
Combofix log

ComboFix 10-10-18.03 - Andre 10/19/2010 6:52.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.377 [GMT -5:00]
Running from: c:\documents and settings\Andre\Desktop\ComboFix.exe
AV: McAfee VirusScan *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Documents\Server\admin.txt
c:\documents and settings\All Users\Documents\Server\server.dat
c:\documents and settings\Andre\GoToAssistDownloadHelper.exe
c:\program files\Shared

Infected copy of c:\windows\system32\winlogon.exe was found and disinfected
Restored copy from - c:\windows\ServicePackFiles\i386\winlogon.exe

Infected copy of c:\windows\explorer.exe was found and disinfected
Restored copy from - c:\windows\ServicePackFiles\i386\explorer.exe

.
((((((((((((((((((((((((( Files Created from 2010-09-19 to 2010-10-19 )))))))))))))))))))))))))))))))
.

2010-10-17 18:03 . 2010-02-17 21:52 40552 ----a-w- c:\windows\system32\drivers\mfesmfk.sys
2010-10-17 18:03 . 2010-02-17 21:52 35272 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2010-10-17 18:03 . 2010-02-17 21:52 79816 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2010-10-17 18:03 . 2010-07-15 20:18 120136 ----a-w- c:\windows\system32\drivers\Mpfp.sys
2010-10-17 18:02 . 2010-10-17 18:03 -------- d-----w- c:\program files\Common Files\McAfee
2010-10-17 18:01 . 2010-10-18 23:51 -------- d-----w- c:\program files\McAfee
2010-10-17 18:00 . 2010-02-17 21:52 34248 ----a-w- c:\windows\system32\drivers\mferkdk.sys
2010-10-16 19:23 . 2010-10-16 19:23 -------- d-----w- c:\documents and settings\Andre\Application Data\Malwarebytes
2010-10-16 19:18 . 2010-04-29 20:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-16 19:18 . 2010-10-16 19:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-10-16 19:18 . 2010-04-29 20:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-16 19:18 . 2010-10-16 19:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-14 17:40 . 2010-09-18 06:53 954368 ------w- c:\windows\system32\dllcache\mfc40.dll
2010-10-14 17:40 . 2010-09-18 06:53 974848 ------w- c:\windows\system32\dllcache\mfc42.dll
2010-10-14 17:40 . 2010-09-18 06:53 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll
2010-10-14 17:40 . 2010-08-23 16:12 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
2010-10-13 04:40 . 2010-10-13 04:40 -------- d-----w- c:\documents and settings\Andre\Local Settings\Application Data\Scansoft
2010-10-13 03:37 . 2010-10-13 03:37 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2010-10-12 01:29 . 2010-10-12 01:29 -------- d-----w- C:\QUARANTINE
2010-10-11 17:19 . 2002-04-12 05:00 57344 ----a-w- c:\windows\system32\BRSVC01A.EXE
2010-10-11 17:19 . 2001-12-13 05:01 45056 ----a-w- c:\windows\system32\BRSS01A.EXE
2010-10-11 17:15 . 2004-04-19 04:42 733184 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iKernel.dll
2010-10-11 17:15 . 2004-04-19 04:40 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\ctor.dll
2010-10-11 17:15 . 2004-04-19 04:39 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iscript.dll
2010-10-11 17:15 . 2004-04-19 04:39 172032 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iuser.dll
2010-10-11 17:15 . 2004-04-19 04:39 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\DotNetInstaller.exe
2010-10-11 17:15 . 2010-10-11 17:15 303236 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\setup.dll
2010-10-11 17:15 . 2010-10-11 17:15 180356 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iGdi.dll
2010-10-08 22:34 . 2010-10-08 22:34 -------- d-----r- c:\documents and settings\Andre\Application Data\Brother
2010-10-08 22:12 . 2001-08-17 18:53 6784 ----a-w- c:\windows\system32\drivers\serscan.sys
2010-10-08 22:12 . 2001-08-17 18:53 6784 ----a-w- c:\windows\system32\dllcache\serscan.sys
2010-10-08 22:09 . 2010-10-11 17:15 -------- d-----w- c:\program files\Brother
2010-10-08 22:09 . 2007-02-15 18:54 131072 ----a-w- c:\windows\brunin03.dll
2010-10-08 22:09 . 2010-10-08 22:09 -------- d-----w- c:\documents and settings\Andre\Application Data\InstallShield
2010-10-08 22:06 . 2010-10-08 22:06 -------- d-----w- c:\program files\Nuance
2010-10-08 22:03 . 2010-10-08 22:03 -------- d-----w- c:\program files\Common Files\ScanSoft Shared
2010-10-08 22:02 . 2010-10-08 22:05 -------- d-----w- c:\documents and settings\All Users\Application Data\ScanSoft
2010-10-08 22:02 . 2010-10-08 22:02 -------- d-----w- c:\program files\ScanSoft
2010-10-08 22:00 . 2010-10-08 22:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Brother
2010-10-01 22:33 . 2010-10-01 22:33 -------- d-----w- c:\documents and settings\Andre\Application Data\Jaran Nilsen
2010-10-01 22:33 . 2010-10-01 22:33 -------- d-----w- c:\program files\iTunes Agent

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ModemOnHold"="c:\program files\NetWaiting\netWaiting.exe" [2003-09-10 20480]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-14 68856]
"EasyLinkAdvisor"="c:\program files\Linksys EasyLink Advisor\LinksysAgent.exe" [2007-03-16 454784]
"ComcastAntispyClient"="c:\program files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" [2009-08-19 1589208]
"Google Update"="c:\documents and settings\Andre\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-06-06 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 761947]
"SigmatelSysTrayApp"="stsystra.exe" [2006-03-24 282624]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-12-13 98304]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-12-13 118784]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-12-13 77824]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-12-10 49152]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2006-04-06 1032192]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2005-12-19 1347584]
"Acrobat Assistant 7.0"="c:\program files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 483328]
"QuickFinder Scheduler"="c:\program files\WordPerfect Office X3\Programs\QFSCHD130.EXE" [2007-01-03 83568]
"ddoctorv2"="c:\program files\Comcast\Desktop Doctor\bin\sprtcmd.exe" [2008-04-24 202560]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-08-10 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-01 421160]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2007-10-12 29984]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2007-10-12 46368]
"PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-08-31 328992]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2009-02-10 745472]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-10-30 77824]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-06-10 1218008]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-0000-BA7E-100000000002}\SC_Acrobat.exe [2006-9-18 25214]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-9-11 24576]
Service Manager.lnk - c:\program files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2005-5-3 81920]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
2008-04-23 07:08 483328 ----a-w- c:\program files\Adobe\Acrobat 7.0\Distillr\acrotray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-09-01 13:32 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-08-10 10:15 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Nortel Networks\\Extranet.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Documents and Settings\\Andre\\Application Data\\Juniper Networks\\Juniper Terminal Services Client\\dsTermServ.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Brother\\Brmfl07b\\FAXRX.exe"=
"c:\\Program Files\\Brother\\BRAdmin Light\\BRAdmLight.exe"=
"c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"54925:UDP"= 54925:UDP:Brother Network Scanner

R2 AntiSpywareService;Comcast AntiSpyware;c:\program files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [6/17/2009 12:49 PM 616408]
R3 Eacfilt;Eacfilt Miniport;c:\windows\system32\drivers\eacfilt.sys [1/18/2008 11:26 AM 9161]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/5/2010 9:58 PM 135664]
S2 IPSECEXT;Nortel Extranet Access Protocol;c:\windows\system32\drivers\ipsecw2k.sys [1/18/2008 11:26 AM 114016]
.
Contents of the 'Scheduled Tasks' folder

2010-10-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 16:50]

2010-10-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-06 02:58]

2010-10-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-06 02:58]

2010-10-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1960889908-3448697875-2486020462-1006Core.job
- c:\documents and settings\Andre\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-10-16 13:46]

2010-10-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1960889908-3448697875-2486020462-1006UA.job
- c:\documents and settings\Andre\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-10-16 13:46]

2010-10-17 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2010-10-17 17:22]

2010-10-17 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2010-10-17 17:22]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.comcast.net?cid=NET_mmhpset
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Open with WordPerfect - c:\program files\WordPerfect Office X3\Programs\WPLauncher.hta
DPF: {15E31F81-702C-48F8-97B1-75AE9155B5E3} - hxxps://remote.lw.com/TSWebCtl.CAB
DPF: {4ECE056F-E50F-4F9D-B069-EB342D21F26A} - hxxp://www1.snapfish.com/SnapfishActivia3.cab
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-McAfeeUpdaterUI - c:\program files\Network Associates\Common Framework\UpdaterUI.exe
MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
AddRemove-ComcastHSI - c:\program files\support.com\uninstall\chsi_uninstaller.exe
AddRemove-Imation Disk Manager V a Service - c:\docume~1\Andre\LOCALS~1\Temp\Imation Disk Manager V a.exe
AddRemove-WebCyberCoach_wtrb - c:\program files\WebCyberCoach\b_Dell\WCC_Wipe.exe WebCyberCoach ext\wtrb


.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1680)
c:\program files\CA\PPRT\bin\CACheck.dll
c:\program files\CA\PPRT\bin\CAHook.dll
c:\program files\CA\PPRT\bin\CAServer.dll

- - - - - - - > 'explorer.exe'(3696)
c:\windows\system32\WININET.dll
c:\program files\CA\PPRT\bin\CACheck.dll
c:\program files\CA\PPRT\bin\CAHook.dll
c:\program files\CA\PPRT\bin\CAServer.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\WLTRYSVC.EXE
c:\windows\System32\bcmwltry.exe
c:\windows\system32\brss01a.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\program files\CA\PPRT\bin\ITMRTSVC.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\progra~1\McAfee\MSC\mcmscsvc.exe
c:\progra~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\progra~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\progra~1\McAfee\VIRUSS~1\mcshield.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\McAfee\MPF\MPFSrv.exe
c:\program files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
c:\program files\Dell\QuickSet\NICCONFIGSVC.exe
c:\windows\system32\PSIService.exe
c:\windows\system32\locator.exe
c:\program files\Comcast\Desktop Doctor\bin\sprtsvc.exe
c:\windows\system32\UStorSrv.exe
c:\windows\ehome\mcrdsvc.exe
c:\progra~1\mcafee.com\agent\mcagent.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\msiexec.exe
c:\windows\stsystra.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\eHome\ehmsas.exe
c:\program files\Brother\ControlCenter3\brccMCtl.exe
c:\program files\Brother\Brmfcmon\BrMfimon.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2010-10-19 07:09:16 - machine was rebooted
ComboFix-quarantined-files.txt 2010-10-19 12:09

Pre-Run: 4,880,134,144 bytes free
Post-Run: 4,998,705,152 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

- - End Of File - - 28ED2675F7FE650283BA320791E62AB2
 
That looks much better :)

How is redirection?


Download OTL to your Desktop.

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in:


netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop


  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
OTL Log Part 1

OTL logfile created on: 10/19/2010 6:19:37 PM - Run 1
OTL by OldTimer - Version 3.2.15.2 Folder = C:\Documents and Settings\Andre\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 275.00 Mb Available Physical Memory | 27.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.24 Gb Total Space | 4.67 Gb Free Space | 12.53% Space Free | Partition Type: NTFS
Drive D: | 12.54 Gb Total Space | 12.47 Gb Free Space | 99.44% Space Free | Partition Type: NTFS

Computer Name: BUBBLE | User Name: Andre | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days

========== Processes (SafeList) ==========

PRC - [2010/10/19 18:18:11 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andre\Desktop\OTL.exe
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/06/10 06:58:32 | 001,218,008 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2010/06/10 06:58:32 | 000,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2010/02/17 16:52:00 | 000,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2010/02/17 15:53:26 | 000,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2009/10/27 11:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
PRC - [2009/08/19 12:25:52 | 001,589,208 | ---- | M] () -- C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
PRC - [2009/07/08 11:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2009/07/07 19:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2009/06/17 12:49:44 | 000,616,408 | ---- | M] () -- C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
PRC - [2009/02/10 11:03:16 | 000,745,472 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
PRC - [2008/04/24 13:26:18 | 000,202,560 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
PRC - [2008/04/24 13:25:22 | 000,202,560 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
PRC - [2008/04/23 02:08:13 | 000,483,328 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/31 14:03:40 | 000,094,208 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
PRC - [2007/11/09 20:51:40 | 000,540,672 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
PRC - [2007/10/11 19:03:10 | 000,029,984 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
PRC - [2007/09/26 13:55:04 | 000,283,912 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
PRC - [2007/07/14 11:29:32 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2007/03/15 19:16:42 | 000,454,784 | ---- | M] (Linksys, a Division of Cisco Systems, Inc.) -- C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
PRC - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2006/04/06 14:58:52 | 001,032,192 | ---- | M] (Dell Inc) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2006/04/06 14:57:54 | 000,380,928 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2006/03/24 16:30:44 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2006/02/17 06:19:55 | 000,139,264 | ---- | M] (OTi) -- C:\WINDOWS\system32\UStorSrv.exe
PRC - [2005/06/10 10:44:02 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2003/10/29 02:06:00 | 000,024,576 | ---- | M] (BVRP Software) -- C:\Program Files\Digital Line Detect\DLG.exe
PRC - [2003/09/10 02:24:00 | 000,020,480 | ---- | M] () -- C:\Program Files\NetWaiting\netwaiting.exe
PRC - [2001/12/13 00:01:00 | 000,045,056 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\BRSS01A.EXE


========== Modules (SafeList) ==========

MOD - [2010/10/19 18:18:11 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andre\Desktop\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008/04/13 19:12:01 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2008/04/13 19:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2007/04/19 14:21:40 | 000,116,264 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprthook.dll
MOD - [2006/04/06 14:59:08 | 000,073,728 | ---- | M] () -- C:\Program Files\Dell\QuickSet\dadkeyb.dll
MOD - [2005/12/13 16:39:58 | 000,073,728 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hccutils.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/06/10 06:58:32 | 000,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2010/02/24 13:16:08 | 000,365,072 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2010/02/17 16:52:00 | 000,144,704 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2010/02/17 15:53:26 | 000,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2009/10/27 11:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009/07/08 11:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2009/07/07 19:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2009/06/17 12:49:44 | 000,616,408 | ---- | M] () [Auto | Running] -- C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe -- (AntiSpywareService)
SRV - [2008/04/24 13:26:18 | 000,202,560 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe -- (sprtsvc_ddoctorv2) SupportSoft Sprocket Service (ddoctorv2)
SRV - [2007/09/26 13:55:04 | 000,283,912 | ---- | M] (CA, Inc.) [Auto | Running] -- C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe -- (ITMRTSVC)
SRV - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Start_Pending] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
SRV - [2006/04/06 14:57:54 | 000,380,928 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2006/02/17 06:19:55 | 000,139,264 | ---- | M] (OTi) [Auto | Running] -- C:\WINDOWS\System32\UStorSrv.exe -- (UStorage Server Service)
SRV - [2002/04/12 00:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) [Auto | Stopped] -- C:\WINDOWS\system32\BRSVC01A.EXE -- (Brother XP spl Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DDMI2.sys -- (SDDMI2)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS -- (MRESP50a64)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS -- (MREMP50a64)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Andre\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010/07/15 15:18:22 | 000,120,136 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Mpfp.sys -- (MPFP)
DRV - [2010/02/17 16:52:48 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/02/17 16:52:48 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2010/02/17 16:52:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2010/02/17 16:52:48 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2010/02/17 16:52:10 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009/01/26 17:13:41 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/01/26 17:13:39 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2008/04/13 13:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 13:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 12:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/03/22 13:57:14 | 000,028,672 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\elagopro.sys -- (elagopro)
DRV - [2007/03/22 13:57:14 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\elaunidr.sys -- (elaunidr)
DRV - [2006/09/11 23:57:15 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2006/03/24 16:34:30 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/03/08 11:35:10 | 000,191,872 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2005/11/02 12:24:34 | 000,424,320 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2005/10/14 08:40:18 | 000,307,968 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005/10/14 08:40:18 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/10/14 08:40:18 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/08/12 17:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005/08/05 09:32:16 | 000,045,312 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2005/07/21 20:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/07/21 20:01:08 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/07/21 20:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/12/06 01:05:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004/12/06 01:05:00 | 000,098,714 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004/12/06 01:05:00 | 000,086,586 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004/12/06 01:05:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004/12/06 01:05:00 | 000,025,883 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004/12/06 01:05:00 | 000,015,227 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004/12/06 01:05:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004/12/06 01:05:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004/12/06 01:05:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004/12/01 03:22:00 | 000,087,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/11/23 02:56:00 | 000,040,480 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2004/08/03 22:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/07/14 11:29:04 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/07/14 11:28:50 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2004/02/13 09:46:00 | 000,017,153 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)
DRV - [2002/05/01 00:16:52 | 000,114,016 | ---- | M] (Nortel Networks) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipsecw2k.sys -- (IPSECSHM)
DRV - [2002/05/01 00:16:52 | 000,114,016 | ---- | M] (Nortel Networks) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\ipsecw2k.sys -- (IPSECEXT)
DRV - [2002/04/22 15:50:14 | 000,009,161 | R--- | M] (Nortel Networks) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\eacfilt.sys -- (Eacfilt)
DRV - [2001/08/17 14:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 14:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 14:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 14:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 14:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 13:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 13:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 13:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 13:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 13:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 13:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 13:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 13:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 13:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 13:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5060912
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5060912

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net?cid=NET_mmhpset
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0



O1 HOSTS File: ([2010/10/19 07:02:36 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Comcast Toolbar) - {79CEEA4E-C231-4614-9E3B-53B2A02F39B7} - C:\Program Files\comcasttb\comcastdx.dll ()
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Comcast Toolbar) - {79CEEA4E-C231-4614-9E3B-53B2A02F39B7} - C:\Program Files\comcasttb\comcastdx.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ddoctorv2] C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort11reminder] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [QuickFinder Scheduler] C:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE (Corel Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKCU..\Run: [ComcastAntispyClient] C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe ()
O4 - HKCU..\Run: [EasyLinkAdvisor] C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe (Linksys, a Division of Cisco Systems, Inc.)
O4 - HKCU..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netwaiting.exe ()
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-0000-BA7E-100000000002}\SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O8 - Extra context menu item: Open with WordPerfect - C:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\NPJPI150_06.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {15E31F81-702C-48F8-97B1-75AE9155B5E3} https://remote.lw.com/TSWebCtl.CAB (TSWebCtl.UCTSWeb)
O16 - DPF: {30439117-02CA-4FBA-ADAF-84C2D8E2004D} https://remote.lw.com/v3rdpchk.cab (v3 silent install)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www1.snapfish.com/SnapfishActivia.cab (Snapfish Activia)
O16 - DPF: {4ECE056F-E50F-4F9D-B069-EB342D21F26A} http://www1.snapfish.com/SnapfishActivia3.cab (Snapfish Activia3)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.72.134 68.87.77.134
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Andre\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Andre\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 04:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: MSACM.CTRXAUD - ctrxaud.acm File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: VIDC.CTRX - ctrxvid.drv File not found
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\mcdvd_32.dll (MainConcept)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902053519425536)

========== Files/Folders - Created Within 90 Days ==========

File not found -- C:\Documents and Settings\Andre\Desktop\ComboFix.exe
[2010/10/19 18:18:09 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Andre\Desktop\OTL.exe
[2010/10/19 06:50:25 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/10/19 06:46:40 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/10/19 06:46:40 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/10/19 06:46:40 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/10/19 06:46:40 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/10/19 06:46:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/10/19 06:46:08 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/10/18 20:57:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre\Desktop\NTBR_CD
[2010/10/17 13:03:49 | 000,040,552 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfesmfk.sys
[2010/10/17 13:03:49 | 000,035,272 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys
[2010/10/17 13:03:48 | 000,079,816 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys
[2010/10/17 13:03:42 | 000,120,136 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\Mpfp.sys
[2010/10/17 13:02:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2010/10/17 13:02:14 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2010/10/17 13:01:45 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2010/10/17 13:00:32 | 000,034,248 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdk.sys
[2010/10/16 14:23:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre\Application Data\Malwarebytes
[2010/10/16 14:18:28 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/10/16 14:18:26 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/10/16 14:18:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/10/16 14:18:25 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/10/16 13:54:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre\Desktop\Comcast
[2010/10/16 13:47:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre\Desktop\Travel
[2010/10/12 23:40:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre\Local Settings\Application Data\Scansoft
[2010/10/12 23:38:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/10/12 22:37:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/10/11 20:29:43 | 000,000,000 | ---D | C] -- C:\QUARANTINE
[2010/10/11 17:10:48 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Documents\Server
[2010/10/11 12:19:47 | 000,057,344 | ---- | C] (brother Industries Ltd) -- C:\WINDOWS\System32\BRSVC01A.EXE
[2010/10/11 12:19:47 | 000,045,056 | ---- | C] (brother Industries Ltd) -- C:\WINDOWS\System32\BRSS01A.EXE
[2010/10/08 17:34:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Andre\Application Data\Brother
[2010/10/08 17:12:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\BrFaxRx
[2010/10/08 17:10:34 | 000,054,784 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\brinsstr.dll
[2010/10/08 17:10:12 | 000,094,208 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\BrDctF2.dll
[2010/10/08 17:10:12 | 000,012,288 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\BrDctF2S.dll
[2010/10/08 17:10:12 | 000,012,288 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\BrDctF2L.dll
[2010/10/08 17:10:10 | 000,176,128 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BROSNMP.DLL
[2010/10/08 17:10:05 | 000,063,488 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrNetSti.dll
[2010/10/08 17:10:05 | 000,058,368 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\BrWiaNCp.dll
[2010/10/08 17:10:05 | 000,041,472 | ---- | C] (Brother Industries,Ltd) -- C:\WINDOWS\System32\Brnsplg.dll
[2010/10/08 17:10:03 | 001,397,248 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrWia07b.dll
[2010/10/08 17:10:03 | 000,094,208 | ---- | C] (Brother Industries Ltd) -- C:\WINDOWS\System32\BRRBTOOL.EXE
[2010/10/08 17:10:03 | 000,077,824 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BRLMW03A.DLL
[2010/10/08 17:10:03 | 000,024,223 | ---- | C] (brother Industries Ltd) -- C:\WINDOWS\System32\BRLM03A.DLL
[2010/10/08 17:10:03 | 000,000,000 | ---D | C] -- C:\Brother
[2010/10/08 17:10:00 | 000,167,936 | ---- | C] (brother) -- C:\WINDOWS\System32\NSSearch.dll
[2010/10/08 17:10:00 | 000,126,976 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrfxD05a.dll
[2010/10/08 17:10:00 | 000,102,400 | ---- | C] (Brother Industries,LTD.) -- C:\WINDOWS\System32\BrMfNt.dll
[2010/10/08 17:10:00 | 000,073,728 | ---- | C] (Brother Industories Ltd. P&S Company) -- C:\WINDOWS\System32\BRCrypt.dll
[2010/10/08 17:09:59 | 000,131,072 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\brunin03.dll
[2010/10/08 17:09:59 | 000,000,000 | ---D | C] -- C:\Program Files\Brother
[2010/10/08 17:09:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre\Application Data\InstallShield
[2010/10/08 17:06:07 | 000,000,000 | ---D | C] -- C:\Program Files\Nuance
[2010/10/08 17:03:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ScanSoft Shared
[2010/10/08 17:02:40 | 000,000,000 | ---D | C] -- C:\Program Files\ScanSoft
[2010/10/08 17:02:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2010/10/08 17:02:38 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2010/10/08 17:00:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Brother
[2010/10/01 17:33:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre\Application Data\Jaran Nilsen
[2010/10/01 17:33:38 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes Agent
[2010/09/10 17:44:44 | 000,000,000 | ---D | C] -- C:\Program Files\support.com
[2010/09/05 22:15:36 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/09/05 22:15:32 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/09/05 22:15:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/09/05 22:12:30 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/09/05 22:08:03 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/09/05 21:42:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre\Application Data\Mozilla
[2010/09/05 21:42:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre\Local Settings\Application Data\eMusic
[2010/09/05 21:42:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre\Application Data\eMusic
[2010/09/05 21:42:21 | 000,000,000 | ---D | C] -- C:\Program Files\eMusic Download Manager
[2010/09/05 18:40:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Systweak
[2010/09/04 07:41:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre\Application Data\Systweak
[2010/07/30 11:55:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre\My Documents\Downloads
[2010/07/30 09:54:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2010/07/30 09:53:45 | 000,000,000 | ---D | C] -- C:\Program Files\Comcast
[2010/07/30 09:53:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre\Application Data\CallingID
[2010/07/30 09:53:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\scanner
[2010/07/30 09:53:21 | 000,000,000 | ---D | C] -- C:\Program Files\CA
[2010/07/30 09:52:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre\Application Data\comcasttb
[2010/07/30 09:52:42 | 000,000,000 | ---D | C] -- C:\Program Files\comcasttb
[2010/07/30 09:50:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre\Local Settings\Application Data\SupportSoft
[2010/07/30 09:50:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SupportSoft
[2010/07/30 09:50:38 | 000,000,000 | ---D | C] -- C:\Program Files\ComcastUI

========== Files - Modified Within 90 Days ==========

[2010/10/19 18:18:11 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andre\Desktop\OTL.exe
[2010/10/19 18:05:00 | 000,007,343 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF
[2010/10/19 07:06:48 | 000,464,252 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/10/19 07:06:48 | 000,081,214 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/10/19 07:04:12 | 000,002,335 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2010/10/19 07:02:36 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/10/19 07:02:27 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/10/19 07:02:11 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/10/19 07:01:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/10/19 07:01:48 | 1063,714,816 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/19 06:50:36 | 000,000,325 | RHS- | M] () -- C:\boot.ini
[2010/10/18 21:01:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960889908-3448697875-2486020462-1006UA.job
[2010/10/18 20:57:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/10/18 20:55:10 | 002,565,432 | ---- | M] () -- C:\Documents and Settings\Andre\Desktop\NTBR_CD.exe
[2010/10/18 20:01:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960889908-3448697875-2486020462-1006Core.job
[2010/10/18 19:12:05 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Andre\Desktop\MBRCheck.exe
[2010/10/17 19:31:15 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/10/17 13:07:28 | 000,000,671 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk
[2010/10/17 13:02:49 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\McDefragTask.job
[2010/10/17 13:02:48 | 000,000,332 | ---- | M] () -- C:\WINDOWS\tasks\McQcTask.job
[2010/10/16 20:41:06 | 000,544,768 | ---- | M] () -- C:\Documents and Settings\Andre\Desktop\dds.scr
[2010/10/16 20:40:06 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\Andre\Desktop\3zxt5rnq.exe
[2010/10/16 20:17:26 | 000,088,850 | ---- | M] () -- C:\Documents and Settings\Andre\Desktop\Malware Preliminary Removal Instructions - TechSpot OpenBoards.pdf
[2010/10/16 16:54:45 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\Andre\Desktop\Google Chrome.lnk
[2010/10/16 16:54:45 | 000,002,262 | ---- | M] () -- C:\Documents and Settings\Andre\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/10/16 14:18:32 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/16 13:12:49 | 000,295,664 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/10/14 22:00:05 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/10/14 17:39:08 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/10/12 22:04:58 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Andre\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/10/11 12:19:48 | 000,000,184 | ---- | M] () -- C:\WINDOWS\System32\brsvc01a.bsi
[2010/10/11 12:19:48 | 000,000,030 | ---- | M] () -- C:\WINDOWS\System32\brss01a.ini
[2010/10/11 12:19:47 | 000,000,065 | ---- | M] () -- C:\WINDOWS\System32\bd7840w.dat
[2010/10/08 17:16:24 | 000,004,267 | ---- | M] () -- C:\WINDOWS\System32\LexFiles.ulf
[2010/10/08 17:12:44 | 000,000,410 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2010/10/08 17:12:06 | 000,000,225 | ---- | M] () -- C:\WINDOWS\Brpfx04a.ini
[2010/10/08 17:12:06 | 000,000,093 | ---- | M] () -- C:\WINDOWS\brpcfx.ini
[2010/10/08 17:12:06 | 000,000,086 | ---- | M] () -- C:\WINDOWS\Brfaxrx.ini
[2010/10/04 19:57:44 | 001,068,203 | ---- | M] () -- C:\Documents and Settings\Andre\Desktop\sf2809.pdf
[2010/09/14 13:35:39 | 000,005,798 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2010/09/12 14:22:03 | 000,061,876 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/09/10 17:45:09 | 000,001,097 | ---- | M] () -- C:\net_save.dna
[2010/09/06 07:14:53 | 000,046,592 | ---- | M] () -- C:\Documents and Settings\Andre\Desktop\Meenu Will.doc
[2010/09/06 07:13:44 | 000,047,104 | ---- | M] () -- C:\Documents and Settings\Andre\Desktop\Mon Will.doc
[2010/08/11 19:25:05 | 002,002,478 | ---- | M] () -- C:\WINDOWS\iis6.BAK

========== Files Created - No Company Name ==========

[2010/10/19 06:50:36 | 000,000,209 | ---- | C] () -- C:\Boot.bak
[2010/10/19 06:50:28 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2010/10/19 06:46:40 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/10/19 06:46:40 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/10/19 06:46:40 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/10/19 06:46:40 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/10/19 06:46:40 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/10/18 20:55:05 | 002,565,432 | ---- | C] () -- C:\Documents and Settings\Andre\Desktop\NTBR_CD.exe
[2010/10/18 19:12:05 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\Andre\Desktop\MBRCheck.exe
[2010/10/17 13:07:42 | 000,007,343 | ---- | C] () -- C:\WINDOWS\System32\Config.MPF
[2010/10/17 13:07:28 | 000,000,671 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk
[2010/10/17 13:02:49 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\McDefragTask.job
[2010/10/17 13:02:48 | 000,000,332 | ---- | C] () -- C:\WINDOWS\tasks\McQcTask.job
[2010/10/16 20:41:33 | 000,544,768 | ---- | C] () -- C:\Documents and Settings\Andre\Desktop\dds.scr
[2010/10/16 20:40:47 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Andre\Desktop\3zxt5rnq.exe
[2010/10/16 20:17:26 | 000,088,850 | ---- | C] () -- C:\Documents and Settings\Andre\Desktop\Malware Preliminary Removal Instructions - TechSpot OpenBoards.pdf
[2010/10/16 16:54:45 | 000,002,284 | ---- | C] () -- C:\Documents and Settings\Andre\Desktop\Google Chrome.lnk
[2010/10/16 16:54:45 | 000,002,262 | ---- | C] () -- C:\Documents and Settings\Andre\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/10/16 16:51:25 | 000,000,978 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960889908-3448697875-2486020462-1006UA.job
[2010/10/16 16:51:25 | 000,000,926 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960889908-3448697875-2486020462-1006Core.job
[2010/10/16 14:18:32 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/11 12:19:48 | 000,000,184 | ---- | C] () -- C:\WINDOWS\System32\brsvc01a.bsi
[2010/10/11 12:19:48 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2010/10/08 17:12:44 | 000,000,410 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2010/10/08 17:12:06 | 000,000,225 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2010/10/08 17:12:06 | 000,000,093 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2010/10/08 17:12:06 | 000,000,065 | ---- | C] () -- C:\WINDOWS\System32\bd7840w.dat
[2010/10/08 17:10:03 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\BRTCPCON.DLL
[2010/10/08 17:10:03 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI
[2010/10/08 17:10:02 | 000,006,224 | ---- | C] () -- C:\WINDOWS\CVRPAGE.BMP
[2010/10/08 17:10:01 | 000,000,086 | ---- | C] () -- C:\WINDOWS\Brfaxrx.ini
[2010/10/08 17:10:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2010/10/08 17:10:00 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2010/10/08 17:05:17 | 000,031,567 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2010/10/04 19:57:42 | 001,068,203 | ---- | C] () -- C:\Documents and Settings\Andre\Desktop\sf2809.pdf
[2010/09/12 14:22:03 | 000,061,876 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/09/10 17:45:09 | 000,001,097 | ---- | C] () -- C:\net_save.dna
[2010/09/05 22:17:01 | 000,002,137 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/04/11 14:43:49 | 000,126,464 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2009/11/18 10:50:37 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Andre\Application Data\PFP100JPR.{PB
[2009/11/18 10:50:37 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Andre\Application Data\PFP100JCM.{PB
[2008/05/11 22:05:03 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\OPDSL.DLL
[2008/05/10 09:51:29 | 000,003,140 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2008/05/10 09:51:29 | 000,000,168 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\80936C0B21.sys
[2008/01/18 12:25:36 | 000,000,032 | ---- | C] () -- C:\WINDOWS\concentr.ini
[2007/05/13 21:45:31 | 000,014,848 | ---- | C] () -- C:\Documents and Settings\Andre\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-
 
OTL Part 2

OTL Part 1 of 2

OTL logfile created on: 10/19/2010 6:19:37 PM - Run 1
OTL by OldTimer - Version 3.2.15.2 Folder = C:\Documents and Settings\Andre\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 275.00 Mb Available Physical Memory | 27.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.24 Gb Total Space | 4.67 Gb Free Space | 12.53% Space Free | Partition Type: NTFS
Drive D: | 12.54 Gb Total Space | 12.47 Gb Free Space | 99.44% Space Free | Partition Type: NTFS

Computer Name: BUBBLE | User Name: Andre | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days

========== Processes (SafeList) ==========

PRC - [2010/10/19 18:18:11 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andre\Desktop\OTL.exe
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/06/10 06:58:32 | 001,218,008 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2010/06/10 06:58:32 | 000,865,832 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2010/02/17 16:52:00 | 000,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2010/02/17 15:53:26 | 000,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2009/10/27 11:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
PRC - [2009/08/19 12:25:52 | 001,589,208 | ---- | M] () -- C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpy.exe
PRC - [2009/07/08 11:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2009/07/07 19:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2009/06/17 12:49:44 | 000,616,408 | ---- | M] () -- C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
PRC - [2009/02/10 11:03:16 | 000,745,472 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
PRC - [2008/04/24 13:26:18 | 000,202,560 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
PRC - [2008/04/24 13:25:22 | 000,202,560 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe
PRC - [2008/04/23 02:08:13 | 000,483,328 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/01/31 14:03:40 | 000,094,208 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
PRC - [2007/11/09 20:51:40 | 000,540,672 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
PRC - [2007/10/11 19:03:10 | 000,029,984 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
PRC - [2007/09/26 13:55:04 | 000,283,912 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
PRC - [2007/07/14 11:29:32 | 000,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2007/03/15 19:16:42 | 000,454,784 | ---- | M] (Linksys, a Division of Cisco Systems, Inc.) -- C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
PRC - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2006/04/06 14:58:52 | 001,032,192 | ---- | M] (Dell Inc) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2006/04/06 14:57:54 | 000,380,928 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2006/03/24 16:30:44 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2006/02/17 06:19:55 | 000,139,264 | ---- | M] (OTi) -- C:\WINDOWS\system32\UStorSrv.exe
PRC - [2005/06/10 10:44:02 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2003/10/29 02:06:00 | 000,024,576 | ---- | M] (BVRP Software) -- C:\Program Files\Digital Line Detect\DLG.exe
PRC - [2003/09/10 02:24:00 | 000,020,480 | ---- | M] () -- C:\Program Files\NetWaiting\netwaiting.exe
PRC - [2001/12/13 00:01:00 | 000,045,056 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\BRSS01A.EXE


========== Modules (SafeList) ==========

MOD - [2010/10/19 18:18:11 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andre\Desktop\OTL.exe
MOD - [2010/08/23 11:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2008/04/13 19:12:01 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2008/04/13 19:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2007/04/19 14:21:40 | 000,116,264 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Comcast\Desktop Doctor\bin\sprthook.dll
MOD - [2006/04/06 14:59:08 | 000,073,728 | ---- | M] () -- C:\Program Files\Dell\QuickSet\dadkeyb.dll
MOD - [2005/12/13 16:39:58 | 000,073,728 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hccutils.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/06/10 06:58:32 | 000,865,832 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2010/02/24 13:16:08 | 000,365,072 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2010/02/17 16:52:00 | 000,144,704 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2010/02/17 15:53:26 | 000,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2009/10/27 11:19:46 | 000,895,696 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009/07/08 11:54:34 | 000,359,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2009/07/07 19:10:02 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2009/06/17 12:49:44 | 000,616,408 | ---- | M] () [Auto | Running] -- C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe -- (AntiSpywareService)
SRV - [2008/04/24 13:26:18 | 000,202,560 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe -- (sprtsvc_ddoctorv2) SupportSoft Sprocket Service (ddoctorv2)
SRV - [2007/09/26 13:55:04 | 000,283,912 | ---- | M] (CA, Inc.) [Auto | Running] -- C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe -- (ITMRTSVC)
SRV - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Start_Pending] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
SRV - [2006/04/06 14:57:54 | 000,380,928 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2006/02/17 06:19:55 | 000,139,264 | ---- | M] (OTi) [Auto | Running] -- C:\WINDOWS\System32\UStorSrv.exe -- (UStorage Server Service)
SRV - [2002/04/12 00:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) [Auto | Stopped] -- C:\WINDOWS\system32\BRSVC01A.EXE -- (Brother XP spl Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DDMI2.sys -- (SDDMI2)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS -- (MRESP50a64)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS -- (MREMP50a64)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Andre\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2010/07/15 15:18:22 | 000,120,136 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Mpfp.sys -- (MPFP)
DRV - [2010/02/17 16:52:48 | 000,214,664 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2010/02/17 16:52:48 | 000,079,816 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2010/02/17 16:52:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2010/02/17 16:52:48 | 000,035,272 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2010/02/17 16:52:10 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009/01/26 17:13:41 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/01/26 17:13:39 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2008/04/13 13:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 13:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2008/04/13 12:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 11:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/03/22 13:57:14 | 000,028,672 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\elagopro.sys -- (elagopro)
DRV - [2007/03/22 13:57:14 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\elaunidr.sys -- (elaunidr)
DRV - [2006/09/11 23:57:15 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2006/03/24 16:34:30 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2006/03/08 11:35:10 | 000,191,872 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2005/11/02 12:24:34 | 000,424,320 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2005/10/14 08:40:18 | 000,307,968 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005/10/14 08:40:18 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/10/14 08:40:18 | 000,028,544 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/08/12 17:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2005/08/05 09:32:16 | 000,045,312 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2005/07/21 20:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/07/21 20:01:08 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/07/21 20:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/12/06 01:05:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004/12/06 01:05:00 | 000,098,714 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004/12/06 01:05:00 | 000,086,586 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004/12/06 01:05:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004/12/06 01:05:00 | 000,025,883 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004/12/06 01:05:00 | 000,015,227 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004/12/06 01:05:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004/12/06 01:05:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004/12/06 01:05:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004/12/01 03:22:00 | 000,087,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/11/23 02:56:00 | 000,040,480 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2004/08/03 22:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/07/14 11:29:04 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/07/14 11:28:50 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2004/02/13 09:46:00 | 000,017,153 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)
DRV - [2002/05/01 00:16:52 | 000,114,016 | ---- | M] (Nortel Networks) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipsecw2k.sys -- (IPSECSHM)
DRV - [2002/05/01 00:16:52 | 000,114,016 | ---- | M] (Nortel Networks) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\ipsecw2k.sys -- (IPSECEXT)
DRV - [2002/04/22 15:50:14 | 000,009,161 | R--- | M] (Nortel Networks) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\eacfilt.sys -- (Eacfilt)
DRV - [2001/08/17 14:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 14:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 14:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 14:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 14:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 13:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 13:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 13:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 13:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 13:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 13:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 13:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 13:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 13:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 13:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5060912
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5060912

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net?cid=NET_mmhpset
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0



O1 HOSTS File: ([2010/10/19 07:02:36 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Comcast Toolbar) - {79CEEA4E-C231-4614-9E3B-53B2A02F39B7} - C:\Program Files\comcasttb\comcastdx.dll ()
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Comcast Toolbar) - {79CEEA4E-C231-4614-9E3B-53B2A02F39B7} - C:\Program Files\comcasttb\comcastdx.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ddoctorv2] C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort11reminder] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [QuickFinder Scheduler] C:\Program Files\WordPerfect Office X3\Programs\QFSCHD130.EXE (Corel Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKCU..\Run: [ComcastAntispyClient] C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe ()
O4 - HKCU..\Run: [EasyLinkAdvisor] C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe (Linksys, a Division of Cisco Systems, Inc.)
O4 - HKCU..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netwaiting.exe ()
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-0000-BA7E-100000000002}\SC_Acrobat.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to existing PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O8 - Extra context menu item: Open with WordPerfect - C:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\NPJPI150_06.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {15E31F81-702C-48F8-97B1-75AE9155B5E3} https://remote.lw.com/TSWebCtl.CAB (TSWebCtl.UCTSWeb)
O16 - DPF: {30439117-02CA-4FBA-ADAF-84C2D8E2004D} https://remote.lw.com/v3rdpchk.cab (v3 silent install)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www1.snapfish.com/SnapfishActivia.cab (Snapfish Activia)
O16 - DPF: {4ECE056F-E50F-4F9D-B069-EB342D21F26A} http://www1.snapfish.com/SnapfishActivia3.cab (Snapfish Activia3)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.72.134 68.87.77.134
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Andre\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Andre\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/08/16 04:43:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: MSACM.CTRXAUD - ctrxaud.acm File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: VIDC.CTRX - ctrxvid.drv File not found
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.dvsd - C:\WINDOWS\System32\mcdvd_32.dll (MainConcept)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902053519425536)

========== Files/Folders - Created Within 90 Days ==========

File not found -- C:\Documents and Settings\Andre\Desktop\ComboFix.exe
[2010/10/19 18:18:09 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Andre\Desktop\OTL.exe
[2010/10/19 06:50:25 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/10/19 06:46:40 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/10/19 06:46:40 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/10/19 06:46:40 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/10/19 06:46:40 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/10/19 06:46:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/10/19 06:46:08 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/10/18 20:57:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre\Desktop\NTBR_CD
[2010/10/17 13:03:49 | 000,040,552 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfesmfk.sys
[2010/10/17 13:03:49 | 000,035,272 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfebopk.sys
[2010/10/17 13:03:48 | 000,079,816 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mfeavfk.sys
[2010/10/17 13:03:42 | 000,120,136 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\Mpfp.sys
[2010/10/17 13:02:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2010/10/17 13:02:14 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee.com
[2010/10/17 13:01:45 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee
[2010/10/17 13:00:32 | 000,034,248 | ---- | C] (McAfee, Inc.) -- C:\WINDOWS\System32\drivers\mferkdk.sys
[2010/10/16 14:23:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre\Application Data\Malwarebytes
[2010/10/16 14:18:28 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/10/16 14:18:26 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/10/16 14:18:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/10/16 14:18:25 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/10/16 13:54:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre\Desktop\Comcast
[2010/10/16 13:47:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre\Desktop\Travel
[2010/10/12 23:40:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre\Local Settings\Application Data\Scansoft
[2010/10/12 23:38:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010/10/12 22:37:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/10/11 20:29:43 | 000,000,000 | ---D | C] -- C:\QUARANTINE
[2010/10/11 17:10:48 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Documents\Server
[2010/10/11 12:19:47 | 000,057,344 | ---- | C] (brother Industries Ltd) -- C:\WINDOWS\System32\BRSVC01A.EXE
[2010/10/11 12:19:47 | 000,045,056 | ---- | C] (brother Industries Ltd) -- C:\WINDOWS\System32\BRSS01A.EXE
[2010/10/08 17:34:45 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Andre\Application Data\Brother
[2010/10/08 17:12:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\BrFaxRx
[2010/10/08 17:10:34 | 000,054,784 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\brinsstr.dll
[2010/10/08 17:10:12 | 000,094,208 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\BrDctF2.dll
[2010/10/08 17:10:12 | 000,012,288 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\BrDctF2S.dll
[2010/10/08 17:10:12 | 000,012,288 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\BrDctF2L.dll
[2010/10/08 17:10:10 | 000,176,128 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BROSNMP.DLL
[2010/10/08 17:10:05 | 000,063,488 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrNetSti.dll
[2010/10/08 17:10:05 | 000,058,368 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\BrWiaNCp.dll
[2010/10/08 17:10:05 | 000,041,472 | ---- | C] (Brother Industries,Ltd) -- C:\WINDOWS\System32\Brnsplg.dll
[2010/10/08 17:10:03 | 001,397,248 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrWia07b.dll
[2010/10/08 17:10:03 | 000,094,208 | ---- | C] (Brother Industries Ltd) -- C:\WINDOWS\System32\BRRBTOOL.EXE
[2010/10/08 17:10:03 | 000,077,824 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BRLMW03A.DLL
[2010/10/08 17:10:03 | 000,024,223 | ---- | C] (brother Industries Ltd) -- C:\WINDOWS\System32\BRLM03A.DLL
[2010/10/08 17:10:03 | 000,000,000 | ---D | C] -- C:\Brother
[2010/10/08 17:10:00 | 000,167,936 | ---- | C] (brother) -- C:\WINDOWS\System32\NSSearch.dll
[2010/10/08 17:10:00 | 000,126,976 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrfxD05a.dll
[2010/10/08 17:10:00 | 000,102,400 | ---- | C] (Brother Industries,LTD.) -- C:\WINDOWS\System32\BrMfNt.dll
[2010/10/08 17:10:00 | 000,073,728 | ---- | C] (Brother Industories Ltd. P&S Company) -- C:\WINDOWS\System32\BRCrypt.dll
[2010/10/08 17:09:59 | 000,131,072 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\brunin03.dll
[2010/10/08 17:09:59 | 000,000,000 | ---D | C] -- C:\Program Files\Brother
[2010/10/08 17:09:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre\Application Data\InstallShield
[2010/10/08 17:06:07 | 000,000,000 | ---D | C] -- C:\Program Files\Nuance
[2010/10/08 17:03:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ScanSoft Shared
[2010/10/08 17:02:40 | 000,000,000 | ---D | C] -- C:\Program Files\ScanSoft
[2010/10/08 17:02:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2010/10/08 17:02:38 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2010/10/08 17:00:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Brother
[2010/10/01 17:33:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre\Application Data\Jaran Nilsen
[2010/10/01 17:33:38 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes Agent
[2010/09/10 17:44:44 | 000,000,000 | ---D | C] -- C:\Program Files\support.com
[2010/09/05 22:15:36 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/09/05 22:15:32 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/09/05 22:15:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/09/05 22:12:30 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/09/05 22:08:03 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/09/05 21:42:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre\Application Data\Mozilla
[2010/09/05 21:42:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre\Local Settings\Application Data\eMusic
[2010/09/05 21:42:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre\Application Data\eMusic
[2010/09/05 21:42:21 | 000,000,000 | ---D | C] -- C:\Program Files\eMusic Download Manager
[2010/09/05 18:40:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Systweak
[2010/09/04 07:41:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre\Application Data\Systweak
[2010/07/30 11:55:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre\My Documents\Downloads
[2010/07/30 09:54:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2010/07/30 09:53:45 | 000,000,000 | ---D | C] -- C:\Program Files\Comcast
[2010/07/30 09:53:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre\Application Data\CallingID
[2010/07/30 09:53:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\scanner
[2010/07/30 09:53:21 | 000,000,000 | ---D | C] -- C:\Program Files\CA
[2010/07/30 09:52:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre\Application Data\comcasttb
[2010/07/30 09:52:42 | 000,000,000 | ---D | C] -- C:\Program Files\comcasttb
[2010/07/30 09:50:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andre\Local Settings\Application Data\SupportSoft
[2010/07/30 09:50:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SupportSoft
[2010/07/30 09:50:38 | 000,000,000 | ---D | C] -- C:\Program Files\ComcastUI

========== Files - Modified Within 90 Days ==========
 
OTL Part 2

OTL Part 2 of 2



[2010/10/19 18:18:11 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andre\Desktop\OTL.exe
[2010/10/19 18:05:00 | 000,007,343 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF
[2010/10/19 07:06:48 | 000,464,252 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/10/19 07:06:48 | 000,081,214 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/10/19 07:04:12 | 000,002,335 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
[2010/10/19 07:02:36 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/10/19 07:02:27 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/10/19 07:02:11 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/10/19 07:01:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/10/19 07:01:48 | 1063,714,816 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/19 06:50:36 | 000,000,325 | RHS- | M] () -- C:\boot.ini
[2010/10/18 21:01:00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960889908-3448697875-2486020462-1006UA.job
[2010/10/18 20:57:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/10/18 20:55:10 | 002,565,432 | ---- | M] () -- C:\Documents and Settings\Andre\Desktop\NTBR_CD.exe
[2010/10/18 20:01:00 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960889908-3448697875-2486020462-1006Core.job
[2010/10/18 19:12:05 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Andre\Desktop\MBRCheck.exe
[2010/10/17 19:31:15 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/10/17 13:07:28 | 000,000,671 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk
[2010/10/17 13:02:49 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\McDefragTask.job
[2010/10/17 13:02:48 | 000,000,332 | ---- | M] () -- C:\WINDOWS\tasks\McQcTask.job
[2010/10/16 20:41:06 | 000,544,768 | ---- | M] () -- C:\Documents and Settings\Andre\Desktop\dds.scr
[2010/10/16 20:40:06 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\Andre\Desktop\3zxt5rnq.exe
[2010/10/16 20:17:26 | 000,088,850 | ---- | M] () -- C:\Documents and Settings\Andre\Desktop\Malware Preliminary Removal Instructions - TechSpot OpenBoards.pdf
[2010/10/16 16:54:45 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\Andre\Desktop\Google Chrome.lnk
[2010/10/16 16:54:45 | 000,002,262 | ---- | M] () -- C:\Documents and Settings\Andre\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/10/16 14:18:32 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/16 13:12:49 | 000,295,664 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/10/14 22:00:05 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/10/14 17:39:08 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/10/12 22:04:58 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Andre\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010/10/11 12:19:48 | 000,000,184 | ---- | M] () -- C:\WINDOWS\System32\brsvc01a.bsi
[2010/10/11 12:19:48 | 000,000,030 | ---- | M] () -- C:\WINDOWS\System32\brss01a.ini
[2010/10/11 12:19:47 | 000,000,065 | ---- | M] () -- C:\WINDOWS\System32\bd7840w.dat
[2010/10/08 17:16:24 | 000,004,267 | ---- | M] () -- C:\WINDOWS\System32\LexFiles.ulf
[2010/10/08 17:12:44 | 000,000,410 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2010/10/08 17:12:06 | 000,000,225 | ---- | M] () -- C:\WINDOWS\Brpfx04a.ini
[2010/10/08 17:12:06 | 000,000,093 | ---- | M] () -- C:\WINDOWS\brpcfx.ini
[2010/10/08 17:12:06 | 000,000,086 | ---- | M] () -- C:\WINDOWS\Brfaxrx.ini
[2010/10/04 19:57:44 | 001,068,203 | ---- | M] () -- C:\Documents and Settings\Andre\Desktop\sf2809.pdf
[2010/09/14 13:35:39 | 000,005,798 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2010/09/12 14:22:03 | 000,061,876 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/09/10 17:45:09 | 000,001,097 | ---- | M] () -- C:\net_save.dna
[2010/09/06 07:14:53 | 000,046,592 | ---- | M] () -- C:\Documents and Settings\Andre\Desktop\Meenu Will.doc
[2010/09/06 07:13:44 | 000,047,104 | ---- | M] () -- C:\Documents and Settings\Andre\Desktop\Mon Will.doc
[2010/08/11 19:25:05 | 002,002,478 | ---- | M] () -- C:\WINDOWS\iis6.BAK

========== Files Created - No Company Name ==========

[2010/10/19 06:50:36 | 000,000,209 | ---- | C] () -- C:\Boot.bak
[2010/10/19 06:50:28 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2010/10/19 06:46:40 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/10/19 06:46:40 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/10/19 06:46:40 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/10/19 06:46:40 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/10/19 06:46:40 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/10/18 20:55:05 | 002,565,432 | ---- | C] () -- C:\Documents and Settings\Andre\Desktop\NTBR_CD.exe
[2010/10/18 19:12:05 | 000,080,384 | ---- | C] () -- C:\Documents and Settings\Andre\Desktop\MBRCheck.exe
[2010/10/17 13:07:42 | 000,007,343 | ---- | C] () -- C:\WINDOWS\System32\Config.MPF
[2010/10/17 13:07:28 | 000,000,671 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\McAfee Security Center.lnk
[2010/10/17 13:02:49 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\McDefragTask.job
[2010/10/17 13:02:48 | 000,000,332 | ---- | C] () -- C:\WINDOWS\tasks\McQcTask.job
[2010/10/16 20:41:33 | 000,544,768 | ---- | C] () -- C:\Documents and Settings\Andre\Desktop\dds.scr
[2010/10/16 20:40:47 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\Andre\Desktop\3zxt5rnq.exe
[2010/10/16 20:17:26 | 000,088,850 | ---- | C] () -- C:\Documents and Settings\Andre\Desktop\Malware Preliminary Removal Instructions - TechSpot OpenBoards.pdf
[2010/10/16 16:54:45 | 000,002,284 | ---- | C] () -- C:\Documents and Settings\Andre\Desktop\Google Chrome.lnk
[2010/10/16 16:54:45 | 000,002,262 | ---- | C] () -- C:\Documents and Settings\Andre\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/10/16 16:51:25 | 000,000,978 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960889908-3448697875-2486020462-1006UA.job
[2010/10/16 16:51:25 | 000,000,926 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1960889908-3448697875-2486020462-1006Core.job
[2010/10/16 14:18:32 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/10/11 12:19:48 | 000,000,184 | ---- | C] () -- C:\WINDOWS\System32\brsvc01a.bsi
[2010/10/11 12:19:48 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2010/10/08 17:12:44 | 000,000,410 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2010/10/08 17:12:06 | 000,000,225 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2010/10/08 17:12:06 | 000,000,093 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2010/10/08 17:12:06 | 000,000,065 | ---- | C] () -- C:\WINDOWS\System32\bd7840w.dat
[2010/10/08 17:10:03 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\BRTCPCON.DLL
[2010/10/08 17:10:03 | 000,000,114 | ---- | C] () -- C:\WINDOWS\System32\BRLMW03A.INI
[2010/10/08 17:10:02 | 000,006,224 | ---- | C] () -- C:\WINDOWS\CVRPAGE.BMP
[2010/10/08 17:10:01 | 000,000,086 | ---- | C] () -- C:\WINDOWS\Brfaxrx.ini
[2010/10/08 17:10:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2010/10/08 17:10:00 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2010/10/08 17:05:17 | 000,031,567 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2010/10/04 19:57:42 | 001,068,203 | ---- | C] () -- C:\Documents and Settings\Andre\Desktop\sf2809.pdf
[2010/09/12 14:22:03 | 000,061,876 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/09/10 17:45:09 | 000,001,097 | ---- | C] () -- C:\net_save.dna
[2010/09/05 22:17:01 | 000,002,137 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/04/11 14:43:49 | 000,126,464 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2009/11/18 10:50:37 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Andre\Application Data\PFP100JPR.{PB
[2009/11/18 10:50:37 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Andre\Application Data\PFP100JCM.{PB
[2008/05/11 22:05:03 | 000,139,264 | ---- | C] () -- C:\WINDOWS\System32\OPDSL.DLL
[2008/05/10 09:51:29 | 000,003,140 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys
[2008/05/10 09:51:29 | 000,000,168 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\80936C0B21.sys
[2008/01/18 12:25:36 | 000,000,032 | ---- | C] () -- C:\WINDOWS\concentr.ini
[2007/05/13 21:45:31 | 000,014,848 | ---- | C] () -- C:\Documents and Settings\Andre\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/06 00:35:52 | 000,001,755 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2006/10/07 12:23:42 | 000,005,798 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006/10/07 12:23:42 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\3DF8CD3E3D.sys
[2006/10/05 20:04:07 | 000,000,113 | ---- | C] () -- C:\WINDOWS\webica.ini
[2006/09/23 07:57:02 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/09/18 18:41:06 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Andre\Local Settings\Application Data\fusioncache.dat
[2006/09/12 00:20:01 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/09/12 00:11:42 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/09/12 00:00:54 | 000,712,704 | ---- | C] () -- C:\WINDOWS\System32\DellSystemRestore.dll
[2006/09/11 23:57:47 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2006/09/11 23:53:48 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2006/09/11 23:24:02 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll
[2006/09/11 23:23:50 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\preflib.dll
[2006/09/11 23:23:46 | 000,757,760 | ---- | C] () -- C:\WINDOWS\System32\bcm1xsup.dll
[2006/09/11 23:22:21 | 000,000,391 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/08/16 04:37:24 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/08/16 04:33:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/08/05 14:01:54 | 000,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/04/09 10:04:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2010/05/24 19:48:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Borland
[2005/08/16 20:54:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
[2010/06/14 19:06:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Juniper Networks
[2010/10/08 17:05:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2010/07/30 09:54:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2010/09/05 22:30:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Systweak
[2006/09/11 23:57:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/09/05 22:16:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/07/30 10:14:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre\Application Data\CallingID
[2010/07/30 09:54:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre\Application Data\comcasttb
[2010/09/13 12:14:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre\Application Data\eMusic
[2008/01/18 12:25:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre\Application Data\ICAClient
[2010/10/01 17:33:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre\Application Data\Jaran Nilsen
[2010/06/14 20:05:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre\Application Data\Juniper Networks
[2006/12/29 14:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre\Application Data\Snapfish
[2010/09/05 22:30:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre\Application Data\Systweak
[2007/10/14 18:56:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre\Application Data\Viewpoint
[2010/04/11 15:01:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre\Application Data\WinAVI
[2010/10/17 13:02:49 | 000,000,340 | ---- | M] () -- C:\WINDOWS\Tasks\McDefragTask.job
[2010/10/17 13:02:48 | 000,000,332 | ---- | M] () -- C:\WINDOWS\Tasks\McQcTask.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2005/08/16 04:43:04 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2007/01/28 21:47:37 | 000,000,209 | ---- | M] () -- C:\Boot.bak
[2010/10/19 06:50:36 | 000,000,325 | RHS- | M] () -- C:\boot.ini
[2004/08/03 23:00:00 | 000,260,272 | RHS- | M] () -- C:\cmldr
[2010/10/19 07:09:18 | 000,018,007 | ---- | M] () -- C:\ComboFix.txt
[2008/01/18 12:25:12 | 000,000,000 | ---- | M] () -- C:\COMLOG.txt
[2005/08/16 04:43:04 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2009/01/13 20:11:35 | 000,000,081 | ---- | M] () -- C:\CTX.DAT
[2006/09/11 23:30:38 | 000,006,587 | RH-- | M] () -- C:\dell.sdr
[2010/10/08 17:16:19 | 000,051,104 | ---- | M] () -- C:\dlcc.log
[2010/10/08 17:16:20 | 000,703,959 | ---- | M] () -- C:\dlccscan.log
[2010/10/19 07:01:48 | 1063,714,816 | -HS- | M] () -- C:\hiberfil.sys
[2006/09/23 08:28:15 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[2005/08/16 04:43:04 | 000,000,000 | -H-- | M] () -- C:\IO.SYS
[2006/09/11 23:57:33 | 000,000,827 | -H-- | M] () -- C:\IPH.PH
[2005/08/16 04:43:04 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS
[2010/09/10 17:45:09 | 000,001,097 | ---- | M] () -- C:\net_save.dna
[2004/08/10 05:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2009/01/18 22:07:25 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2009/10/04 14:14:37 | 000,004,120 | -H-- | M] () -- C:\os651826.bin
[2010/10/19 07:01:46 | 1598,029,824 | -HS- | M] () -- C:\pagefile.sys
[2006/09/11 23:57:43 | 000,000,071 | ---- | M] () -- C:\SystemInfo.ini
[2010/10/16 13:33:27 | 000,052,594 | ---- | M] () -- C:\TDSSKiller.2.4.4.0_16.10.2010_13.29.16_log.txt
[2009/04/21 11:18:34 | 000,000,028 | ---- | M] () -- C:\WFCNAME.INI

< %systemroot%\Fonts\*.com >
[2006/04/18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2006/06/29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2006/04/18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2006/06/29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2005/08/16 04:42:12 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2008/07/06 07:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
[2007/04/09 14:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
[2008/07/06 05:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2005/08/16 04:27:08 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2005/08/16 04:27:08 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2005/08/16 04:27:08 | 000,876,544 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2005/06/09 11:33:42 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\3 Months Free NetZero.exe
[2009/01/18 22:15:29 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2006/09/18 18:41:23 | 000,000,170 | -HS- | M] () -- C:\Documents and Settings\Andre\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2005/08/16 04:50:28 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Andre\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >
[2010/10/16 20:40:06 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\Andre\Desktop\3zxt5rnq.exe
[2010/10/18 19:12:05 | 000,080,384 | ---- | M] () -- C:\Documents and Settings\Andre\Desktop\MBRCheck.exe
[2010/10/18 20:55:10 | 002,565,432 | ---- | M] () -- C:\Documents and Settings\Andre\Desktop\NTBR_CD.exe
[2010/10/19 18:18:11 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andre\Desktop\OTL.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >
[2004/08/10 05:00:00 | 000,000,791 | ---- | M] () -- C:\WINDOWS\addins\fxsext.ecf

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2006/09/18 18:41:22 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Andre\Favorites\Desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >
[2008/06/04 20:46:30 | 000,000,067 | -HS- | M] () -- C:\Documents and Settings\Andre\Cookies\desktop.ini
[2010/10/19 18:16:30 | 001,146,880 | ---- | M] () -- C:\Documents and Settings\Andre\Cookies\index.dat

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >
[2004/08/10 05:00:00 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >
[2008/04/13 19:11:51 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\custsat.dll
[2004/08/04 01:06:34 | 000,004,821 | ---- | M] () -- C:\Program Files\Messenger\logowin.gif
[2004/08/04 01:06:34 | 000,007,047 | ---- | M] () -- C:\Program Files\Messenger\lvback.gif
[2008/05/02 09:01:49 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgsc.dll
[2008/04/13 12:30:28 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msgslang.dll
[2008/04/13 19:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
[2004/08/04 01:06:36 | 000,002,882 | ---- | M] () -- C:\Program Files\Messenger\newalert.wav
[2004/08/04 01:06:36 | 000,006,156 | ---- | M] () -- C:\Program Files\Messenger\newemail.wav
[2004/08/04 01:06:36 | 000,006,160 | ---- | M] () -- C:\Program Files\Messenger\online.wav
[2004/08/04 01:06:36 | 000,004,454 | ---- | M] () -- C:\Program Files\Messenger\type.wav
[2004/08/04 01:06:36 | 000,115,981 | ---- | M] () -- C:\Program Files\Messenger\xpmsgr.chm

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


< End of report >
 
Extras Log

OTL Extras logfile created on: 10/19/2010 6:19:37 PM - Run 1
OTL by OldTimer - Version 3.2.15.2 Folder = C:\Documents and Settings\Andre\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1,014.00 Mb Total Physical Memory | 275.00 Mb Available Physical Memory | 27.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.24 Gb Total Space | 4.67 Gb Free Space | 12.53% Space Free | Partition Type: NTFS
Drive D: | 12.54 Gb Total Space | 12.47 Gb Free Space | 99.44% Space Free | Partition Type: NTFS

Computer Name: BUBBLE | User Name: Andre | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:mad:xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:mad:xpsp2res.dll,-22008
"54925:UDP" = 54925:UDP:*:Enabled:Brother Network Scanner

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- File not found
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL -- File not found

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Nortel Networks\Extranet.exe" = C:\Program Files\Nortel Networks\Extranet.exe:*:Enabled:Contivity VPN Client -- (Nortel Networks NA, Inc.)
"C:\Documents and Settings\Andre\Application Data\Juniper Networks\Juniper Terminal Services Client\dsTermServ.exe" = C:\Documents and Settings\Andre\Application Data\Juniper Networks\Juniper Terminal Services Client\dsTermServ.exe:*:Enabled:Juniper Terminal Services Client -- (Juniper Networks)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Brother\Brmfl07b\FAXRX.exe" = C:\Program Files\Brother\Brmfl07b\FAXRX.exe:*:Enabled:FAXRX.EXE -- (Brother Industries Ltd.)
"C:\Program Files\Brother\BRAdmin Light\BRAdmLight.exe" = C:\Program Files\Brother\BRAdmin Light\BRAdmLight.exe:*:Enabled:BRAdmin Light -- (Brother Industries, Ltd.)
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe" = C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent -- (McAfee, Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{83FBD495-DDF6-4C8D-92D6-10261DD6F6A3}" = WordPerfect Office X3
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{0ED38503-B69A-44B4-98BE-21BFF284A9B6}" = Brother Driver Deployment Wizard
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1DF03ECE-6AF4-414E-B118-C316F151A9A2}" = Corel WordPerfect Office - iFilter
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26E1BFB0-E87E-4696-9F89-B467F01F81E5}" = Broadcom Management Programs
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{350FB27C-CF62-4EF3-AF9D-70FF313FE221}" = iTunes
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZeroInstallers
"{388C130B-0079-46B4-A0D5-DC2DD7A89A7B}" = Citrix XenApp Plugin for Hosted Apps
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{4192EAC0-6B36-4723-B216-D0E86E7757AC}" = Jasc Paint Shop Photo Album 5
"{4667B940-BB01-428B-986E-A0CC46497BF7}" = ELIcon
"{46E1B1F2-A279-4356-9B17-029F9CC72EAE}" = Brother MFL-Pro Suite
"{52D56C42-8C69-4882-A661-39695537C9CF}" = DellConnect
"{548EEA8E-8299-497F-8057-811D2D7097DC}" = Dell Support 3.1
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.7
"{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}" = Digital Content Portal
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{728278A1-0BB7-45E4-AC5E-91D7C0FD1EDE}" = EarthLink setup files
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78C496B9-5A6B-4692-8C2E-AFFFC34E4961}" = Jasc Paint Shop Pro Studio, Dell Editon
"{7A8FF745-BBC5-482B-88E4-18D3178249A9}" = ScanSoft PaperPort 11
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{83FBD495-DDF6-4C8D-92D6-10261DD6F6A3}" = WordPerfect Office X3
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{91CA0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{A1960A82-DB70-474D-A86B-FA74466103C6}" = Drivers Install For Linksys Easylink Advisor
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A683A2C0-821C-486F-858C-FA634DB5E864}" = EducateU
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-1033-0000-BA7E-100000000002}" = Adobe Acrobat 7.0 Standard
"{AC76BA86-7AD7-1033-7B44-A70800000002}" = Adobe Reader 7.0.8
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B0DF58A2-40DF-4465-AA56-38623EC9938C}" = Documentation & Support Launcher
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B6884A07-0305-47AE-9969-8F26FADC17DE}" = Games, Music, & Photos Launcher
"{BA68600E-96D9-4E92-80F2-26B9681B5A63}" = Microsoft Office Outlook 2003 with Business Contact Manager Update
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEF7211D-CE3A-44C4-B321-D84A2099AE94}" = Comcast Desktop Software (v1.2.0.9)
"{CF21CDC3-DA17-4724-AC3B-27A51F1B5AC8}" = Internet Dialer
"{D87149B3-7A1D-4548-9CBF-032B791E5908}" = Desktop Doctor
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DB75941E-30C4-4D97-B000-D17C764B998C}" = Brother BRAdmin Light 1.12
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (MICROSOFTSMLBIZ)
"{E1C7EF5E-3A7B-4ED4-A48B-F70F1B36EAB4}" = Corel Paint Shop Pro Photo XI
"{E42BD75A-FC23-4E3F-9F91-2658334C644F}" = Internet Service Offers Launcher
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{EF964A78-078C-11D1-B7A7-0000C0134CE6}" = Nortel Networks Contivity VPN Client
"{F05A5232-CE5E-4274-AB27-44EB8105898D}" = CA Pest Patrol Realtime Protection
"{F73E7B59-F951-11D4-884D-00902761A46D}" = WordPerfect Office 2002 Professional
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"12133444-BF36-4d4e-B7FB-A3424C645DE4" = GemMaster Mystic
"Accessories" = Citrix ICA Client ( Accessories )
"Adobe Acrobat 7.0 Standard - V" = Adobe Acrobat 7.1.0 Standard
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"ATT-PRT22" = ATT-PRT22
"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"Citrix ICA Client" = Citrix ICA Client
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"comcasttb" = Comcast Toolbar 3.0
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"Dell_ENA" = 3300 Software Uninstall
"EasyLinkAdvisor" = Linksys EasyLink Advisor 1.6 (0032)
"EmeraldQFE2" = Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
"ESPNMotion" = ESPNMotion
"GTRemote Client" = DellConnect
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"LiveUpdate" = LiveUpdate 2.6 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSC" = McAfee SecurityCenter
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"RealPlayer 6.0" = RealPlayer Basic
"ScrewDrivers Client v3" = ScrewDrivers Client v3
"SearchAssist" = SearchAssist
"StreetPlugin" = Learn2 Player (Uninstall Only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"v3 RDP Only Web Push (nstl chk)" = v3 RDP Only Web Push (nstl chk)
"ViewpointMediaPlayer" = Viewpoint Media Player
"WinAVI Video Converter 10.0_is1" = WinAVI Video Converter
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"iTunes Agent 1.3.3" = iTunes Agent 1.3.3
"Juniper_Term_Services" = Juniper Terminal Services Client
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/19/2010 7:35:32 AM | Computer Name = BUBBLE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 31580078

Error - 10/19/2010 8:45:39 AM | Computer Name = BUBBLE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/19/2010 8:45:39 AM | Computer Name = BUBBLE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15578

Error - 10/19/2010 8:45:39 AM | Computer Name = BUBBLE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15578

Error - 10/19/2010 7:04:20 PM | Computer Name = BUBBLE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/19/2010 7:04:20 PM | Computer Name = BUBBLE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 37136797

Error - 10/19/2010 7:04:20 PM | Computer Name = BUBBLE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 37136797

Error - 10/19/2010 7:04:36 PM | Computer Name = BUBBLE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 10/19/2010 7:04:36 PM | Computer Name = BUBBLE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 37152500

Error - 10/19/2010 7:04:36 PM | Computer Name = BUBBLE | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 37152500

[ System Events ]
Error - 10/16/2010 9:04:26 PM | Computer Name = BUBBLE | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 10/16/2010 9:04:26 PM | Computer Name = BUBBLE | Source = Service Control Manager | ID = 7034
Description = The Comcast AntiSpyware service terminated unexpectedly. It has done
this 1 time(s).

Error - 10/16/2010 9:04:27 PM | Computer Name = BUBBLE | Source = Service Control Manager | ID = 7034
Description = The Bonjour Service service terminated unexpectedly. It has done
this 1 time(s).

Error - 10/16/2010 9:04:27 PM | Computer Name = BUBBLE | Source = Service Control Manager | ID = 7034
Description = The CA Pest Patrol Realtime Protection Service service terminated
unexpectedly. It has done this 1 time(s).

Error - 10/16/2010 9:04:27 PM | Computer Name = BUBBLE | Source = Service Control Manager | ID = 7034
Description = The McciCMService service terminated unexpectedly. It has done this
1 time(s).

Error - 10/18/2010 7:51:35 PM | Computer Name = BUBBLE | Source = W32Time | ID = 39452689
Description = Time Provider NtpClient: An error occurred during DNS lookup of the
manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup
again in 15 minutes. The error was: A socket operation was attempted to an unreachable
host. (0x80072751)

Error - 10/18/2010 7:51:35 PM | Computer Name = BUBBLE | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 14 minutes. NtpClient has no source of accurate
time.

Error - 10/19/2010 7:45:56 AM | Computer Name = BUBBLE | Source = Service Control Manager | ID = 7031
Description = The McAfee Real-time Scanner service terminated unexpectedly. It
has done this 1 time(s). The following corrective action will be taken in 60000
milliseconds: Restart the service.

Error - 10/19/2010 7:52:41 AM | Computer Name = BUBBLE | Source = Service Control Manager | ID = 7034
Description = The Dell Wireless WLAN Tray Service service terminated unexpectedly.
It has done this 1 time(s).

Error - 10/19/2010 8:08:09 AM | Computer Name = BUBBLE | Source = Service Control Manager | ID = 7016
Description = The BrSplService service has reported an invalid current state 0.


< End of report >
 
Redirects

Whoops. Overlooked that one. I ran a few searches and they worked out fine without any redirects. Does that mean it's dead?!
 
You're running low on C drive free space:
Drive C: | 37.24 Gb Total Space | 4.67 Gb Free Space | 12.53% Space Free

=========================================================================

Update your Java version here: http://www.java.com/en/download/installed.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it to its own folder
  • Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.

=======================================================================

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Code:
    :OTL
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    [2008/05/10 09:51:29 | 000,000,168 | RHS- | C] () -- C:\Documents and Settings\All Users\Application Data\80936C0B21.sys
    [2006/09/11 23:57:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
    [2007/10/14 18:56:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andre\Application Data\Viewpoint
    
    
    :Services
    
    :Reg
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
    "DisableMonitoring" =-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
    "DisableMonitoring" =-
    
    :Files
    
    :Commands
    [purity]
    [emptytemp]
    [emptyflash]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • You will get a log that shows the results of the fix. Please post it.

=====================================================================

Last scans...

1. Download Security Check from HERE, and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


2. Download Temp File Cleaner (TFC)
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


3. Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • IMPORTANT! UN-check Remove found threats
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • NOTE. If Eset won't find any threats, it won't produce any log.
 
Status
Not open for further replies.
Back