Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Fakealert in registry


  • This topic is locked This topic is locked
37 replies to this topic

#1 tenno

tenno

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:07:02 AM

Posted 16 December 2008 - 07:36 PM

I've had Garmanma try to solve this problem now I'm onto the next level of help.

Topic referenced is here: http://www.bleepingcomputer.com/forums/t/183954/trojan-and-who-know-what/ ~ OB

The virus seems to be keepng my modem running at full speed so my desktop computer is running slow and I keep getting pop - ups and time -outs.

I coudn't rum Kaspersky because it would time-out on the download.

I've run MBAM many times along with SDfix and spybot with no luck. It seems to come back after each restart.

Logfile of random's system information tool 1.04 (written by random/random)
Run by Tim at 2008-12-16 16:10:28
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 19 GB (25%) free of 76 GB
Total RAM: 1023 MB (41% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
C:\WINDOWS\tasks\RegCure Program Check.job
C:\WINDOWS\tasks\RegCure.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{22A4E02E-ADFB-4BE8-BCBB-E04B6B683690}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-03 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-03 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-03 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar4.dll [2007-01-19 2403392]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
{D0943516-5076-4020-A3B5-AEFAF26AB263} - Veoh Browser Plug-in - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll [2008-05-15 352256]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"WinFaxAppPortStarter"=C:\WINDOWS\system32\wfxsnt40.exe [2001-08-08 43520]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2003-02-28 151597]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2002-09-10 46592]
"HydarVisionDesktopManager"= []
"Cmaudio"=RunDll32 cmicnfg.cpl []
"Camera Detector"=C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE [2003-06-17 208896]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-10-14 155648]
"PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2005-03-17 57393]
"IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2005-03-17 40960]
"BrMfcWnd"=C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2006-06-28 622592]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-03 136600]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-12-11 286720]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2007-12-11 267048]
"Zune Launcher"=c:\Program Files\Zune\ZuneLauncher.exe [2008-09-12 160160]
"TEPA.exe"=C:\Program Files\TELUS\eProtect Advisor\TEPA.exe [2007-05-14 2061816]
"TELUS eProtect"=C:\Program Files\TELUS\TELUS eProtect\Rps.exe [2007-09-13 310000]
"-FreedomNeedsReboot"=C:\Program Files\TELUS\TELUS eProtect\ZkRunOnceR.exe [2007-09-13 13552]
"TELUS_McciTrayApp"=C:\Program Files\TELUS\TELUS Support Centre\bin\McciTrayApp.exe [2008-02-25 1468256]
"Motive SmartBridge"=C:\PROGRA~1\TELUSE~1\SMARTB~1\MotiveSB.exe [2008-10-24 393216]
"brastk"=brastk.exe []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IndexCleaner"=C:\Program Files\TELUS\TELUS eProtect\IdxClnR.exe [2007-09-13 61168]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ATI Launchpad"= []
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-07 68856]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IndexCleaner"=C:\Program Files\TELUS\TELUS eProtect\IdxClnR.exe [2007-09-13 61168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2002-08-27 290816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3]
C:\Program Files\Brother\ControlCenter3\brctrcen.exe [2006-06-29 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2007-12-11 286720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Creating Keepsakes Scrapbook Designer Event Reminder.lnk]
C:\Program Files\Scrapbook Designer\scrapremind.exe [2005-01-11 339968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2004-08-11 757760]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
TELUS eCare.lnk - C:\Program Files\TELUS eCare\bin\matcli.exe

C:\Documents and Settings\Tim\Start Menu\Programs\Startup
Nikon Monitor.lnk - C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\WINDOWS\System32\deimg40132.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\3c24e201509]
C:\WINDOWS\System32\deimg40132.dll [2008-11-28 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 702768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\__c00B5732]
C:\WINDOWS\system32\__c00B5732.dat [2008-12-16 24576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SYMTDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe"="C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Disabled:Kodak Software Updater"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Microsoft Games\Age of Empires III\age3.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3.exe:*:Enabled:Age of Empires 3"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"
"C:\Program Files\America's Army\System\ArmyOps.exe"="C:\Program Files\America's Army\System\ArmyOps.exe:*:Enabled:ArmyOps"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\Program Files\Grisoft\AVG Free\avginet.exe"="C:\Program Files\Grisoft\AVG Free\avginet.exe:*:Enabled:avginet.exe"
"C:\Program Files\Grisoft\AVG Free\avgcc.exe"="C:\Program Files\Grisoft\AVG Free\avgcc.exe:*:Enabled:avgcc.exe"
"C:\Program Files\Grisoft\AVG Free\avgamsvr.exe"="C:\Program Files\Grisoft\AVG Free\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\StubInstaller.exe"="C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\Documents and Settings\Timothy\My Documents\My Games\LimeWire\LimeWire.exe"="C:\Documents and Settings\Timothy\My Documents\My Games\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Documents and Settings\Timothy\My Documents\LimeWire\LimeWire\LimeWire.exe"="C:\Documents and Settings\Timothy\My Documents\LimeWire\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Electronic Arts\The Battle for Middle-earth ™ II\game.dat"="C:\Program Files\Electronic Arts\The Battle for Middle-earth ™ II\game.dat:*:Enabled:The Battle for Middle-earth™ II"
"C:\Program Files\Microsoft Games\Halo Trial\halo.exe"="C:\Program Files\Microsoft Games\Halo Trial\halo.exe:*:Enabled:Halo"
"C:\Documents and Settings\Timothy\My Documents\New Folder\LimeWire\LimeWire.exe"="C:\Documents and Settings\Timothy\My Documents\New Folder\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Sony\Station\LaunchPad\LaunchPad.exe"="C:\Program Files\Sony\Station\LaunchPad\LaunchPad.exe:*:Enabled:LaunchPad"
"C:\Program Files\Sony\Station\LaunchPad\_aunchPad.exe"="C:\Program Files\Sony\Station\LaunchPad\_aunchPad.exe:*:Enabled:_aunchPad"
"C:\Documents and Settings\Timothy\Local Settings\Temporary Internet Files\Content.IE5\CYM165WO\installer-22999-19-Counter-Strike-1-6-English[1].exe"="C:\Documents and Settings\Timothy\Local Settings\Temporary Internet Files\Content.IE5\CYM165WO\installer-22999-19-Counter-Strike-1-6-English[1].exe:*:Enabled:installer-22999-19-Counter-Strike-1-6-English[1]"
"C:\Program Files\Nero\Nero8\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero8\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"C:\Program Files\Nero\Nero8\Nero ShowTime\ShowTime.exe"="C:\Program Files\Nero\Nero8\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\THQ\Dawn of War - Dark Crusade\DarkCrusade.exe"="C:\Program Files\THQ\Dawn of War - Dark Crusade\DarkCrusade.exe:*:Enabled:DarkCrusade"
"C:\Program Files\CCP\EVE\bin\ExeFile.exe"="C:\Program Files\CCP\EVE\bin\ExeFile.exe:*:Disabled:CCP ExeFile"
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client"
"C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe:*:Enabled:Age of Empires III - The Asian Dynasties"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Windows Explorer"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java™ Platform SE binary"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msncall.exe"="C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

======List of files/folders created in the last 1 months======

2008-12-16 16:10:28 ----D---- C:\rsit
2008-12-16 16:10:28 ----D---- C:\Program Files\trend micro
2008-12-15 18:41:02 ----ASH---- C:\WINDOWS\system32\4.tmp
2008-12-15 15:46:38 ----SHD---- C:\WINDOWS\system32\GroupPolicyManifest
2008-12-14 22:18:52 ----D---- C:\WINDOWS\ERUNT
2008-12-14 22:12:33 ----D---- C:\SDFix
2008-12-14 08:35:35 ----D---- C:\Avenger
2008-12-14 08:35:34 ----A---- C:\avenger.txt
2008-12-13 15:48:33 ----A---- C:\WINDOWS\system32\70.tmp
2008-12-10 10:14:11 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2008-12-10 10:13:04 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-10 10:12:36 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-10 10:10:18 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2008-12-03 10:55:52 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-03 10:55:52 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-03 10:55:52 ----A---- C:\WINDOWS\system32\java.exe
2008-12-03 10:55:52 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-11-28 22:37:22 ----A---- C:\WINDOWS\GnuHashes.ini
2008-11-28 22:29:41 ----ASH---- C:\WINDOWS\system32\32.tmp
2008-11-28 22:29:34 ----A---- C:\WINDOWS\system32\deimg40132.dll

======List of files/folders modified in the last 1 months======

2008-12-16 16:10:32 ----D---- C:\WINDOWS\Prefetch
2008-12-16 16:10:28 ----AD---- C:\Program Files
2008-12-16 14:47:52 ----D---- C:\WINDOWS\Temp
2008-12-16 14:08:55 ----D---- C:\WINDOWS\system32
2008-12-16 11:03:09 ----D---- C:\WINDOWS\Registration
2008-12-16 08:46:30 ----SHD---- C:\RECYCLER
2008-12-16 08:09:59 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-15 23:46:13 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-15 23:15:18 ----SHD---- C:\WINDOWS\Installer
2008-12-15 23:15:18 ----D---- C:\Config.Msi
2008-12-14 23:18:00 ----D---- C:\WINDOWS\network diagnostic
2008-12-14 22:23:29 ----A---- C:\WINDOWS\ntbtlog.txt
2008-12-14 22:22:57 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-14 22:18:52 ----D---- C:\WINDOWS
2008-12-14 08:35:35 ----D---- C:\WINDOWS\system32\drivers
2008-12-12 06:35:57 ----D---- C:\WINDOWS\system32\Macromed
2008-12-11 18:52:27 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-11 18:52:26 ----HD---- C:\WINDOWS\inf
2008-12-10 10:14:05 ----A---- C:\WINDOWS\imsins.BAK
2008-12-10 10:13:56 ----D---- C:\Program Files\Internet Explorer
2008-12-10 10:13:39 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-06 15:59:14 ----A---- C:\WINDOWS\ViewNX.INI
2008-12-04 18:26:12 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-03 10:55:16 ----D---- C:\Program Files\Java
2008-12-02 23:20:55 ----SHD---- C:\System Volume Information
2008-12-02 23:20:55 ----D---- C:\WINDOWS\system32\Restore
2008-12-02 13:26:30 ----A---- C:\WINDOWS\system32\MRT.exe
2008-12-02 12:18:19 ----D---- C:\WINDOWS\Help
2008-12-02 11:41:45 ----D---- C:\Documents and Settings\All Users\Application Data\Motive
2008-11-29 09:05:25 ----A---- C:\WINDOWS\cdplayer.ini
2008-11-27 15:57:29 ----A---- C:\WINDOWS\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-13 37760]
R1 DcCam;Kodak Camera Proxy; C:\WINDOWS\system32\DRIVERS\DcCam.sys [2004-05-20 36918]
R1 NPPTNT2;NPPTNT2; \??\C:\WINDOWS\system32\npptNT2.sys []
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2007-02-20 5632]
R2 ATITUNEP;ATI WDM TV Tuner; C:\WINDOWS\System32\DRIVERS\atintuxx.sys [2003-10-21 56832]
R2 ATIXSAudio;ATI WDM TV Audio Crossbar; C:\WINDOWS\System32\DRIVERS\atinxsxx.sys [2003-10-21 63488]
R2 CINEMSUP;Software Cinemaster NT4.0 Driver; C:\WINDOWS\SYSTEM32\DRIVERS\CINEMSUP.SYS [2001-10-01 6144]
R2 CSS DVP;Dynamic Virus Protection; C:\WINDOWS\system32\DRIVERS\css-dvp.sys [2007-11-26 835792]
R2 DCFS2K;Kodak DCFS2K Driver; C:\WINDOWS\system32\drivers\dcfs2k.sys [2004-06-02 38705]
R2 MVDCODEC;ATI WDM Specialized MVD Codec; C:\WINDOWS\System32\DRIVERS\atinmdxx.sys [2003-10-21 13824]
R2 PCDCODEC;ATI WDM Specialized PCD Codec; C:\WINDOWS\System32\DRIVERS\atinpdxx.sys [2003-10-21 14336]
R2 PfModNT;PfModNT; \??\C:\WINDOWS\system32\drivers\PfModNT.sys []
R2 RPSKT;Security Services Driver (x86); C:\WINDOWS\system32\DRIVERS\rp_skt32.sys [2008-09-27 53192]
R2 zumbus;Zune Bus Enumerator Driver; C:\WINDOWS\system32\DRIVERS\zumbus.sys [2008-09-12 40832]
R3 ALCXWDM;Service for Avance AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2002-09-16 941516]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2004-08-03 701440]
R3 atinrvxx;ATI WDM Rage Theater Video; C:\WINDOWS\System32\DRIVERS\atinrvxx.sys [2003-10-21 104960]
R3 ativraxx;ATI WDM Rage Theater Audio; C:\WINDOWS\System32\DRIVERS\atinraxx.sys [2003-10-21 51712]
R3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys [2004-10-15 15295]
R3 BrSerIf;Brother MFC Serial Port Interface WDM Driver; C:\WINDOWS\System32\Drivers\BrSerIf.sys [2006-01-18 53248]
R3 BrUsbSer;Brother MFC USB Serial WDM Driver; C:\WINDOWS\System32\Drivers\BrUsbSer.sys [2006-01-19 11904]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2002-08-29 5888]
R3 RPPKT;Radialpoint Filter (x86); C:\WINDOWS\system32\DRIVERS\rp_pkt32.sys [2007-04-19 48384]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\System32\DRIVERS\Rtlnicxp.sys [2004-07-16 70400]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\WmBEnum.sys [2004-04-14 10144]
R3 WmXlCore;Logitech WingMan Translation Layer Driver; C:\WINDOWS\system32\drivers\WmXlCore.sys [2004-04-14 44064]
S1 Exportit;Exportit; C:\WINDOWS\system32\DRIVERS\exportit.sys [2004-06-02 151985]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S3 catchme;catchme; \??\C:\DOCUME~1\Tim\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2005-05-12 1332544]
S3 DcFpoint;DcFpoint; C:\WINDOWS\system32\DRIVERS\DcFpoint.sys [2004-05-20 61564]
S3 DcLps;Legacy Polling Service; C:\WINDOWS\system32\DRIVERS\DcLps.sys [2004-05-20 8022]
S3 DcPTP;dcptp; C:\WINDOWS\system32\DRIVERS\DcPTP.sys [2004-05-20 68950]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 RTL8023;Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver; C:\WINDOWS\System32\DRIVERS\Rtlnic51.sys [2003-08-13 65280]
S3 rtl8139;Realtek RTL8139/810X Family PCI Fast Ethernet NIC NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\System32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\System32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WinUSB;WinUSB; C:\WINDOWS\system32\DRIVERS\WinUSB.sys [2006-11-02 39368]
S3 WmAdiHid;Logitech WingMan Digital Devices Driver; C:\WINDOWS\system32\drivers\WmAdiHid.sys [2004-04-14 20608]
S3 WmFilter;Logitech WingMan HID Filter Driver; C:\WINDOWS\system32\drivers\WmFilter.sys [2004-04-14 21280]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS\system32\drivers\WmVirHid.sys [2004-04-14 5600]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-09-10 611664]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-09-06 110592]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.EXE [1999-12-12 44032]
R2 dvpapi;DvpApi; C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe [2007-11-27 177448]
R2 ITMRTSVC;CA Pest Patrol Realtime Protection Service; C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe [2006-12-19 280080]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-03 152984]
R2 KodakCCS;Kodak Camera Connection Software; C:\WINDOWS\system32\drivers\KodakCCS.exe [2004-05-24 322104]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2008-02-29 309088]
R2 PDAgent;PDAgent; C:\Program Files\Raxco\PerfectDisk\PDAgent.exe [2008-04-28 414984]
R2 RP_FWS;TELUS eProtect Firewall; C:\Program Files\TELUS\TELUS eProtect\Fws.exe [2007-09-13 293104]
R2 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R2 wwEngineSvc;Window Washer Engine; C:\Program Files\Webroot\Washer\WasherSvc.exe [2007-10-03 598856]
R2 ZuneBusEnum;Zune Bus Enumerator; c:\WINDOWS\system32\ZuneBusEnum.exe [2008-09-12 61856]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2007-12-11 504104]
R3 PDEngine;PDEngine; C:\Program Files\Raxco\PerfectDisk\PDEngine.exe [2008-04-28 738568]
R3 RPSUpdaterR;TELUS eProtect Update Service; C:\Program Files\TELUS\TELUS eProtect\rpsupdaterR.exe [2008-09-27 99056]
S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2003-06-02 282624]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2002-11-07 110677]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-27 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Radialpoint Security Services;TELUS eProtect; C:\WINDOWS\system32\dllhost.exe [2008-04-13 5120]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 ZuneNetworkSvc;Zune Network Sharing Service; c:\Program Files\Zune\ZuneNss.exe [2008-09-12 5119392]
S3 ZuneWlanCfgSvc;Zune Wireless Configuration Service; c:\WINDOWS\system32\ZuneWlanCfgSvc.exe [2008-09-12 245664]

-----------------EOF-----------------
info.txt logfile of random's system information tool 1.04 2008-12-16 16:11:37

======Uninstall list======

-->"C:\Program Files\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_CDBURNER_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_MTP_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x0009
-->C:\PROGRA~1\TELUSE~1\Uninstall.exe TELUS
-->C:\Program Files\Common Files\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\uninst.exe -fC:\Maxis\SimAnt\DeIsL1.isu
-->C:\WINDOWS\uninst.exe -fC:\Maxis\SimPark\DeIsL7.isu
-->C:\WINDOWS\uninst.exe -fC:\Maxis\SimTunes\DeIsL6.isu
-->MsiExec.exe /I{8A42F680-2DD6-11D4-9A8C-0040F6982C20}
-->MsiExec.exe /I{A2529672-574A-4A99-86A5-C1770A0E31FE}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1888DAFD-C634-4BC4-865C-3455E24F6177}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1888DAFD-C634-4BC4-865C-3455E24F6177}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5AAFE9B0-B60B-4B12-B22D-6B15507502E5}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDC05F7-83E4-4611-AD3C-A6EB2100332A}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDC05F7-83E4-4611-AD3C-A6EB2100332A}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDDF96A-BC34-4D72-9ABA-E1FFF0C39977}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67AEFC4C-69E4-11D7-85F4-00E018013273}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67AEFC4C-69E4-11D7-85F4-00E018013273}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A900EAB-DA37-4554-AF19-9C337476D05D}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A900EAB-DA37-4554-AF19-9C337476D05D}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{869D88A5-BD6C-4E39-8536-D95259EAD7E8}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{869D88A5-BD6C-4E39-8536-D95259EAD7E8}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{881A74B3-3D17-4842-B9AF-0761C6E6C4B5}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{881A74B3-3D17-4842-B9AF-0761C6E6C4B5}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5BAAFAE-3561-463D-8E3F-91761A57ADB8}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5BAAFAE-3561-463D-8E3F-91761A57ADB8}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6866B7D-ACFD-4C49-B77B-3B2F8CF54B96}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6866B7D-ACFD-4C49-B77B-3B2F8CF54B96}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5EEE551B-7692-4D68-91BF-DAD745243AFB}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98181885-5B28-4280-9B56-452FF877D5B9}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98181885-5B28-4280-9B56-452FF877D5B9}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A9BB081B-C020-4D02-A763-D32204D2563D}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A9BB081B-C020-4D02-A763-D32204D2563D}\setup.exe" -l0x9 /remove
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
3D Matrix Communication © 2004-->"C:\Program Files\MaxySoft\3DMatrixCommunication\unins000.exe"
Absolute Fretboard Trainer PRO-->C:\WINDOWS\GPInstall.exe "/UNINST=C:\My Downloads\UnInst.log" "/APPNAME=Absolute Fretboard Trainer PRO"
ACDSee for PENTAX-->MsiExec.exe /I{EED5156C-4BA8-4105-A506-DB9D00F8B68D}
Acoustica MP3 Audio Mixer-->C:\PROGRA~1\ACOUST~1\UNWISE.EXE C:\PROGRA~1\ACOUST~1\INSTALL.LOG
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Acrobat 4.0, 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Age of Empires III - The Asian Dynasties-->C:\Program Files\InstallShield Installation Information\{C43C1415-3DFC-4089-9A32-0BECF28A6046}\setup.exe -runfromtemp -l0x0409
Age of Empires III-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}
American Greetings® Art & More Store-->C:\WINDOWS\IsUninst.exe -f"c:\program files\mindscape\printmaster\Uninst.isu"
America's Army-->MsiExec.exe /I{6C5930D1-E4BC-4A10-AB5A-224C48CBA7E6}
Apple Mobile Device Support-->MsiExec.exe /I{B5C209B1-8DDB-4642-A573-375B951514CB}
Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
ATI Control Panel-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI Multimedia Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{76275358-C154-11D5-8D5A-00105A22D3D2}\setup.exe"
AudibleManager-->C:\Program Files\Audible\Bin\Upgrade.exe /Uninstall
Authentium AntiVirus SDK - 2-->MsiExec.exe /I{C70EF769-8296-4ED0-966F-D624BC6D4927}
Broderbund Media Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{26346FB6-4F69-453D-95CE-B6BA3A5382F8}\setup.exe" -l0x9 AddRem
Brother MFL-Pro Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A912C12-A7DA-44D7-BD57-5CA85E2F33E1}\Setup.exe" -l0x9 Brunin03.dll -removeonly
CardRd81-->MsiExec.exe /I{54C8FE84-89C4-40E8-976C-439EB0729BD6}
CCHelp-->MsiExec.exe /I{9D1CF8B6-17B3-4832-B062-2C2DD0B57B04}
CCScore-->MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
C-Media WDM Audio Driver-->C:\WINDOWS\system32\cmirmdrv.exe
Command & Conquer Generals-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{06F80017-8F98-4C94-B868-52358569FC32}
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
CR2-->MsiExec.exe /I{432C3720-37BF-4BD7-8E49-F38E090246D0}
Creating Keepsakes Scrapbook Designer-->MsiExec.exe /I{7E370E0D-004C-4DC8-9986-A43F8C79404E}
Creative Audio Pack-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5EEE551B-7692-4D68-91BF-DAD745243AFB}\setup.exe" -l0x9 /remove
Creative MediaSource 5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\SETUP.EXE" -l0x9 /remove
Creative MediaSource-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56F3E1FF-54FE-4384-A153-6CCABA097814}\SETUP.EXE" -l0x9 /remove
Creative Removable Disk Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x9 /remove
Creative System Information-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9 /remove
EA.com Matchup-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2F173C40-563E-11D4-89C5-0010ADDAAC33}\setup.exe" -l0x0 Uninstall
EA.com Update-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9AB97F52-512B-43EF-AAEC-4825C17B32ED}\setup.exe" -l0x0 Uninstall
Enable S3 for USB Device-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Gigabyte\Enable S3 for USB Device\Uninst.isu"
EPSON Printer Software-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /r
ESSAdpt-->MsiExec.exe /I{D15E9DB5-6BEB-4534-901E-80C0A29BAB97}
ESSANUP-->MsiExec.exe /I{A6F18A67-B771-4191-8A33-36D2E742D6D9}
ESSBrwr-->MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}
ESSCAM-->MsiExec.exe /I{469730CC-78DF-4CD3-B286-562D459EA619}
ESSCDBK-->MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore-->MsiExec.exe /I{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}
ESSCT-->MsiExec.exe /I{8BB4B58A-A402-4DE8-8FCD-287E60B88DD8}
ESSEMAIL-->MsiExec.exe /I{FEDE2483-87B7-44C1-A5BB-D75AEB8B6340}
ESSgui-->MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESShelp-->MsiExec.exe /I{87843A41-7808-4F2E-B13F-25C1E67CF2FD}
ESSini-->MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD-->MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSPDock-->MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}
ESSSONIC-->MsiExec.exe /I{4F677FC7-7AA8-412B-A957-F13CBE1C7331}
ESSTUTOR-->MsiExec.exe /I{CA60320D-6A16-49C8-A34F-84EEF4799567}
ESSvpaht-->MsiExec.exe /I{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69}
ESSvpot-->MsiExec.exe /I{48C82F7A-F100-4DAB-A310-8E18BF2159E1}
Garden Composer-->C:\WINDOWS\uninst.exe -f"C:\Program Files\Garden Composer\DeIsL1.isu"
Google Earth-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x9 -removeonly
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar4.dll"
GUIDE PLUS+™ for Windows® System - ATI-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{99D34763-7E45-4FE5-8424-28DBC3A5F0BF}\setup.exe"
HighMAT Extension to Microsoft Windows XP CD Writing Wizard-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
HLPCCTR-->MsiExec.exe /I{F2D0C1B1-80FF-46F9-BA61-33B01A07FAFC}
HLPIndex-->MsiExec.exe /I{38441BE7-79B0-42B8-8297-833704F949FE}
HLPPDOCK-->MsiExec.exe /I{154508C0-07C5-4659-A7A0-E49968750D21}
HLPSFO-->MsiExec.exe /I{8DD94CA3-BCD2-49C0-B537-F3B5D95FF0C8}
Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB932716-v2)-->"C:\WINDOWS\$NtUninstallKB932716-v2$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
HydraVision-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}\setup.exe"
Interactive Reading Journey for Grades 1-2-->C:\WINDOWS\uninst.exe -fC:\Tlcwin\Rj1-2\uninstal\DeIsL1.isu
InterActual Player-->C:\Program Files\InterActual\InterActual Player\inuninst.exe
iTunes-->MsiExec.exe /I{18388EF8-E0A3-442B-8BFE-E2F1B3D05C91}
J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
Java™ 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Kodak EasyShare software-->C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_9_25ba061\Setup.exe /APR-REMOVE
KSU-->MsiExec.exe /I{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}
Logitech Gaming Software-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B9242864-2841-4ADE-86E0-8F90F91B04DD}\setup.exe" -l0x9
LogoEase-->MsiExec.exe /I{10E1FC7C-AB9E-4851-AEC7-8A189A1E7281}
Magic Mirror 3.0-->"C:\Program Files\Zeallsoft\Magic Mirror\unins000.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework (English) v1.0.3705-->C:\WINDOWS\Microsoft.NET\Framework\Install.exe /u /p Microsoft .NET Framework Full v1.0.3705 (1033)
Microsoft .NET Framework (English)-->MsiExec.exe /X{B43357AA-3A6D-4D94-B56E-43C44D09E548}
Microsoft .NET Framework 1.0 Hotfix (KB928367)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Updates\M928367\M928367Uninstall.msp"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Data Access Components KB870669-->C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office XP Professional with FrontPage-->MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Speech API 3.0-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\spchapi.inf, Uninstall
Microsoft User-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWudf01007$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Web Publishing Wizard 1.52-->RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie4x86.inf,WebPostUninstall
Microsoft Windows Journal Viewer-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7}
Microsoft WinUsb 1.0-->"C:\WINDOWS\$NtUninstallwinusb0100$\spuninst\spuninst.exe"
Microsoft Zoo Tycoon-->"C:\Program Files\Microsoft Games\Zoo Tycoon\UNINSTAL.EXE" /runtemp /addremove
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
MuVo Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5AAFE9B0-B60B-4B12-B22D-6B15507502E5}\setup.exe" -l0x9 /remove
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Nikon Message Center-->MsiExec.exe /X{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}
Nikon Transfer-->MsiExec.exe /X{E9757890-7EC5-46C8-99AB-B00F07B6525C}
Notifier-->MsiExec.exe /I{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}
OfotoXMI-->MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}
OTtBP-->MsiExec.exe /I{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}
OTtBPSDK-->MsiExec.exe /I{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353}
PaperPort-->MsiExec.exe /I{71C97545-E547-4A8B-B0C8-61FF853270AC}
PCDLNCH-->MsiExec.exe /I{69BD6399-3D8F-45B7-81D9-819361F5101D}
PerfectDisk-->MsiExec.exe /I{212F5777-1190-4DEF-8E4D-6B2F313B45E7}
Personalized Learning Center-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\The Learning Company\Personalized Learning Center\Uninst.isu"
Picture Control Utility-->MsiExec.exe /X{87441A59-5E64-4096-A170-14EFE67200C3}
PPSDKRedistributables-->MsiExec.exe /I{C869F4FF-E5FF-4FBB-9A31-33C23605E170}
PrintMaster 7.00-->c:\PROGRA~1\MINDSC~1\PRINTM~1\uninst32.exe /IFirst
Qloud Plug-in for iTunes-->C:\Program Files\iTunes\Plug-Ins\Qloud\iTunesQLoudSetup.exe /uninstall
QuickTax 2007-->MsiExec.exe /X{22EC35BD-F8F2-45EB-8DCB-1C7FB65D0A71}
Radialpoint Security Services-->MsiExec.exe /X{5DFDEAAA-E050-482E-A5B6-138CAE53F7BF}
Reader Rabbit's Interactive Reading Journey for Grades K-1-->C:\WINDOWS\uninst.exe -fC:\Tlcwin\RJK-1\uninstal\DeIsL1.isu
RealOne Player-->C:\Program Files\Common Files\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0
RegCure 1.5.0.0-->C:\Program Files\RegCure\uninst.exe
Rise Of Legends-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{CADDE354-C78C-46CB-A006-E2B178EFC271}
RPS Ad Blocker-->MsiExec.exe /I{BAC15E33-870A-4D27-B247-999F6A735B45}
RPS AntiFraud-->MsiExec.exe /I{A642450B-A20E-420D-83F5-DF5C418C50D1}
RPS AntiSpyware-->MsiExec.exe /I{743F47C1-1194-4C70-8565-2E7A21379F4A}
RPS AntiVirus-->MsiExec.exe /I{C66F62AD-551B-428F-9183-F5802333367F}
RPS App Detector-->MsiExec.exe /I{DC626552-2C9D-4C5E-8367-22FB0C1758B0}
RPS AsRealtime-->MsiExec.exe /I{4023AAE4-E434-4028-85C5-8FF4159F7AF6}
RPS Backup-->MsiExec.exe /I{0EFED4A3-64ED-470B-A860-BFA5B470845E}
RPS Burn-->MsiExec.exe /I{E2DAC54C-1560-4F00-B7CD-E9BD89ACFAFD}
RPS Diagnostic Utility-->MsiExec.exe /I{D2E3D944-B08E-4446-B0C2-A0E66CB8A7C0}
RPS Firewall-->MsiExec.exe /I{336844B0-0CB8-4C73-80E6-383FB169BC0E}
RPS ParentalControl-->MsiExec.exe /I{AA47BB0B-933B-49DF-BE3A-17BFA60B7623}
RPS Performance Tool-->MsiExec.exe /I{760E1F3F-F2F6-47C7-B4F0-560B8ACA8999}
RPS PopupBlocker-->MsiExec.exe /I{BD6CB9F6-3AF3-49F0-BBD1-9D13495655F6}
RPS Privacy Manager-->MsiExec.exe /I{3BC4489D-686F-4D34-AD7D-DAB727CC2D85}
RPS RpsCore-->MsiExec.exe /I{5462A3AE-5D32-4613-876E-D0CD1756B6E5}
RPS Security Cleanup-->MsiExec.exe /I{78B7F1F6-9D66-4509-B216-96F4ACBBAC15}
RPS Zip-->MsiExec.exe /I{A62AE053-EB18-4EEF-9EFD-FFE5A4244ADB}
RTLSetup-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{97AA0C55-AFAD-4126-B21C-F1318FB6DADA}\setup.exe" -l0x9 REMOVE
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Serif DrawPlus 3.0-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Serif\dp30\DrawPlus_uninst.isu"
SFR-->MsiExec.exe /I{C354C9B6-A4E0-4BB0-A368-6DC6BCA0E314}
SFR2-->MsiExec.exe /I{A0AF08BA-3630-4505-BFB2-A41F3837B0D0}
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Smart Menus (Windows Live Toolbar)-->MsiExec.exe /X{F084395C-40FB-4DB3-981C-B51E74E1E83D}
Solid State ION Internet Explorer Plugin-->C:\WINDOWS\system32\SolidStateNetworks\SolidStateION\soliduninstall.exe /Uninstall activex
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe"
Stardock Central-->C:\PROGRA~1\Stardock\SDCENT~1\UNWISE.EXE C:\PROGRA~1\Stardock\SDCENT~1\INSTALL.LOG
Stock Study Guide-->C:\WINDOWS\uninst.exe -f"C:\Program Files\CSA Computing\Stock Study Guide\DeIsL1.isu" -c"C:\Program Files\CSA Computing\Stock Study Guide\_ISREG32.DLL"
TELUS eCare-->C:\WINDOWS\Motive\TELUS\MCCUninst.exe
TELUS eProtect Advisor 1.5.12-->"C:\Program Files\TELUS\eProtect Advisor\unins000.exe"
TELUS eProtect-->C:\Program Files\InstallShield Installation Information\{045FE8EA-F79B-4629-B680-D8E52EFCD189}\setup.exe -runfromtemp -l0x0009 -removeonly
The 2000 Canadian Encyclopedia-National Edition-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\TCE-LEC 2000 National\Uninst.isu"
The Print Shop-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB26EA24-AE01-4C86-BEBC-424D5B81E66E}\setup.exe" -l0x9 anything
The SmithMan Calculator-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\SmithMan\ST6UNST.LOG"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
VCAMCEN-->MsiExec.exe /I{10E98E14-832C-4AF7-A4D1-6A9EF83B282E}
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
VeohTV BETA-->C:\Program Files\InstallShield Installation Information\{0405E51E-9582-4207-8F38-AC44201D3808}\setup.exe -runfromtemp -l0x0409
ViewNX-->MsiExec.exe /X{F007CBCE-D714-4C0B-8CE9-9B0D78116468}
VPRINTOL-->MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}
Widget Workshop-->C:\WINDOWS\uninst.exe -f"C:\Program Files\Maxis\Widget Workshop\DeIsL1.isu"
Window Washer-->C:\WINDOWS\Unwash6.exe
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Live Messenger-->MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Live Sign-in Assistant-->MsiExec.exe /I{22B3CC30-77B8-419C-AA4B-F571FDF5D66D}
Windows Live Toolbar Extension (Windows Live Toolbar)-->MsiExec.exe /X{341201D4-4F61-4ADB-987E-9CCE4D83A58D}
Windows Live Toolbar-->"C:\Program Files\Windows Live Toolbar\UnInstall.exe" {D5A145FC-D00C-4F1A-9119-EB4D9D659750}
Windows Live Toolbar-->MsiExec.exe /X{D5A145FC-D00C-4F1A-9119-EB4D9D659750}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 10 Hotfix - KB895316-->"C:\WINDOWS\$NtUninstallKB895316$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Wyvern Client-->C:\PROGRA~1\JavaSoft\JRE1.4\14268D~1.2\bin\javaw.exe -cp C:\PROGRA~1\JavaSoft\JRE1.4\14268D~1.2\JEXPRE~1.JAR com.denova.JExpress.Uninstaller.JUninstall C:\wyvern\client\JExpress\UNINST~1
Xfire (remove only)-->"C:\Program Files\Xfire\uninst.exe"
Zune Language Pack (ES)-->MsiExec.exe /X{EE4ACABF-531E-419A-9225-B8E0FA4955AF}
Zune Language Pack (FR)-->MsiExec.exe /X{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3}
Zune-->c:\Program Files\Zune\ZuneSetup.exe /x
Zune-->MsiExec.exe /X{FF70513F-E3A7-402F-84FB-B7810A064BE2}

======Hosts File======

127.0.0.1 localhost

======Security center information======

AV: TELUS eProtect Anti-Virus (disabled)
FW: TELUS eProtect Firewall

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\iTunes\Plug-Ins\Qloud\;C:\Program Files\CA\PPRT\bin
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 6 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=0602
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;C:\Program Files\Java\jre1.5.0_10\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.5.0_10\lib\ext\QTJava.zip

-----------------EOF-----------------
info.txt logfile of random's system information tool 1.04 2008-12-16 16:11:37

======Uninstall list======

-->"C:\Program Files\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_CDBURNER_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_MTP_U\Setup.exe" /remove /l0x0009
-->"C:\Program Files\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x0009
-->C:\PROGRA~1\TELUSE~1\Uninstall.exe TELUS
-->C:\Program Files\Common Files\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0
-->C:\WINDOWS\uninst.exe -fC:\Maxis\SimAnt\DeIsL1.isu
-->C:\WINDOWS\uninst.exe -fC:\Maxis\SimPark\DeIsL7.isu
-->C:\WINDOWS\uninst.exe -fC:\Maxis\SimTunes\DeIsL6.isu
-->MsiExec.exe /I{8A42F680-2DD6-11D4-9A8C-0040F6982C20}
-->MsiExec.exe /I{A2529672-574A-4A99-86A5-C1770A0E31FE}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1888DAFD-C634-4BC4-865C-3455E24F6177}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1888DAFD-C634-4BC4-865C-3455E24F6177}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5AAFE9B0-B60B-4B12-B22D-6B15507502E5}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDC05F7-83E4-4611-AD3C-A6EB2100332A}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDC05F7-83E4-4611-AD3C-A6EB2100332A}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDDF96A-BC34-4D72-9ABA-E1FFF0C39977}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67AEFC4C-69E4-11D7-85F4-00E018013273}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67AEFC4C-69E4-11D7-85F4-00E018013273}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A900EAB-DA37-4554-AF19-9C337476D05D}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A900EAB-DA37-4554-AF19-9C337476D05D}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{869D88A5-BD6C-4E39-8536-D95259EAD7E8}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{869D88A5-BD6C-4E39-8536-D95259EAD7E8}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{881A74B3-3D17-4842-B9AF-0761C6E6C4B5}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{881A74B3-3D17-4842-B9AF-0761C6E6C4B5}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5BAAFAE-3561-463D-8E3F-91761A57ADB8}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5BAAFAE-3561-463D-8E3F-91761A57ADB8}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6866B7D-ACFD-4C49-B77B-3B2F8CF54B96}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6866B7D-ACFD-4C49-B77B-3B2F8CF54B96}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5EEE551B-7692-4D68-91BF-DAD745243AFB}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98181885-5B28-4280-9B56-452FF877D5B9}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98181885-5B28-4280-9B56-452FF877D5B9}\setup.exe" -l0x9 /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A9BB081B-C020-4D02-A763-D32204D2563D}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A9BB081B-C020-4D02-A763-D32204D2563D}\setup.exe" -l0x9 /remove
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
3D Matrix Communication © 2004-->"C:\Program Files\MaxySoft\3DMatrixCommunication\unins000.exe"
Absolute Fretboard Trainer PRO-->C:\WINDOWS\GPInstall.exe "/UNINST=C:\My Downloads\UnInst.log" "/APPNAME=Absolute Fretboard Trainer PRO"
ACDSee for PENTAX-->MsiExec.exe /I{EED5156C-4BA8-4105-A506-DB9D00F8B68D}
Acoustica MP3 Audio Mixer-->C:\PROGRA~1\ACOUST~1\UNWISE.EXE C:\PROGRA~1\ACOUST~1\INSTALL.LOG
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Acrobat 4.0, 5.0-->C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Shockwave Player 11-->C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Age of Empires III - The Asian Dynasties-->C:\Program Files\InstallShield Installation Information\{C43C1415-3DFC-4089-9A32-0BECF28A6046}\setup.exe -runfromtemp -l0x0409
Age of Empires III-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}
American Greetings® Art & More Store-->C:\WINDOWS\IsUninst.exe -f"c:\program files\mindscape\printmaster\Uninst.isu"
America's Army-->MsiExec.exe /I{6C5930D1-E4BC-4A10-AB5A-224C48CBA7E6}
Apple Mobile Device Support-->MsiExec.exe /I{B5C209B1-8DDB-4642-A573-375B951514CB}
Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
ATI Control Panel-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\System32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
ATI Multimedia Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{76275358-C154-11D5-8D5A-00105A22D3D2}\setup.exe"
AudibleManager-->C:\Program Files\Audible\Bin\Upgrade.exe /Uninstall
Authentium AntiVirus SDK - 2-->MsiExec.exe /I{C70EF769-8296-4ED0-966F-D624BC6D4927}
Broderbund Media Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{26346FB6-4F69-453D-95CE-B6BA3A5382F8}\setup.exe" -l0x9 AddRem
Brother MFL-Pro Suite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A912C12-A7DA-44D7-BD57-5CA85E2F33E1}\Setup.exe" -l0x9 Brunin03.dll -removeonly
CardRd81-->MsiExec.exe /I{54C8FE84-89C4-40E8-976C-439EB0729BD6}
CCHelp-->MsiExec.exe /I{9D1CF8B6-17B3-4832-B062-2C2DD0B57B04}
CCScore-->MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
C-Media WDM Audio Driver-->C:\WINDOWS\system32\cmirmdrv.exe
Command & Conquer Generals-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{06F80017-8F98-4C94-B868-52358569FC32}
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
CR2-->MsiExec.exe /I{432C3720-37BF-4BD7-8E49-F38E090246D0}
Creating Keepsakes Scrapbook Designer-->MsiExec.exe /I{7E370E0D-004C-4DC8-9986-A43F8C79404E}
Creative Audio Pack-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5EEE551B-7692-4D68-91BF-DAD745243AFB}\setup.exe" -l0x9 /remove
Creative MediaSource 5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\SETUP.EXE" -l0x9 /remove
Creative MediaSource-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56F3E1FF-54FE-4384-A153-6CCABA097814}\SETUP.EXE" -l0x9 /remove
Creative Removable Disk Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x9 /remove
Creative System Information-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9 /remove
EA.com Matchup-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2F173C40-563E-11D4-89C5-0010ADDAAC33}\setup.exe" -l0x0 Uninstall
EA.com Update-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9AB97F52-512B-43EF-AAEC-4825C17B32ED}\setup.exe" -l0x0 Uninstall
Enable S3 for USB Device-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Gigabyte\Enable S3 for USB Device\Uninst.isu"
EPSON Printer Software-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /r
ESSAdpt-->MsiExec.exe /I{D15E9DB5-6BEB-4534-901E-80C0A29BAB97}
ESSANUP-->MsiExec.exe /I{A6F18A67-B771-4191-8A33-36D2E742D6D9}
ESSBrwr-->MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}
ESSCAM-->MsiExec.exe /I{469730CC-78DF-4CD3-B286-562D459EA619}
ESSCDBK-->MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore-->MsiExec.exe /I{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}
ESSCT-->MsiExec.exe /I{8BB4B58A-A402-4DE8-8FCD-287E60B88DD8}
ESSEMAIL-->MsiExec.exe /I{FEDE2483-87B7-44C1-A5BB-D75AEB8B6340}
ESSgui-->MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESShelp-->MsiExec.exe /I{87843A41-7808-4F2E-B13F-25C1E67CF2FD}
ESSini-->MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD-->MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSPDock-->MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}
ESSSONIC-->MsiExec.exe /I{4F677FC7-7AA8-412B-A957-F13CBE1C7331}
ESSTUTOR-->MsiExec.exe /I{CA60320D-6A16-49C8-A34F-84EEF4799567}
ESSvpaht-->MsiExec.exe /I{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69}
ESSvpot-->MsiExec.exe /I{48C82F7A-F100-4DAB-A310-8E18BF2159E1}
Garden Composer-->C:\WINDOWS\uninst.exe -f"C:\Program Files\Garden Composer\DeIsL1.isu"
Google Earth-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x9 -removeonly
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar4.dll"
GUIDE PLUS+™ for Windows® System - ATI-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{99D34763-7E45-4FE5-8424-28DBC3A5F0BF}\setup.exe"
HighMAT Extension to Microsoft Windows XP CD Writing Wizard-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
HLPCCTR-->MsiExec.exe /I{F2D0C1B1-80FF-46F9-BA61-33B01A07FAFC}
HLPIndex-->MsiExec.exe /I{38441BE7-79B0-42B8-8297-833704F949FE}
HLPPDOCK-->MsiExec.exe /I{154508C0-07C5-4659-A7A0-E49968750D21}
HLPSFO-->MsiExec.exe /I{8DD94CA3-BCD2-49C0-B537-F3B5D95FF0C8}
Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB932716-v2)-->"C:\WINDOWS\$NtUninstallKB932716-v2$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
HydraVision-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}\setup.exe"
Interactive Reading Journey for Grades 1-2-->C:\WINDOWS\uninst.exe -fC:\Tlcwin\Rj1-2\uninstal\DeIsL1.isu
InterActual Player-->C:\Program Files\InterActual\InterActual Player\inuninst.exe
iTunes-->MsiExec.exe /I{18388EF8-E0A3-442B-8BFE-E2F1B3D05C91}
J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
Java™ 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Kodak EasyShare software-->C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_9_25ba061\Setup.exe /APR-REMOVE
KSU-->MsiExec.exe /I{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}
Logitech Gaming Software-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B9242864-2841-4ADE-86E0-8F90F91B04DD}\setup.exe" -l0x9
LogoEase-->MsiExec.exe /I{10E1FC7C-AB9E-4851-AEC7-8A189A1E7281}
Magic Mirror 3.0-->"C:\Program Files\Zeallsoft\Magic Mirror\unins000.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework (English) v1.0.3705-->C:\WINDOWS\Microsoft.NET\Framework\Install.exe /u /p Microsoft .NET Framework Full v1.0.3705 (1033)
Microsoft .NET Framework (English)-->MsiExec.exe /X{B43357AA-3A6D-4D94-B56E-43C44D09E548}
Microsoft .NET Framework 1.0 Hotfix (KB928367)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Updates\M928367\M928367Uninstall.msp"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Data Access Components KB870669-->C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office XP Professional with FrontPage-->MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Speech API 3.0-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\spchapi.inf, Uninstall
Microsoft User-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWudf01007$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Web Publishing Wizard 1.52-->RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie4x86.inf,WebPostUninstall
Microsoft Windows Journal Viewer-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7}
Microsoft WinUsb 1.0-->"C:\WINDOWS\$NtUninstallwinusb0100$\spuninst\spuninst.exe"
Microsoft Zoo Tycoon-->"C:\Program Files\Microsoft Games\Zoo Tycoon\UNINSTAL.EXE" /runtemp /addremove
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MSXML4 Parser-->MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
MuVo Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5AAFE9B0-B60B-4B12-B22D-6B15507502E5}\setup.exe" -l0x9 /remove
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Nikon Message Center-->MsiExec.exe /X{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}
Nikon Transfer-->MsiExec.exe /X{E9757890-7EC5-46C8-99AB-B00F07B6525C}
Notifier-->MsiExec.exe /I{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}
OfotoXMI-->MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}
OTtBP-->MsiExec.exe /I{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}
OTtBPSDK-->MsiExec.exe /I{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353}
PaperPort-->MsiExec.exe /I{71C97545-E547-4A8B-B0C8-61FF853270AC}
PCDLNCH-->MsiExec.exe /I{69BD6399-3D8F-45B7-81D9-819361F5101D}
PerfectDisk-->MsiExec.exe /I{212F5777-1190-4DEF-8E4D-6B2F313B45E7}
Personalized Learning Center-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\The Learning Company\Personalized Learning Center\Uninst.isu"
Picture Control Utility-->MsiExec.exe /X{87441A59-5E64-4096-A170-14EFE67200C3}
PPSDKRedistributables-->MsiExec.exe /I{C869F4FF-E5FF-4FBB-9A31-33C23605E170}
PrintMaster 7.00-->c:\PROGRA~1\MINDSC~1\PRINTM~1\uninst32.exe /IFirst
Qloud Plug-in for iTunes-->C:\Program Files\iTunes\Plug-Ins\Qloud\iTunesQLoudSetup.exe /uninstall
QuickTax 2007-->MsiExec.exe /X{22EC35BD-F8F2-45EB-8DCB-1C7FB65D0A71}
Radialpoint Security Services-->MsiExec.exe /X{5DFDEAAA-E050-482E-A5B6-138CAE53F7BF}
Reader Rabbit's Interactive Reading Journey for Grades K-1-->C:\WINDOWS\uninst.exe -fC:\Tlcwin\RJK-1\uninstal\DeIsL1.isu
RealOne Player-->C:\Program Files\Common Files\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0
RegCure 1.5.0.0-->C:\Program Files\RegCure\uninst.exe
Rise Of Legends-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{CADDE354-C78C-46CB-A006-E2B178EFC271}
RPS Ad Blocker-->MsiExec.exe /I{BAC15E33-870A-4D27-B247-999F6A735B45}
RPS AntiFraud-->MsiExec.exe /I{A642450B-A20E-420D-83F5-DF5C418C50D1}
RPS AntiSpyware-->MsiExec.exe /I{743F47C1-1194-4C70-8565-2E7A21379F4A}
RPS AntiVirus-->MsiExec.exe /I{C66F62AD-551B-428F-9183-F5802333367F}
RPS App Detector-->MsiExec.exe /I{DC626552-2C9D-4C5E-8367-22FB0C1758B0}
RPS AsRealtime-->MsiExec.exe /I{4023AAE4-E434-4028-85C5-8FF4159F7AF6}
RPS Backup-->MsiExec.exe /I{0EFED4A3-64ED-470B-A860-BFA5B470845E}
RPS Burn-->MsiExec.exe /I{E2DAC54C-1560-4F00-B7CD-E9BD89ACFAFD}
RPS Diagnostic Utility-->MsiExec.exe /I{D2E3D944-B08E-4446-B0C2-A0E66CB8A7C0}
RPS Firewall-->MsiExec.exe /I{336844B0-0CB8-4C73-80E6-383FB169BC0E}
RPS ParentalControl-->MsiExec.exe /I{AA47BB0B-933B-49DF-BE3A-17BFA60B7623}
RPS Performance Tool-->MsiExec.exe /I{760E1F3F-F2F6-47C7-B4F0-560B8ACA8999}
RPS PopupBlocker-->MsiExec.exe /I{BD6CB9F6-3AF3-49F0-BBD1-9D13495655F6}
RPS Privacy Manager-->MsiExec.exe /I{3BC4489D-686F-4D34-AD7D-DAB727CC2D85}
RPS RpsCore-->MsiExec.exe /I{5462A3AE-5D32-4613-876E-D0CD1756B6E5}
RPS Security Cleanup-->MsiExec.exe /I{78B7F1F6-9D66-4509-B216-96F4ACBBAC15}
RPS Zip-->MsiExec.exe /I{A62AE053-EB18-4EEF-9EFD-FFE5A4244ADB}
RTLSetup-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{97AA0C55-AFAD-4126-B21C-F1318FB6DADA}\setup.exe" -l0x9 REMOVE
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB929969)-->"C:\WINDOWS\ie7updates\KB929969\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Serif DrawPlus 3.0-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Serif\dp30\DrawPlus_uninst.isu"
SFR-->MsiExec.exe /I{C354C9B6-A4E0-4BB0-A368-6DC6BCA0E314}
SFR2-->MsiExec.exe /I{A0AF08BA-3630-4505-BFB2-A41F3837B0D0}
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Smart Menus (Windows Live Toolbar)-->MsiExec.exe /X{F084395C-40FB-4DB3-981C-B51E74E1E83D}
Solid State ION Internet Explorer Plugin-->C:\WINDOWS\system32\SolidStateNetworks\SolidStateION\soliduninstall.exe /Uninstall activex
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins001.exe"
Stardock Central-->C:\PROGRA~1\Stardock\SDCENT~1\UNWISE.EXE C:\PROGRA~1\Stardock\SDCENT~1\INSTALL.LOG
Stock Study Guide-->C:\WINDOWS\uninst.exe -f"C:\Program Files\CSA Computing\Stock Study Guide\DeIsL1.isu" -c"C:\Program Files\CSA Computing\Stock Study Guide\_ISREG32.DLL"
TELUS eCare-->C:\WINDOWS\Motive\TELUS\MCCUninst.exe
TELUS eProtect Advisor 1.5.12-->"C:\Program Files\TELUS\eProtect Advisor\unins000.exe"
TELUS eProtect-->C:\Program Files\InstallShield Installation Information\{045FE8EA-F79B-4629-B680-D8E52EFCD189}\setup.exe -runfromtemp -l0x0009 -removeonly
The 2000 Canadian Encyclopedia-National Edition-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\TCE-LEC 2000 National\Uninst.isu"
The Print Shop-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB26EA24-AE01-4C86-BEBC-424D5B81E66E}\setup.exe" -l0x9 anything
The SmithMan Calculator-->C:\WINDOWS\st6unst.exe -n "C:\Program Files\SmithMan\ST6UNST.LOG"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
VCAMCEN-->MsiExec.exe /I{10E98E14-832C-4AF7-A4D1-6A9EF83B282E}
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
VeohTV BETA-->C:\Program Files\InstallShield Installation Information\{0405E51E-9582-4207-8F38-AC44201D3808}\setup.exe -runfromtemp -l0x0409
ViewNX-->MsiExec.exe /X{F007CBCE-D714-4C0B-8CE9-9B0D78116468}
VPRINTOL-->MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}
Widget Workshop-->C:\WINDOWS\uninst.exe -f"C:\Program Files\Maxis\Widget Workshop\DeIsL1.isu"
Window Washer-->C:\WINDOWS\Unwash6.exe
Windows Genuine Advantage v1.3.0254.0-->MsiExec.exe /I{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}
Windows Live Messenger-->MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Windows Live Sign-in Assistant-->MsiExec.exe /I{22B3CC30-77B8-419C-AA4B-F571FDF5D66D}
Windows Live Toolbar Extension (Windows Live Toolbar)-->MsiExec.exe /X{341201D4-4F61-4ADB-987E-9CCE4D83A58D}
Windows Live Toolbar-->"C:\Program Files\Windows Live Toolbar\UnInstall.exe" {D5A145FC-D00C-4F1A-9119-EB4D9D659750}
Windows Live Toolbar-->MsiExec.exe /X{D5A145FC-D00C-4F1A-9119-EB4D9D659750}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 10 Hotfix - KB895316-->"C:\WINDOWS\$NtUninstallKB895316$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Wyvern Client-->C:\PROGRA~1\JavaSoft\JRE1.4\14268D~1.2\bin\javaw.exe -cp C:\PROGRA~1\JavaSoft\JRE1.4\14268D~1.2\JEXPRE~1.JAR com.denova.JExpress.Uninstaller.JUninstall C:\wyvern\client\JExpress\UNINST~1
Xfire (remove only)-->"C:\Program Files\Xfire\uninst.exe"
Zune Language Pack (ES)-->MsiExec.exe /X{EE4ACABF-531E-419A-9225-B8E0FA4955AF}
Zune Language Pack (FR)-->MsiExec.exe /X{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3}
Zune-->c:\Program Files\Zune\ZuneSetup.exe /x
Zune-->MsiExec.exe /X{FF70513F-E3A7-402F-84FB-B7810A064BE2}

======Hosts File======

127.0.0.1 localhost

======Security center information======

AV: TELUS eProtect Anti-Virus (disabled)
FW: TELUS eProtect Firewall

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\iTunes\Plug-Ins\Qloud\;C:\Program Files\CA\PPRT\bin
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 6 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=0602
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;C:\Program Files\Java\jre1.5.0_10\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.5.0_10\lib\ext\QTJava.zip

-----------------EOF-----------------


I hope this helps

I'm not sure how to give you the link to my other tries but it is under "Trojan and who know what?"

Help please!!!

Tim

Edited by Orange Blossom, 17 December 2008 - 12:40 AM.


BC AdBot (Login to Remove)

 


#2 tenno

tenno
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:07:02 AM

Posted 22 December 2008 - 11:52 AM

Haven't had a reply in five days?

#3 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:02 AM

Posted 25 December 2008 - 06:15 PM

Hi

My name is Extremeboy (or EB for short), and I will be helping you with your log.

I apologize for the delay in response. We get overwhelmed with logs at times, but we are trying our best to keep up. If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following so I can have a look at the current condition of your machine.

If you do not make a reply in 5 days, we will need to close your topic.

You may want to keep the link to this topic in your favourites. Alternatively, you can click the Posted Image button at the top bar of this topic and Track this Topic. The topics you are tracking can be found here.

Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. Doing so could cause changes to the directions I have to give you and prolong the time required. Further more, you should not be taking any advice relating to this computer from any other source throughout the course of this fix.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". We do not want to clean you part-way, only to have the system re-infect itself.
  • Please reply using the Posted Image button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Old topics are closed after 3 days with no reply, and working topics are closed after 5 days. If for any reason you cannot complete instructions within that time, that's fine, just post back here so that we know you're still here.
Download and Run OTViewit
  • Please download OTViewIt by OldTimer.
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
  • OTViewIt.txt <-- Will be opened
  • Extra.txt <-- Will be minimized
Run Kaspersky Online Scanner
Please do a scan with Kaspersky Online Scanner.

This scan is for Internet Explorer only.

If you are using Windows Vista, open your browser by right-clicking on its icon and select Run as administrator to perform this scan.
  • Open the Kaspersky Scanner page.
  • Click on Accept and install any components it needs.
  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.
You can refer to this animation by sundavis.

Download and Run Scan with GMER

We will use GMER to scan for rootkits.
  • Download gmer.zip and save to your desktop.
    Alternate Download Site 1
    Alternate Download Site 2
  • Unzip/extract the file to its own folder. (Click here for information on how to do this if not sure. Win 2000 users click here.
  • When you have done this, disconnect from the Internet and close all running programs.
    There is a small chance this application may crash your computer so save any work you have open.
  • Double-click on Gmer.exe to start the program.
  • Allow the gmer.sys driver to load if asked.
  • If it gives you a warning at program start about rootkit activity and asks if you want to run a scan...click NO.
  • Click the >>>
  • Click on Settings, then check the first five settings:
    • System Protection and Tracing
    • Processes
    • Save created processes to the log
    • Drivers
    • Save loaded drivers to the log
  • You will be prompted to restart your computer. Please do so.
After the reboot, run Gmer again and click on the Rootkit tab.
  • Look at the right hand side (under Files) and uncheck all drives with the exception of your C drive.
  • Make sure all other boxes on the right of the screen are checked, EXCEPT for Show All.
  • Click on the Scan and wait for the scan to finish.
    Note: Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan. You will know that the scan is done when the Stop buttons turns back to Scan.
  • When completed, click on the Copy button and right-click on your Desktop, choose New>Text document. Once the file is created, open it and right-click again and choose Paste. Save the file as gmer.txt and copy the information in your next reply.
Important!:Please do not select the Show all checkbox during the scan..

In your next reply please include the following:
  • OTViewIt.txt
  • Extra.txt
  • Kaspersky's Log
  • GMER log

Important Note: For other users who are reading this topic,the instructions provided in this topic are for the original topic starter ONLY. Even if you have similar problems or even log entries to those given here, please do not follow the directions, especially those involving specific tools and scripts. Doing so can result in serious damage to your computer. Instead, please start your own topic and feel free to link to any relevant topics as needed.Please Do NOT follow the instructions provided for this topic.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#4 tenno

tenno
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:07:02 AM

Posted 30 December 2008 - 05:25 PM

Hi EB

Just got back from a short trip and opened my computer and found your log. I am having trouble getting online with my desktop but will post as soon as i can with results.

tenno

#5 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:02 AM

Posted 31 December 2008 - 05:14 PM

Hello.

Thanks for letting me know.

Do you have another Computer, encase your infected computer's connection doesn't work we can at least transfer some of the files we need to run/use to your infected machine using a CD Burner?

Post back with at least the:
-GMER log
-OTViewIT log


If Kaspersky doesn't work then just skip it and tell me.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#6 tenno

tenno
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:07:02 AM

Posted 05 January 2009 - 05:49 PM

I tried to post last night but I see it didn't go through, I'll try again.

tenno

#7 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:02 AM

Posted 05 January 2009 - 05:59 PM

Hello.

Thanks for letting me know. Post back when you are ready. Please understand that I will be away some-time this week so there may be some delays in my response. Sorry. :thumbsup:

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#8 tenno

tenno
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:07:02 AM

Posted 05 January 2009 - 06:02 PM

I hope this works

OTViewIt logfile created on: 02/01/2009 4:07:32 PM - Run 2
OTViewIt by OldTimer - Version 1.0.20.1 Folder = C:\Documents and Settings\Tim\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

1023.48 Mb Total Physical Memory | 463.57 Mb Available Physical Memory | 45.29% Memory free
1.66 Gb Paging File | 1.17 Gb Available in Paging File | 70.81% Paging File free
Paging file location(s): C:\pagefile.sys 766 768;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.56 Gb Total Space | 18.51 Gb Free Space | 24.83% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 74.52 Gb Total Space | 52.19 Gb Free Space | 70.04% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-5JZ7DQJ4J5
Current User Name: Tim
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: Off
File Age = 30 Days

========== Processes ==========

[2007/09/13 15:21:50 | 00,293,104 | ---- | M] (TELUS) -- C:\Program Files\TELUS\TELUS eProtect\Fws.exe
[2008/09/10 13:01:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
[2007/09/06 12:28:18 | 00,110,592 | ---- | M] (Apple, Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
[1999/12/12 17:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTSVCCDA.EXE
[2007/11/27 13:02:46 | 00,177,448 | R--- | M] (Authentium, Inc.) -- C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
[2006/12/19 12:45:16 | 00,280,080 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
[2008/12/03 10:55:26 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
[2004/05/24 11:35:52 | 00,322,104 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\drivers\KodakCCS.exe
[2008/02/29 14:16:00 | 00,309,088 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\Common Files\Motive\McciCMService.exe
[2008/04/28 06:23:28 | 00,414,984 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
[2007/10/03 09:23:42 | 00,598,856 | ---- | M] (Webroot Software, Inc.) -- C:\Program Files\Webroot\Washer\WasherSvc.exe
[2008/09/12 18:46:32 | 00,061,856 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\system32\ZuneBusEnum.exe
[2006/10/18 19:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
[2008/04/28 06:23:36 | 00,738,568 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
[2001/08/08 12:17:20 | 00,043,520 | R--- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WFXSNT40.EXE
[2003/02/28 15:32:01 | 00,151,597 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
[2002/09/10 18:57:20 | 00,046,592 | ---- | M] (Avance Logic, Inc.) -- C:\WINDOWS\SOUNDMAN.EXE
[2003/06/17 14:43:42 | 00,208,896 | ---- | M] (ACD Systems, Ltd.) -- C:\Program Files\ACD Systems\DevDetect\DevDetect.exe
[2005/03/17 13:25:54 | 00,057,393 | ---- | M] (ScanSoft, Inc.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
[2006/06/28 06:46:30 | 00,622,592 | ---- | M] () -- C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
[2008/12/03 10:55:26 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
[2007/12/11 12:10:26 | 00,267,048 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
[2008/09/12 18:46:32 | 00,160,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zune\ZuneLauncher.exe
[2007/05/14 08:10:38 | 02,061,816 | ---- | M] (TELUS) -- C:\Program Files\TELUS\eProtect Advisor\TEPA.exe
[2007/09/13 15:22:08 | 00,310,000 | ---- | M] (TELUS) -- C:\Program Files\TELUS\TELUS eProtect\RPS.exe
[2008/02/25 07:22:54 | 01,468,256 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\TELUS\TELUS Support Centre\bin\McciTrayApp.exe
[2008/10/24 12:54:28 | 00,393,216 | ---- | M] (TELUS) -- C:\Program Files\TELUS eCare\SmartBridge\MotiveSB.exe
[2007/07/07 21:35:04 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[2008/09/16 12:16:08 | 01,833,296 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
[2007/10/18 19:10:42 | 00,479,232 | ---- | M] (Nikon Corporation) -- C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
[2007/05/14 08:10:40 | 00,292,344 | ---- | M] (Radialpoint Inc.) -- C:\Program Files\TELUS\eProtect Advisor\TEPAComHandler.exe
[2008/09/27 12:45:52 | 00,099,056 | ---- | M] (Radialpoint Inc.) -- C:\Program Files\TELUS\TELUS eProtect\rpsupdaterR.exe
[2006/03/01 15:06:22 | 00,069,632 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe
[2007/12/11 12:10:16 | 00,504,104 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
[2003/02/28 15:32:01 | 00,053,293 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realevent.exe
[2008/04/13 16:12:33 | 00,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
[2008/10/14 23:06:26 | 00,633,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
[2009/01/02 16:05:04 | 00,423,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tim\Desktop\OTViewIt.exe
[2008/04/13 16:12:18 | 00,180,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dwwin.exe
[2008/04/13 16:12:29 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe
[2008/04/13 16:12:29 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\notepad.exe

========== (O23) Win32 Services ==========

[2008/09/10 13:01:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice [Auto | Running])
[2007/09/06 12:28:18 | 00,110,592 | ---- | M] (Apple, Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
[2005/09/23 06:28:32 | 00,029,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
[2003/06/02 18:30:20 | 00,282,624 | ---- | M] () -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller [Auto | Stopped])
[2002/11/07 21:00:00 | 00,110,677 | ---- | M] () -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart [Auto | Stopped])
[2005/09/23 06:28:56 | 00,066,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
[1999/12/12 17:01:00 | 00,044,032 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\system32\CTSVCCDA.EXE -- (Creative Service for CDROM Access [Auto | Running])
[2007/11/27 13:02:46 | 00,177,448 | R--- | M] (Authentium, Inc.) -- C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe -- (dvpapi [Auto | Running])
[2007/01/27 09:32:06 | 00,138,168 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
[2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
[2007/12/11 12:10:16 | 00,504,104 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
[2006/12/19 12:45:16 | 00,280,080 | ---- | M] (CA, Inc.) -- C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe -- (ITMRTSVC [Auto | Running])
[2008/12/03 10:55:26 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
[2004/05/24 11:35:52 | 00,322,104 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\drivers\KodakCCS.exe -- (KodakCCS [Auto | Running])
[2008/02/29 14:16:00 | 00,309,088 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\Common Files\Motive\McciCMService.exe -- (McciCMService [Auto | Running])
[2008/04/28 06:23:28 | 00,414,984 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk\PDAgent.exe -- (PDAgent [Auto | Running])
[2008/04/28 06:23:36 | 00,738,568 | ---- | M] (Raxco Software, Inc.) -- C:\Program Files\Raxco\PerfectDisk\PDEngine.exe -- (PDEngine [On_Demand | Running])
[2008/09/27 12:45:52 | 00,099,056 | ---- | M] (Radialpoint Inc.) -- C:\Program Files\TELUS\TELUS eProtect\rpsupdaterR.exe -- (RPSUpdaterR [On_Demand | Running])
[2007/09/13 15:21:50 | 00,293,104 | ---- | M] (TELUS) -- C:\Program Files\TELUS\TELUS eProtect\Fws.exe -- (RP_FWS [Auto | Running])
[2007/01/19 11:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
[2006/10/18 19:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [Auto | Running])
[2007/10/03 09:23:42 | 00,598,856 | ---- | M] (Webroot Software, Inc.) -- C:\Program Files\Webroot\Washer\WasherSvc.exe -- (wwEngineSvc [Auto | Running])
[2008/09/12 18:46:32 | 00,061,856 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\system32\ZuneBusEnum.exe -- (ZuneBusEnum [Auto | Running])
[2008/09/12 18:48:54 | 05,119,392 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc [On_Demand | Stopped])
[2008/09/12 18:48:22 | 00,245,664 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\system32\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc [On_Demand | Stopped])

========== Driver Services ==========

[2002/09/16 02:25:02 | 00,941,516 | ---- | M] (Avance Logic, Inc.) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM [On_Demand | Running])
[2008/04/13 10:31:33 | 00,037,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\amdk7.sys -- (AmdK7 [System | Running])
[2004/08/03 21:29:26 | 00,701,440 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag [On_Demand | Running])
[2003/10/21 10:20:56 | 00,104,960 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atinrvxx.sys -- (atinrvxx [On_Demand | Running])
[2003/10/21 10:16:12 | 00,056,832 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atintuxx.sys -- (ATITUNEP [Auto | Running])
[2003/10/21 10:19:12 | 00,051,712 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atinraxx.sys -- (ativraxx [On_Demand | Running])
[2003/10/21 10:20:00 | 00,063,488 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atinxsxx.sys -- (ATIXSAudio [Auto | Running])
[2004/10/15 11:50:20 | 00,015,295 | ---- | M] (Brother Industries Ltd.) -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb [On_Demand | Running])
[2006/01/18 21:44:46 | 00,053,248 | ---- | M] (Brother Industries Ltd.) -- C:\WINDOWS\system32\drivers\BrSerIf.sys -- (BrSerIf [On_Demand | Running])
[2006/01/19 02:17:38 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\WINDOWS\system32\drivers\BrUsbSer.sys -- (BrUsbSer [On_Demand | Running])
[2001/10/01 15:29:22 | 00,006,144 | ---- | M] (Ravisent Technologies, Inc.) -- C:\WINDOWS\system32\drivers\cinemsup.sys -- (CINEMSUP [Auto | Running])
[2005/05/12 13:21:08 | 01,332,544 | ---- | M] (C-Media Inc) -- C:\WINDOWS\system32\drivers\cmuda.sys -- (cmuda [On_Demand | Stopped])
[2007/11/26 15:33:52 | 00,835,792 | ---- | M] (Authentium, Inc) -- C:\WINDOWS\system32\drivers\Css-Dvp.sys -- (CSS DVP [Auto | Running])
[2004/05/20 07:21:10 | 00,036,918 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\drivers\DcCam.sys -- (DcCam [System | Running])
[2004/05/20 07:41:54 | 00,061,564 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\drivers\DcFpoint.sys -- (DcFpoint [On_Demand | Stopped])
[2004/06/02 12:19:00 | 00,038,705 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\drivers\DCFS2k.sys -- (DCFS2K [Auto | Running])
[2004/05/20 07:39:42 | 00,008,022 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\drivers\DcLps.sys -- (DcLps [On_Demand | Stopped])
[2004/05/20 07:45:20 | 00,068,950 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\drivers\DcPtp.sys -- (DcPTP [On_Demand | Stopped])
[2008/04/25 05:38:22 | 00,071,184 | ---- | M] (Raxco Software, Inc.) -- C:\WINDOWS\System32\drivers\DefragFs.sys -- (DefragFS [Boot | Running])
[2004/06/02 12:17:56 | 00,151,985 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\drivers\ExportIt.sys -- (Exportit [System | Stopped])
[2008/04/13 10:45:29 | 00,010,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum [On_Demand | Running])
[2006/09/19 15:44:04 | 00,015,664 | ---- | M] (GEAR Software Inc.) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
[2008/04/13 10:39:48 | 00,014,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid [System | Stopped])
[2007/09/26 09:43:15 | 00,019,712 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50 [On_Demand | Stopped])
[2004/11/22 15:36:34 | 00,019,345 | ---- | M] (Motive, Inc.) -- C:\Program Files\Common Files\Motive\MREMPR5.sys -- (MREMPR5 [On_Demand | Stopped])
[2004/11/22 15:36:39 | 00,018,003 | ---- | M] (Motive, Inc.) -- C:\Program Files\Common Files\Motive\MRENDIS5.sys -- (MRENDIS5 [On_Demand | Stopped])
[2007/09/26 09:43:13 | 00,018,304 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50 [On_Demand | Stopped])
[2001/08/17 06:00:04 | 00,002,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401 [On_Demand | Running])
[2003/10/21 10:23:00 | 00,013,824 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atinmdxx.sys -- (MVDCODEC [Auto | Running])
[2005/01/05 13:43:06 | 00,004,682 | ---- | M] (INCA Internet Co., Ltd.) -- C:\WINDOWS\system32\npptNT2.sys -- (NPPTNT2 [System | Running])
[2003/10/21 10:23:14 | 00,014,336 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\drivers\atinpdxx.sys -- (PCDCODEC [Auto | Running])
[2003/03/05 11:19:28 | 00,015,840 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\drivers\PfModNT.sys -- (PfModNT [Auto | Running])
[2002/08/29 12:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink [On_Demand | Running])
[2007/03/07 15:51:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\system32\drivers\pxhelp20.sys -- (PxHelp20 [Boot | Running])
[2002/08/29 12:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rootmdm.sys -- (ROOTMODEM [On_Demand | Running])
[2007/04/19 10:36:50 | 00,048,384 | ---- | M] (Radialpoint, Inc.) -- C:\WINDOWS\system32\drivers\rp_pkt32.sys -- (RPPKT [On_Demand | Running])
[2008/09/27 12:45:55 | 00,053,192 | ---- | M] (Radialpoint Inc.) -- C:\WINDOWS\system32\drivers\rp_skt32.sys -- (RPSKT [Auto | Running])
[2003/08/13 14:27:22 | 00,065,280 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\drivers\Rtlnic51.sys -- (RTL8023 [On_Demand | Stopped])
[2004/07/16 13:19:52 | 00,070,400 | ---- | M] (Realtek Semiconductor Corporation ) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp [On_Demand | Running])
[2004/08/03 21:31:32 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139 [On_Demand | Stopped])
[2007/11/13 02:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv [Auto | Running])
[2007/02/20 13:07:56 | 00,005,632 | R--- | M] () -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen [System | Running])
[2008/04/13 10:45:12 | 00,060,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio [On_Demand | Stopped])
[2003/07/02 03:42:00 | 00,027,904 | R--- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS -- (viaagp1 [Boot | Running])
[2008/03/27 15:27:46 | 00,503,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\wdf01000.sys -- (Wdf01000 [On_Demand | Running])
[2006/11/02 07:00:08 | 00,039,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB [On_Demand | Stopped])
[2004/04/14 11:08:00 | 00,020,608 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\WmAdiHid.sys -- (WmAdiHid [On_Demand | Stopped])
[2004/04/14 11:08:00 | 00,010,144 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum [On_Demand | Running])
[2004/04/14 11:08:00 | 00,021,280 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter [On_Demand | Stopped])
[2004/04/14 11:08:00 | 00,005,600 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid [On_Demand | Stopped])
[2004/04/14 11:08:00 | 00,044,064 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore [On_Demand | Running])
[2008/09/12 18:32:04 | 00,040,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\zumbus.sys -- (zumbus [Auto | Running])

========== (R ) Internet Explorer ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main]
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"Default_Search_URL"=http://www.google.com/ie
"Default_Secondary_Page_URL"=
"Extensions Off Page"=about:NoAdd-ons
"Search Page"=http://www.google.com
"Security Risk Page"=about:SecurityRisk
"Start Page"=http://www.google.com

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search]
"CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
"Default_Search_URL"=http://www.google.com/ie
"SearchAssistant"=http://www.google.com

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main]
"Page_Transitions"=
"Search Page"=http://www.google.com
"SearchMigratedDefaultName"=Google
"SearchMigratedDefaultURL"=http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
"Start Page"=http://www.mytelus.com/new_homepage/

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Search]
"SearchAssistant"=http://www.google.com

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL]
""=http://www.google.com/search?q=%s

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = 127.0.0.1

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main]
"Start Page"=http://www.a-power.com/

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main]
"Start Page"=http://www.a-power.com/

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main]
"Start Page"=http://www.a-power.com/

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main]
"Start Page"=http://www.a-power.com/

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0

[HKEY_USERS\S-1-5-21-1421531899-495446925-488748980-1005\SOFTWARE\Microsoft\Internet Explorer\Main]
"Page_Transitions"=
"Search Page"=http://www.google.com
"SearchMigratedDefaultName"=Google
"SearchMigratedDefaultURL"=http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
"Start Page"=http://www.mytelus.com/new_homepage/

[HKEY_USERS\S-1-5-21-1421531899-495446925-488748980-1005\SOFTWARE\Microsoft\Internet Explorer\Search]
"SearchAssistant"=http://www.google.com

[HKEY_USERS\S-1-5-21-1421531899-495446925-488748980-1005\Software\Microsoft\Internet Explorer\SearchURL]
""=http://www.google.com/search?q=%s

[HKEY_USERS\S-1-5-21-1421531899-495446925-488748980-1005\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" (HKLM) -- C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1421531899-495446925-488748980-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = 0
"ProxyOverride" = 127.0.0.1

========== (O1) Hosts File ==========

HOSTS File = (686 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
First 25 entries...
127.0.0.1 localhost

========== (O2) BHO's ==========

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (HKLM) -- C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (HKLM) -- C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
{DBC80044-A445-435b-BC74-9C25C1C588A9} (HKLM) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} (HKLM) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

========== (O3) Toolbars ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" (HKLM) -- c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" (HKLM) -- C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar]
"{D0943516-5076-4020-A3B5-AEFAF26AB263}" (HKLM) -- C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll (Veoh Networks Inc)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{A057A204-BACC-4D26-9990-79A187E2698E}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" (HKLM) -- C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)

[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)

[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" (HKLM) -- C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)

[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" (HKLM) -- C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1421531899-495446925-488748980-1005\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-1421531899-495446925-488748980-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" (HKLM) -- c:\Program Files\Google\GoogleToolbar4.dll (Google Inc.)

[HKEY_USERS\S-1-5-21-1421531899-495446925-488748980-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-1421531899-495446925-488748980-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{A057A204-BACC-4D26-9990-79A187E2698E}" (HKLM) -- Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-1421531899-495446925-488748980-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" (HKLM) -- C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)

========== (O4) Run Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"brastk"=brastk.exe File not found
"BrMfcWnd"=C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN ()
"Camera Detector"=C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun (ACD Systems, Ltd.)
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd File not found
"-FreedomNeedsReboot"="C:\Program Files\TELUS\TELUS eProtect\ZkRunOnceR.exe" (TELUS)
"HydarVisionDesktopManager"= File not found
"IndexSearch"=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (ScanSoft, Inc.)
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
"Motive SmartBridge"=C:\PROGRA~1\TELUSE~1\SMARTB~1\MotiveSB.exe (TELUS)
"PaperPort PTD"=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.)
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime (Apple Inc.)
"SoundMan"=SOUNDMAN.EXE (Avance Logic, Inc.)
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot (Scansoft, Inc.)
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
"TELUS eProtect"="C:\Program Files\TELUS\TELUS eProtect\Rps.exe" (TELUS)
"TELUS_McciTrayApp"=C:\Program Files\TELUS\TELUS Support Centre\bin\McciTrayApp.exe (Motive Communications, Inc.)
"TEPA.exe"="C:\Program Files\TELUS\eProtect Advisor\TEPA.exe" /AUTORUN (TELUS)
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
"WinFaxAppPortStarter"=wfxsnt40.exe (Microsoft Corporation)
"Zune Launcher"="c:\Program Files\Zune\ZuneLauncher.exe" (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATI Launchpad"= File not found
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-1421531899-495446925-488748980-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATI Launchpad"= File not found
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

========== (O4) RunOnce Keys ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"IndexCleaner"="C:\Program Files\TELUS\TELUS eProtect\IdxClnR.exe" (TELUS)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"IndexCleaner"="C:\Program Files\TELUS\TELUS eProtect\IdxClnR.exe" (TELUS)

[HKEY_USERS\S-1-5-21-1421531899-495446925-488748980-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"IndexCleaner"="C:\Program Files\TELUS\TELUS eProtect\IdxClnR.exe" (TELUS)

========== (O4) Startup Folders ==========

[2001/02/13 01:01:04 | 00,083,360 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
[2004/03/16 16:49:50 | 00,217,088 | ---- | M] (Motive Communications, Inc.) -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\TELUS eCare.lnk = C:\Program Files\TELUS eCare\bin\matcli.exe
[2004/12/07 16:45:09 | 00,325,632 | ---- | M] () -- C:\Documents and Settings\Ann\Start Menu\Programs\Startup\Event Reminder.lnk = C:\Program Files\Mindscape\PrintMaster\PMREMIND.EXE
File not found --
[2007/10/18 19:10:42 | 00,479,232 | ---- | M] (Nikon Corporation) -- C:\Documents and Settings\Tim\Start Menu\Programs\Startup\Nikon Monitor.lnk = C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe

========== (O6 & O7) Current Version Policies ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

[HKEY_USERS\S-1-5-21-1421531899-495446925-488748980-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"NoDriveTypeAutoRun"=145

========== (O8) IE Context Menu Extensions ==========

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\]
&Search: File not found
&Windows Live Search: C:\Program Files\Windows Live Toolbar\msntb.dll [2007/10/19 11:20:48 | 00,546,320 | ---- | M] (Microsoft Corporation)
E&xport to Microsoft Excel: C:\Program Files\Microsoft Office\Office10\EXCEL.EXE [2008/10/28 16:07:58 | 09,362,248 | R--- | M] (Microsoft Corporation)
Open in new background tab: C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui File not found
Open in new foreground tab: C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui File not found

[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\]
&Windows Live Search: C:\Program Files\Windows Live Toolbar\msntb.dll [2007/10/19 11:20:48 | 00,546,320 | ---- | M] (Microsoft Corporation)
E&xport to Microsoft Excel: C:\Program Files\Microsoft Office\Office10\EXCEL.EXE [2008/10/28 16:07:58 | 09,362,248 | R--- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\]
&Windows Live Search: C:\Program Files\Windows Live Toolbar\msntb.dll [2007/10/19 11:20:48 | 00,546,320 | ---- | M] (Microsoft Corporation)
E&xport to Microsoft Excel: C:\Program Files\Microsoft Office\Office10\EXCEL.EXE [2008/10/28 16:07:58 | 09,362,248 | R--- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\MenuExt\]
&Windows Live Search: Reg Error: Key does not exist or could not be opened. File not found
E&xport to Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\MenuExt\]
&Windows Live Search: Reg Error: Key does not exist or could not be opened. File not found
E&xport to Microsoft Excel: Reg Error: Key does not exist or could not be opened. File not found

[HKEY_USERS\S-1-5-21-1421531899-495446925-488748980-1005\Software\Microsoft\Internet Explorer\MenuExt\]
&Search: File not found
&Windows Live Search: C:\Program Files\Windows Live Toolbar\msntb.dll [2007/10/19 11:20:48 | 00,546,320 | ---- | M] (Microsoft Corporation)
E&xport to Microsoft Excel: C:\Program Files\Microsoft Office\Office10\EXCEL.EXE [2008/10/28 16:07:58 | 09,362,248 | R--- | M] (Microsoft Corporation)
Open in new background tab: C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui File not found
Open in new foreground tab: C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui File not found

========== (O9) IE Extensions ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
{44226DFF-747E-4edc-B30C-78752E50CD0C}: Button: ATI TV -- %ProgramFiles%\ATI Multimedia\TV\EXPLBAR.DLL [2001/08/24 08:27:34 | 00,131,072 | ---- | M] (ATI Technologies Inc.)
{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}: Button: PartyPoker.com -- File not found
{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}: Menu: PartyPoker.com -- File not found
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}: Menu: Spybot - Search && Destroy Configuration -- %ProgramFiles%\Spybot - Search & Destroy\SDHelper.dll [2008/09/15 14:25:44 | 01,562,960 | ---- | M] (Safer Networking Limited)
{e2e2dd38-d088-4134-82b7-f2ba38496583}: Menu: @xpsp3res.dll,-20001 -- %SystemRoot%\network diagnostic\xpnetdiag.exe [2008/04/13 10:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Button: Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/13 16:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}: Menu: Windows Messenger -- %ProgramFiles%\Messenger\msmsgs.exe [2008/04/13 16:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{3E230861-5C87-11D3-A1C6-00105A1B41B8} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{44226DFF-747E-4edc-B30C-78752E50CD0C} [HKLM] -> %ProgramFiles%\ATI Multimedia\TV\EXPLBAR.DLL [&ATI TV] -> [2001/08/24 08:27:34 | 00,131,072 | ---- | M] (ATI Technologies Inc.)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 16:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{44226DFF-747E-4edc-B30C-78752E50CD0C} [HKLM] -> %ProgramFiles%\ATI Multimedia\TV\EXPLBAR.DLL [&ATI TV] -> [2001/08/24 08:27:34 | 00,131,072 | ---- | M] (ATI Technologies Inc.)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 16:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{44226DFF-747E-4edc-B30C-78752E50CD0C} [HKLM] -> %ProgramFiles%\ATI Multimedia\TV\EXPLBAR.DLL [&ATI TV] -> [2001/08/24 08:27:34 | 00,131,072 | ---- | M] (ATI Technologies Inc.)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 16:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1421531899-495446925-488748980-1005\SOFTWARE\Microsoft\Internet Explorer\Extensions\]
CmdMapping\\{3E230861-5C87-11D3-A1C6-00105A1B41B8} [HKLM] -> [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\{44226DFF-747E-4edc-B30C-78752E50CD0C} [HKLM] -> %ProgramFiles%\ATI Multimedia\TV\EXPLBAR.DLL [&ATI TV] -> [2001/08/24 08:27:34 | 00,131,072 | ---- | M] (ATI Technologies Inc.)
CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 16:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)

========== (O12) Internet Explorer Plugins ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\]
PluginsPage: "" = http://activex.microsoft.com/controls/find...=%s&mime=%s
PluginsPageFriendlyName: "" = Microsoft ActiveX Gallery
Extension\.spop: -- C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll [2001/01/30 12:56:24 | 00,225,280 | ---- | M] (InterTrust Technologies Corporation, Inc.)

========== (O13) Default Prefixes ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

========== (O15) Trusted Sites ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
41 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
: msn in My Computer
aol.com\free: http in Local intranet
43 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
41 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
41 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
84 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
84 domain(s) and sub-domain(s) not assigned to a zone.

[HKEY_USERS\S-1-5-21-1421531899-495446925-488748980-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\]
: msn in My Computer
aol.com\free: http in Local intranet
43 domain(s) and sub-domain(s) not assigned to a zone.

========== (O16) DPF ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\]
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}: http://www.apple.com/qtactivex/qtplugin.cab -- QuickTime Object
{11260943-421B-11D0-8EAC-0000C07D88CF}: http://www.ipix.com/viewers/ipixx.cab -- iPIX ActiveX Control
{166B1BCA-3F9C-11CF-8075-444553540000}: http://download.macromedia.com/pub/shockwa...director/sw.cab -- Shockwave ActiveX Control
{17492023-C23A-453E-A040-C7C580BBF700}: http://download.microsoft.com/download/5/b...heckControl.cab -- Windows Genuine Advantage Validation Tool
{2917297F-F02B-4B9D-81DF-494B6333150B}: http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab -- Minesweeper Flags Class
{31435657-9980-0010-8000-00AA00389B71}: http://download.microsoft.com/download/e/2...78f/wvc1dmo.cab -- Reg Error: Key does not exist or could not be opened.
{33564D57-0000-0010-8000-00AA00389B71}: http://download.microsoft.com/download/F/6...922/wmv9VCM.CAB -- Reg Error: Key does not exist or could not be opened.
{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE}: http://office.microsoft.com/officeupdate/content/opuc.cab -- Office Update Installation Engine
{5C6698D9-7BE4-4122-8EC5-291D84DBD4A0}: http://upload.facebook.com/controls/Facebo...toUploader3.cab -- Facebook Photo Uploader 4 Control
{5F8469B4-B055-49DD-83F7-62B522420ECC}: http://upload.facebook.com/controls/Facebo...otoUploader.cab -- Facebook Photo Uploader Control
{644E432F-49D3-41A1-8DD5-E099162EEEC5}: http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab -- Symantec RuFSI Utility Class
{69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A}: http://www.acclaim.com/cabs/acclaim_v4.cab -- GameLauncher Control
{74D05D43-3236-11D4-BDCD-00C04F9A3B61}: http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab -- HouseCall Control
{88D758A3-D33B-45FD-91E3-67749B4057FA}: http://dm.screensavers.com/dm/installers/si/1/sinstaller.cab -- Reg Error: Key does not exist or could not be opened.
{8AD9C840-044E-11D1-B3E9-00805F499D93}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_11
{8E0D4DE5-3180-4024-A327-4DFAD1796A8D}: http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab -- MessengerStatsClient Class
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}: http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab -- Reg Error: Key does not exist or could not be opened.
{9A9307A0-7DA4-4DAF-B042-5009F29E09E1}: http://www.pandasoftware.com/activescan/as5/asinst.cab -- ActiveScan Installer Class
{BD08A9D5-0E5C-4F42-99A3-C0CB5E860557}: http://cdn1.acclaimdownloads.com/solidstateion.cab -- CSolidBrowserObj Object
{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}: http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab -- Java Plug-in 1.5.0_10
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_11
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}: http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab -- Java Plug-in 1.6.0_11
{D27CDB6E-AE6D-11CF-96B8-444553540000}: http://download.macromedia.com/pub/shockwa...ash/swflash.cab -- Reg Error: Key does not exist or could not be opened.
{DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6}: http://aolsvc.aol.com/onlinegames/dinerdas...sh.1.0.0.72.cab -- CPlayFirstDinerDashControl Object
{F137B9BA-89EA-4B04-9C67-2074A9DF61FD}: http://costco.pnimedia.com/upload/activex/...upv2.0.0.10.cab? -- Photo Upload Plugin Class

========== (O17) DNS Name Servers ==========

{091BAB9F-6283-4FF1-8C08-A421D675CE8F} (Servers: | Description: Realtek RTL8139/810x Family Fast Ethernet NIC)
{3C85615E-A187-46B2-A1C9-A43DBEC8AA8E} (Servers: | Description: 1394 Net Adapter)
{5AB0E569-A5D9-41A0-9DF4-69C8EF2BBF2C} (Servers: | Description: )

========== (O20) AppInit_DLLs ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_Dlls"=C:\WINDOWS\System32\deimg40132.dll
>[2008/11/28 22:29:34 | 00,135,168 | ---- | M] () -- C:\WINDOWS\system32\deimg40132.dll

========== (O20) Winlogon Notify Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\]
__c009BF65: "DllName" = C:\WINDOWS\system32\__c009BF65.dat -- C:\WINDOWS\system32\__c009BF65.dat ()
3c24e201509: "DllName" = C:\WINDOWS\System32\deimg40132.dll -- C:\WINDOWS\system32\deimg40132.dll ()

========== Safeboot Options ==========

"AlternateShell"=cmd.exe

========== CDRom AutoRun Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"AutoRun" = 1

========== Autorun Files on Drives ==========

AUTOEXEC.BAT []
[2003/01/28 17:00:29 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT -- [ NTFS ]

========== Files/Folders - Created Within 30 Days ==========

[1 C:\*.tmp files]
[11 C:\WINDOWS\System32\*.tmp files]
[13 C:\WINDOWS\*.tmp files]
[2009/01/02 16:05:01 | 00,423,424 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Tim\Desktop\OTViewIt.exe
[2009/01/01 12:13:44 | 00,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2009/01/01 12:13:44 | 00,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2009/01/01 12:13:37 | 00,000,000 | -HSD | C] -- C:\WINDOWS\System32\GroupPolicyManifest
[2008/12/27 18:37:29 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2008/12/24 11:41:58 | 00,000,268 | -H-- | C] () -- C:\sqmdata09.sqm
[2008/12/24 11:41:58 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt09.sqm
[2008/12/21 23:36:36 | 00,000,268 | -H-- | C] () -- C:\sqmdata08.sqm
[2008/12/21 23:36:36 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt08.sqm
[2008/12/21 21:07:09 | 00,000,157 | ---- | C] () -- C:\xcrashdump.dat
[2008/12/19 22:36:21 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\__c00945C6.dat
[2008/12/18 20:21:23 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\__c009BF65.dat
[2008/12/16 16:10:28 | 00,000,000 | ---D | C] -- C:\rsit
[2008/12/16 16:10:28 | 00,000,000 | ---D | C] -- C:\Program Files\trend micro
[2008/12/16 16:08:37 | 00,305,705 | ---- | C] () -- C:\Documents and Settings\Tim\Desktop\RSIT.exe
[2008/12/16 14:08:55 | 00,024,576 | ---- | C] () -- C:\WINDOWS\System32\__c00B5732.dat
[2008/12/14 22:36:01 | 10,732,70784 | -HS- | C] () -- C:\hiberfil.sys
[2008/12/14 22:22:57 | 00,578,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\user32.dll
[2008/12/14 22:18:52 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2008/12/14 22:12:33 | 00,000,000 | ---D | C] -- C:\SDFix
[2008/12/14 14:14:42 | 01,529,241 | ---- | C] () -- C:\Documents and Settings\Tim\Desktop\SDFix.exe
[2008/12/14 08:35:35 | 00,000,000 | ---D | C] -- C:\Avenger
[2008/12/14 00:26:21 | 00,000,268 | -H-- | C] () -- C:\sqmdata07.sqm
[2008/12/14 00:26:21 | 00,000,244 | -H-- | C] () -- C:\sqmnoopt07.sqm
[2008/12/12 08:14:43 | 00,100,352 | ---- | C] () -- C:\Documents and Settings\Tim\My Documents\Fool's War.doc
[2008/12/12 08:11:16 | 00,479,232 | ---- | C] () -- C:\Documents and Settings\Tim\My Documents\POems ANTH.doc
[2008/12/12 08:11:05 | 00,030,720 | ---- | C] () -- C:\Documents and Settings\Tim\My Documents\Chosen Song.doc
[2008/12/12 07:51:45 | 00,041,472 | ---- | C] () -- C:\Documents and Settings\Tim\My Documents\Epic ANTH.doc
[2008/12/12 07:47:31 | 00,152,576 | ---- | C] () -- C:\Documents and Settings\Tim\My Documents\Elegy ANTH.doc
[2008/12/11 22:43:43 | 00,033,792 | ---- | C] () -- C:\Documents and Settings\Tim\My Documents\English Anthology P2.doc
[2008/12/11 22:43:31 | 00,044,032 | ---- | C] () -- C:\Documents and Settings\Tim\My Documents\English Anthology P1.doc

========== Files - Modified Within 30 Days ==========

[1 C:\*.tmp files]
[11 C:\WINDOWS\System32\*.tmp files]
[13 C:\WINDOWS\*.tmp files]
[8 C:\Documents and Settings\Tim\My Documents\*.tmp files]
[2009/01/02 16:06:00 | 00,000,426 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{22A4E02E-ADFB-4BE8-BCBB-E04B6B683690}.job
[2009/01/02 16:05:04 | 00,423,424 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Tim\Desktop\OTViewIt.exe
[2009/01/02 16:02:22 | 00,001,169 | -HS- | M] () -- C:\Documents and Settings\Tim\Application Data\020000007c9bed84509P.manifest
[2009/01/02 15:26:03 | 00,000,250 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2009/01/02 12:27:36 | 00,001,513 | -HS- | M] () -- C:\Documents and Settings\Tim\Application Data\020000007c9bed84509O.manifest
[2009/01/02 12:27:35 | 00,012,318 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/01/02 12:27:34 | 00,000,011 | -HS- | M] () -- C:\Documents and Settings\Tim\Application Data\020000007c9bed84509S.manifest
[2009/01/02 12:27:33 | 00,001,006 | -HS- | M] () -- C:\Documents and Settings\Tim\Application Data\020000007c9bed84509C.manifest
[2009/01/02 12:27:26 | 00,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2009/01/02 12:27:20 | 00,000,434 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2009/01/02 12:26:55 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/01/02 12:26:41 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/01/02 12:26:39 | 10,732,70784 | -HS- | M] () -- C:\hiberfil.sys
[2009/01/01 18:35:42 | 00,024,576 | ---- | M] () -- C:\WINDOWS\System32\__c009BF65.dat
[2009/01/01 12:13:44 | 00,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2009/01/01 12:13:38 | 00,001,439 | -HS- | M] () -- C:\WINDOWS\System32\GroupPolicy000.dat
[2008/12/30 13:42:08 | 00,000,157 | ---- | M] () -- C:\xcrashdump.dat
[2008/12/27 18:37:29 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2008/12/24 11:41:58 | 00,000,268 | -H-- | M] () -- C:\sqmdata09.sqm
[2008/12/24 11:41:58 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2008/12/21 23:36:36 | 00,000,268 | -H-- | M] () -- C:\sqmdata08.sqm
[2008/12/21 23:36:36 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2008/12/19 19:56:34 | 00,009,677 | ---- | M] () -- C:\WINDOWS\GnuHashes.ini
[2008/12/17 20:00:00 | 00,000,368 | ---- | M] () -- C:\WINDOWS\tasks\RegCure.job
[2008/12/16 16:08:41 | 00,305,705 | ---- | M] () -- C:\Documents and Settings\Tim\Desktop\RSIT.exe
[2008/12/16 14:09:20 | 00,024,576 | ---- | M] () -- C:\WINDOWS\System32\__c00B5732.dat
[2008/12/14 22:26:54 | 00,000,686 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS
[2008/12/14 22:22:57 | 00,578,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\user32.dll
[2008/12/14 16:15:08 | 00,100,352 | ---- | M] () -- C:\Documents and Settings\Tim\My Documents\Fool's War.doc
[2008/12/14 16:15:08 | 00,041,472 | ---- | M] () -- C:\Documents and Settings\Tim\My Documents\Epic ANTH.doc
[2008/12/14 16:14:44 | 00,030,720 | ---- | M] () -- C:\Documents and Settings\Tim\My Documents\Chosen Song.doc
[2008/12/14 14:14:47 | 01,529,241 | ---- | M] () -- C:\Documents and Settings\Tim\Desktop\SDFix.exe
[2008/12/14 00:26:21 | 00,000,268 | -H-- | M] () -- C:\sqmdata07.sqm
[2008/12/14 00:26:21 | 00,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2008/12/12 22:40:02 | 03,593,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mshtml.dll
[2008/12/12 22:40:02 | 03,593,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2008/12/12 16:12:41 | 00,152,576 | ---- | M] () -- C:\Documents and Settings\Tim\My Documents\Elegy ANTH.doc
[2008/12/12 08:11:17 | 00,479,232 | ---- | M] () -- C:\Documents and Settings\Tim\My Documents\POems ANTH.doc
[2008/12/11 22:43:44 | 00,033,792 | ---- | M] () -- C:\Documents and Settings\Tim\My Documents\English Anthology P2.doc
[2008/12/11 22:43:32 | 00,044,032 | ---- | M] () -- C:\Documents and Settings\Tim\My Documents\English Anthology P1.doc
[2008/12/10 20:24:09 | 00,000,283 | ---- | M] () -- C:\Documents and Settings\Tim\Desktop\Coast Capital Savings Credit Union - Personal.url
@Alternate Data Stream - 1150 bytes -> C:\Documents and Settings\Tim\Desktop\Coast Capital Savings Credit Union - Personal.url:favicon
[2008/12/10 10:14:14 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2008/12/10 07:44:03 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008/12/08 17:42:57 | 00,000,282 | ---- | M] () -- C:\Documents and Settings\Tim\Desktop\BC Soccer Central - Boys Standings and Schedules.url
[2008/12/08 17:42:50 | 00,000,377 | ---- | M] () -- C:\Documents and Settings\Tim\Desktop\BC Soccer Central - Girls Standings and Schedules.url
[2008/12/06 15:59:14 | 00,000,344 | ---- | M] () -- C:\WINDOWS\ViewNX.INI
[2008/12/06 15:58:39 | 00,000,020 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdw.DAT
[2008/12/06 15:55:40 | 00,000,020 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLdu.DAT
[2008/12/03 19:52:38 | 00,038,496 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2008/12/03 19:52:34 | 00,015,504 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
< End of report >

OTViewIt Extras logfile created on: 02/01/2009 4:07:32 PM - Run 2
OTViewIt by OldTimer - Version 1.0.20.1 Folder = C:\Documents and Settings\Tim\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

1023.48 Mb Total Physical Memory | 463.57 Mb Available Physical Memory | 45.29% Memory free
1.66 Gb Paging File | 1.17 Gb Available in Paging File | 70.81% Paging File free
Paging file location(s): C:\pagefile.sys 766 768;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.56 Gb Total Space | 18.51 Gb Free Space | 24.83% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 74.52 Gb Total Space | 52.19 Gb Free Space | 70.04% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: YOUR-5JZ7DQJ4J5
Current User Name: Tim
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Whitelist: Off
File Age = 30 Days

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify"=0
"FirewallDisableNotify"=0
"UpdatesDisableNotify"=0
"AntiVirusOverride"=0
"FirewallOverride"=0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"EnableFirewall"=1
"DoNotAllowExceptions"=0
"DisableNotifications"=0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[2008/04/13 16:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
File not found -- C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)
[2008/04/13 10:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2007/01/19 11:54:56 | 05,674,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
[2007/01/04 15:10:02 | 00,297,752 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2008/04/13 16:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation) -- %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019
[2004/02/13 13:12:08 | 00,016,423 | ---- | M] () -- C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe:*:Disabled:Kodak Software Updater
File not found -- C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
[2008/04/13 16:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger
[2007/08/07 08:22:14 | 09,710,464 | ---- | M] (Ensemble Studios) -- C:\Program Files\Microsoft Games\Age of Empires III\age3.exe:*:Enabled:Age of Empires 3
[2008/10/14 23:06:26 | 00,633,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer
File not found -- C:\Program Files\America's Army\System\ArmyOps.exe:*:Enabled:ArmyOps
File not found -- C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)
File not found -- C:\Program Files\Grisoft\AVG Free\avginet.exe:*:Enabled:avginet.exe
File not found -- C:\Program Files\Grisoft\AVG Free\avgcc.exe:*:Enabled:avgcc.exe
File not found -- C:\Program Files\Grisoft\AVG Free\avgamsvr.exe:*:Enabled:avgamsvr.exe
[2008/04/13 10:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation) -- %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000
[2005/10/31 07:56:00 | 00,700,416 | ---- | M] (LimeWire) -- C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer
File not found -- C:\Documents and Settings\Timothy\My Documents\My Games\LimeWire\LimeWire.exe:*:Enabled:LimeWire
File not found -- C:\Documents and Settings\Timothy\My Documents\LimeWire\LimeWire\LimeWire.exe:*:Enabled:LimeWire
File not found -- C:\Program Files\Electronic Arts\The Battle for Middle-earth ™ II\game.dat:*:Enabled:The Battle for Middle-earth™ II
File not found -- C:\Program Files\Microsoft Games\Halo Trial\halo.exe:*:Enabled:Halo
File not found -- C:\Documents and Settings\Timothy\My Documents\New Folder\LimeWire\LimeWire.exe:*:Enabled:LimeWire
File not found -- C:\Program Files\Steam\Steam.exe:*:Enabled:Steam
[2007/10/19 17:00:50 | 02,326,528 | ---- | M] () -- C:\Program Files\Sony\Station\LaunchPad\LaunchPad.exe:*:Enabled:LaunchPad
File not found -- C:\Program Files\Sony\Station\LaunchPad\_aunchPad.exe:*:Enabled:_aunchPad
File not found -- C:\Documents and Settings\Timothy\Local Settings\Temporary Internet Files\Content.IE5\CYM165WO\installer-22999-19-Counter-Strike-1-6-English[1].exe:*:Enabled:installer-22999-19-Counter-Strike-1-6-English[1]
File not found -- C:\Program Files\Nero\Nero8\Nero Home\NeroHome.exe:*:Enabled:Nero Home
File not found -- C:\Program Files\Nero\Nero8\Nero ShowTime\ShowTime.exe:*:Enabled:Nero ShowTime
[2007/12/11 12:10:18 | 17,152,808 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes
File not found -- C:\Program Files\THQ\Dawn of War - Dark Crusade\DarkCrusade.exe:*:Enabled:DarkCrusade
File not found -- C:\Program Files\CCP\EVE\bin\ExeFile.exe:*:Disabled:CCP ExeFile
[2008/05/15 15:11:16 | 03,644,464 | ---- | M] (Veoh Networks) -- C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client
[2007/09/13 10:29:39 | 10,039,872 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe:*:Enabled:Age of Empires III - The Asian Dynasties
[2007/01/19 11:54:56 | 05,674,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
[2007/01/04 15:10:02 | 00,297,752 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
[2008/04/13 16:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe:*:Enabled:Windows Explorer
[2008/12/03 10:55:24 | 00,144,792 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java™ Platform SE binary

========== HKEY_USERS Protocol Defaults ==========


[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols
shell -- shell protocol not assigned

========== HKEY_USERS Protocol Defaults ==========


[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols
shell -- shell protocol not assigned

========== HKEY_USERS Protocol Defaults ==========


[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols
shell -- shell protocol not assigned

========== HKEY_USERS Protocol Defaults ==========


[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults] - Default Protocols
shell -- shell protocol not assigned

========== (O18) Protocol Handlers ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2007/12/12 12:17:12 | 00,069,632 | ---- | M] (Intuit Canada, a general partnership/une société en nom collectif.) C:\Program Files\QuickTax 2007\ic2007pp.dll (intu-qt2007:{026BF40D-BA05-467b-9F1F-AD0D7A3F5F11} (HKLM) [qt2007 Pluggable Protocol Handler Class])

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
ipp: [HKLM - No CLSID value]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2004/01/29 06:08:23 | 01,130,496 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL ipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2007/01/19 12:53:24 | 00,063,344 | ---- | M] (Microsoft Corporation) C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (livecall:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
msdaipp: [HKLM - No CLSID value]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2004/01/29 06:08:23 | 01,130,496 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAMON.BINDER]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\] - Protocol Handlers
[2004/01/29 06:08:23 | 01,130,496 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} (HKLM) [HKLM - MSDAIPP.BINDER]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2007/01/19 12:53:24 | 00,063,344 | ---- | M] (Microsoft Corporation) C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (msnim:{828030A1-22C1-4009-854F-8E305202313F} (HKLM) [Reg Error: Value does not exist or could not be read.])

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\]
[2008/01/24 14:22:56 | 07,255,384 | ---- | M] (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (mso-offdap:{3D9F03FA-7A94-11D3-BE81-0050048385D1} (HKLM) [Data Page Pluggable Protocol mso-offdap Handler])

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}"=Notifier
"{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3}"=Zune Language Pack (FR)
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}"=MSXML4 Parser
"{0405E51E-9582-4207-8F38-AC44201D3808}"=VeohTV BETA
"{045FE8EA-F79B-4629-B680-D8E52EFCD189}"=TELUS eProtect
"{06F80017-8F98-4C94-B868-52358569FC32}"=Command & Conquer Generals
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}"=ATI Control Panel
"{0EFED4A3-64ED-470B-A860-BFA5B470845E}"=RPS Backup
"{10E1FC7C-AB9E-4851-AEC7-8A189A1E7281}"=LogoEase
"{10E98E14-832C-4AF7-A4D1-6A9EF83B282E}"=VCAMCEN
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}"=ESSPCD
"{154508C0-07C5-4659-A7A0-E49968750D21}"=HLPPDOCK
"{18388EF8-E0A3-442B-8BFE-E2F1B3D05C91}"=iTunes
"{212F5777-1190-4DEF-8E4D-6B2F313B45E7}"=PerfectDisk
"{22B3CC30-77B8-419C-AA4B-F571FDF5D66D}"=Windows Live Sign-in Assistant
"{22EC35BD-F8F2-45EB-8DCB-1C7FB65D0A71}"=QuickTax 2007
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=Google Toolbar for Internet Explorer
"{26346FB6-4F69-453D-95CE-B6BA3A5382F8}"=Broderbund Media Manager
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}"=Java™ 6 Update 11
"{2F173C40-563E-11D4-89C5-0010ADDAAC33}"=EA.com Matchup
"{3248F0A8-6813-11D6-A77B-00B0D0150100}"=J2SE Runtime Environment 5.0 Update 10
"{336844B0-0CB8-4C73-80E6-383FB169BC0E}"=RPS Firewall
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}"=Windows Live Toolbar Extension (Windows Live Toolbar)
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}"=WebFldrs XP
"{38441BE7-79B0-42B8-8297-833704F949FE}"=HLPIndex
"{3921A67A-5AB1-4E48-9444-C71814CF3027}"=VCRedistSetup
"{3BC4489D-686F-4D34-AD7D-DAB727CC2D85}"=RPS Privacy Manager
"{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353}"=OTtBPSDK
"{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}"=Google Earth
"{3EA9D975-BFDC-4E8E-B88B-0446FBC8CA66}"=HydraVision
"{4023AAE4-E434-4028-85C5-8FF4159F7AF6}"=RPS AsRealtime
"{432C3720-37BF-4BD7-8E49-F38E090246D0}"=CR2
"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}"=Microsoft Windows Journal Viewer
"{469730CC-78DF-4CD3-B286-562D459EA619}"=ESSCAM
"{48C82F7A-F100-4DAB-A310-8E18BF2159E1}"=ESSvpot
"{4F677FC7-7AA8-412B-A957-F13CBE1C7331}"=ESSSONIC
"{5462A3AE-5D32-4613-876E-D0CD1756B6E5}"=RPS RpsCore
"{54C8FE84-89C4-40E8-976C-439EB0729BD6}"=CardRd81
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}"=neroxml
"{56F3E1FF-54FE-4384-A153-6CCABA097814}"=Creative MediaSource
"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}"=Windows Live Messenger
"{5DFDEAAA-E050-482E-A5B6-138CAE53F7BF}"=Radialpoint Security Services
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}"=Windows Genuine Advantage v1.3.0254.0
"{643EAE81-920C-4931-9F0B-4B343B225CA6}"=ESSBrwr
"{69BD6399-3D8F-45B7-81D9-819361F5101D}"=PCDLNCH
"{6C5930D1-E4BC-4A10-AB5A-224C48CBA7E6}"=America's Army
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}"=Microsoft .NET Framework 2.0
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}"=MSXML 4.0 SP2 Parser and SDK
"{71C97545-E547-4A8B-B0C8-61FF853270AC}"=PaperPort
"{7299052b-02a4-4627-81f2-1818da5d550d}"=Microsoft Visual C++ 2005 Redistributable
"{743F47C1-1194-4C70-8565-2E7A21379F4A}"=RPS AntiSpyware
"{760E1F3F-F2F6-47C7-B4F0-560B8ACA8999}"=RPS Performance Tool
"{76275358-C154-11D5-8D5A-00105A22D3D2}"=ATI Multimedia Center
"{78B7F1F6-9D66-4509-B216-96F4ACBBAC15}"=RPS Security Cleanup
"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}"=Age of Empires III
"{7E370E0D-004C-4DC8-9986-A43F8C79404E}"=Creating Keepsakes Scrapbook Designer
"{87441A59-5E64-4096-A170-14EFE67200C3}"=Picture Control Utility
"{87843A41-7808-4F2E-B13F-25C1E67CF2FD}"=ESShelp
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}"=Microsoft Silverlight
"{8BB4B58A-A402-4DE8-8FCD-287E60B88DD8}"=ESSCT
"{8DD94CA3-BCD2-49C0-B537-F3B5D95FF0C8}"=HLPSFO
"{8E92D746-CD9F-4B90-9668-42B74C14F765}"=ESSini
"{90120000-0020-0409-0000-0000000FF1CE}"=Compatibility Pack for the 2007 Office system
"{90280409-6000-11D3-8CFE-0050048383C9}"=Microsoft Office XP Professional with FrontPage
"{91517631-A9F3-4B7C-B482-43E0068FD55A}"=ESSgui
"{95120000-00B9-0409-0000-0000000FF1CE}"=Microsoft Application Error Reporting
"{97AA0C55-AFAD-4126-B21C-F1318FB6DADA}"=RTLSetup
"{999D43F4-9709-4887-9B1A-83EBB15A8370}"=VPRINTOL
"{99D34763-7E45-4FE5-8424-28DBC3A5F0BF}"=GUIDE PLUS+™ for Windows® System - ATI
"{9A912C12-A7DA-44D7-BD57-5CA85E2F33E1}"=Brother MFL-Pro Suite
"{9AB97F52-512B-43EF-AAEC-4825C17B32ED}"=EA.com Update
"{9D1CF8B6-17B3-4832-B062-2C2DD0B57B04}"=CCHelp
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}"=ESScore
"{A0AF08BA-3630-4505-BFB2-A41F3837B0D0}"=SFR2
"{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69}"=ESSvpaht
"{A62AE053-EB18-4EEF-9EFD-FFE5A4244ADB}"=RPS Zip
"{A642450B-A20E-420D-83F5-DF5C418C50D1}"=RPS AntiFraud
"{A6F18A67-B771-4191-8A33-36D2E742D6D9}"=ESSANUP
"{AA47BB0B-933B-49DF-BE3A-17BFA60B7623}"=RPS ParentalControl
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}"=ESSCDBK
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}"=OfotoXMI
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1"=Spybot - Search & Destroy
"{B43357AA-3A6D-4D94-B56E-43C44D09E548}"=Microsoft .NET Framework (English)
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}"=CCScore
"{B5C209B1-8DDB-4642-A573-375B951514CB}"=Apple Mobile Device Support
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}"=Apple Software Update
"{B9242864-2841-4ADE-86E0-8F90F91B04DD}"=Logitech Gaming Software
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}"=KSU
"{BAC15E33-870A-4D27-B247-999F6A735B45}"=RPS Ad Blocker
"{BD6CB9F6-3AF3-49F0-BBD1-9D13495655F6}"=RPS PopupBlocker
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}"=Creative MediaSource 5
"{C354C9B6-A4E0-4BB0-A368-6DC6BCA0E314}"=SFR
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}"=Age of Empires III - The Asian Dynasties
"{C66F62AD-551B-428F-9183-F5802333367F}"=RPS AntiVirus
"{C70EF769-8296-4ED0-966F-D624BC6D4927}"=Authentium AntiVirus SDK - 2
"{C869F4FF-E5FF-4FBB-9A31-33C23605E170}"=PPSDKRedistributables
"{CA60320D-6A16-49C8-A34F-84EEF4799567}"=ESSTUTOR
"{CADDE354-C78C-46CB-A006-E2B178EFC271}"=Rise Of Legends
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}"=Microsoft .NET Framework 1.1
"{D15E9DB5-6BEB-4534-901E-80C0A29BAB97}"=ESSAdpt
"{D2E3D944-B08E-4446-B0C2-A0E66CB8A7C0}"=RPS Diagnostic Utility
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}"=Nikon Message Center
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}"=Kodak EasyShare software
"{D5A145FC-D00C-4F1A-9119-EB4D9D659750}"=Windows Live Toolbar
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}"=Microsoft XML Parser
"{DC626552-2C9D-4C5E-8367-22FB0C1758B0}"=RPS App Detector
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}"=Ad-Aware
"{E2DAC54C-1560-4F00-B7CD-E9BD89ACFAFD}"=RPS Burn
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}"=Nikon Transfer
"{EE4ACABF-531E-419A-9225-B8E0FA4955AF}"=Zune Language Pack (ES)
"{EED5156C-4BA8-4105-A506-DB9D00F8B68D}"=ACDSee for PENTAX
"{F007CBCE-D714-4C0B-8CE9-9B0D78116468}"=ViewNX
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}"=Smart Menus (Windows Live Toolbar)
"{F2D0C1B1-80FF-46F9-BA61-33B01A07FAFC}"=HLPCCTR
"{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}"=OTtBP
"{FB26EA24-AE01-4C86-BEBC-424D5B81E66E}"=The Print Shop
"{FCDB1C92-03C6-4C76-8625-371224256091}"=ESSPDock
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}"=HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"{FEDE2483-87B7-44C1-A5BB-D75AEB8B6340}"=ESSEMAIL
"{FF70513F-E3A7-402F-84FB-B7810A064BE2}"=Zune
"3D Matrix Communication_is1"=3D Matrix Communication © 2004
"Absolute Fretboard Trainer PRO"=Absolute Fretboard Trainer PRO
"Acoustica MP3 Audio Mixer"=Acoustica MP3 Audio Mixer
"Adobe Acrobat 5.0"=Adobe Acrobat 4.0, 5.0
"Adobe Shockwave Player"=Adobe Shockwave Player 11
"American Greetings® Art & More Store"=American Greetings® Art & More Store
"ATI Display Driver"=ATI Display Driver
"AudibleManager"=AudibleManager
"C-Media Audio Driver"=C-Media WDM Audio Driver
"Creative Audio Pack"=Creative Audio Pack
"Creative Removable Disk Manager"=Creative Removable Disk Manager
"Enable S3 for USB Device"=Enable S3 for USB Device
"EPSON Printer and Utilities"=EPSON Printer Software
"IDNMitigationAPIs"=Microsoft Internationalized Domain Names Mitigation APIs
"ie7"=Windows Internet Explorer 7
"InstallShield_{0405E51E-9582-4207-8F38-AC44201D3808}"=VeohTV BETA
"InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}"=Command & Conquer Generals
"InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}"=Age of Empires III
"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}"=Age of Empires III - The Asian Dynasties
"InstallShield_{CADDE354-C78C-46CB-A006-E2B178EFC271}"=Rise Of Legends
"InterActual Player"=InterActual Player
"Irj2w32.exe"=Interactive Reading Journey for Grades 1-2
"Magic Mirror_is1"=Magic Mirror 3.0
"Malwarebytes' Anti-Malware_is1"=Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)"=Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0"=Microsoft .NET Framework 2.0
"Microsoft .NET Framework Full v1.0.3705 (1033)"=Microsoft .NET Framework (English) v1.0.3705
"MSCompPackV1"=Microsoft Compression Client Pack 1.0 for Windows XP
"MuVo Driver"=MuVo Driver
"NLSDownlevelMapping"=Microsoft National Language Support Downlevel APIs
"OurGardenV3.0 enu"=Garden Composer
"Personalized Learning Center"=Personalized Learning Center
"PrintMaster 7.00"=PrintMaster 7.00
"Qloud Plug-in for iTunes"=Qloud Plug-in for iTunes
"RadialpointClientGateway_is1"=TELUS eProtect Advisor 1.5.12
"RealPlayer 6.0"=RealOne Player
"RegCure"=RegCure 1.5.0.0
"Rrirjw32.exe"=Reader Rabbit's Interactive Reading Journey for Grades K-1
"Serif DrawPlus 3.0"=Serif DrawPlus 3.0
"Shockwave"=Shockwave
"SolidStateIONIE"=Solid State ION Internet Explorer Plugin
"SpeechAPI"=Microsoft Speech API 3.0
"ST6UNST #1"=The SmithMan Calculator
"Stardock Central"=Stardock Central
"Stock Study Guide"=Stock Study Guide
"SysInfo"=Creative System Information
"TELUS.MCCInstall"=TELUS eCare
"The 2000 Canadian Encyclopedia-National Edition"=The 2000 Canadian Encyclopedia-National Edition
"Wdf01007"=Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WebPost"=Microsoft Web Publishing Wizard 1.52
"WidgetWorkshop95v1"=Widget Workshop
"Window Washer"=Window Washer
"Windows Live Toolbar"=Windows Live Toolbar
"Windows Media Format Runtime"=Windows Media Format 11 runtime
"Windows Media Player"=Windows Media Player 11
"Windows XP Service Pack"=Windows XP Service Pack 3
"WinFax"=Symantec WinFax Basic Edition
"WinRAR archiver"=WinRAR archiver
"winusb0100"=Microsoft WinUsb 1.0
"WMFDist11"=Windows Media Format 11 runtime
"wmp11"=Windows Media Player 11
"Wudf01007"=Microsoft User-Mode Driver Framework Feature Pack 1.7
"Wyvern Client"=Wyvern Client
"Xfire"=Xfire (remove only)
"Zoo Tycoon 1.0"=Microsoft Zoo Tycoon
"Zune"=Zune

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 30/12/2008 6:12:07 PM | Computer Name = YOUR-5JZ7DQJ4J5 | Source = Application Error | ID = 1000
Description = Faulting application rundll32.exe, version 5.1.2600.5512, faulting
module unknown, version 0.0.0.0, fault address 0x032bf8d0.

Error - 30/12/2008 6:12:21 PM | Computer Name = YOUR-5JZ7DQJ4J5 | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.

Error - 01/01/2009 4:16:52 PM | Computer Name = YOUR-5JZ7DQJ4J5 | Source = Application Error | ID = 1000
Description = Faulting application start.exe, version 0.0.0.0, faulting module xpsp2res.dll,
version 5.1.2600.5512, fault address 0x0016f8df.

Error - 01/01/2009 4:17:27 PM | Computer Name = YOUR-5JZ7DQJ4J5 | Source = Application Error | ID = 1000
Description = Faulting application start.exe, version 0.0.0.0, faulting module xpsp2res.dll,
version 5.1.2600.5512, fault address 0x000ef8d0.

Error - 01/01/2009 4:19:40 PM | Computer Name = YOUR-5JZ7DQJ4J5 | Source = Application Error | ID = 1000
Description = Faulting application start.exe, version 0.0.0.0, faulting module xpsp2res.dll,
version 5.1.2600.5512, fault address 0x000ef8d0.

Error - 01/01/2009 10:30:24 PM | Computer Name = YOUR-5JZ7DQJ4J5 | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
module deimg40132.dll, version 0.0.0.0, fault address 0x0000e0bf.

Error - 01/01/2009 10:30:59 PM | Computer Name = YOUR-5JZ7DQJ4J5 | Source = Application Error | ID = 1000
Description = Faulting application soundman.exe, version 5.0.0.7, faulting module
unknown, version 0.0.0.0, fault address 0x017cf8d0.

Error - 01/01/2009 10:31:04 PM | Computer Name = YOUR-5JZ7DQJ4J5 | Source = Application Error | ID = 1000
Description = Faulting application matcli.exe, version 5.8.1.51836, faulting module
unknown, version 0.0.0.0, fault address 0x017cf8d0.

Error - 01/01/2009 10:31:37 PM | Computer Name = YOUR-5JZ7DQJ4J5 | Source = Application Error | ID = 1000
Description = Faulting application pptd40nt.exe, version 9.2.0.823, faulting module
unknown, version 0.0.0.0, fault address 0x017cf8d0.

Error - 02/01/2009 8:06:00 PM | Computer Name = YOUR-5JZ7DQJ4J5 | Source = Application Error | ID = 1000
Description = Faulting application otviewit.exe, version 1.0.20.1, faulting module
unknown, version 0.0.0.0, fault address 0x00def8d0.

[ System Events ]
Error - 31/12/2008 9:24:11 PM | Computer Name = YOUR-5JZ7DQJ4J5 | Source = DCOM | ID = 10005
Description = DCOM got error "%1053" attempting to start the service RPSUpdaterR
with arguments "" in order to run the server: {1A395623-5F9D-4C9B-B92E-D56397B31796}

Error - 31/12/2008 9:24:11 PM | Computer Name = YOUR-5JZ7DQJ4J5 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the TELUS eProtect Update
Service service to connect.

Error - 31/12/2008 9:24:11 PM | Computer Name = YOUR-5JZ7DQJ4J5 | Source = Service Control Manager | ID = 7000
Description = The TELUS eProtect Update Service service failed to start due to the
following error: %%1053

Error - 31/12/2008 9:24:41 PM | Computer Name = YOUR-5JZ7DQJ4J5 | Source = DCOM | ID = 10005
Description = DCOM got error "%1053" attempting to start the service iPod Service
with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}

Error - 31/12/2008 9:24:42 PM | Computer Name = YOUR-5JZ7DQJ4J5 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the iPod Service service
to connect.

Error - 31/12/2008 9:24:42 PM | Computer Name = YOUR-5JZ7DQJ4J5 | Source = Service Control Manager | ID = 7000
Description = The iPod Service service failed to start due to the following error:
%%1053

Error - 01/01/2009 4:12:27 PM | Computer Name = YOUR-5JZ7DQJ4J5 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Beep

Error - 01/01/2009 4:16:30 PM | Computer Name = YOUR-5JZ7DQJ4J5 | Source = DCOM | ID = 10010
Description = The server {222F1C6D-F430-4B76-B3F1-1FE92E214AD3} did not register
with DCOM within the required timeout.

Error - 02/01/2009 4:27:09 PM | Computer Name = YOUR-5JZ7DQJ4J5 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Beep

Error - 02/01/2009 6:28:44 PM | Computer Name = YOUR-5JZ7DQJ4J5 | Source = DCOM | ID = 10010
Description = The server {0002DF01-0000-0000-C000-000000000046} did not register
with DCOM within the required timeout.


< End of report >


C:\WINDOWS\System32\deimg40132.dll/C:\WINDOWS\System32\deimg40132.dll Infected: Trojan-Downloader.Win32.Agent.arsg 48

C:\Documents and Settings\Timothy\My Documents\New Folder\Incomplete\Preview-T-3545425-frosty snowman red foley.mp3 Infected: Trojan-Downloader.WMA.GetCodec.r 1

C:\Documents and Settings\Timothy\My Documents\New Folder\Incomplete\Preview-T-3545425-polar express soundtrack.mp3 Infected: Trojan-Downloader.WMA.GetCodec.r 1

C:\Documents and Settings\Timothy\My Documents\New Folder\LimeWire\christmas bells ringing.wma Infected: Trojan-Downloader.WMA.Wimad.n 1

C:\Documents and Settings\Timothy\My Documents\New Folder\LimeWire\Hilary Duff - Last Christmas.mp3 Infected: Trojan-Downloader.WMA.GetCodec.a 1

C:\Documents and Settings\Timothy\My Documents\New Folder\LimeWire\polar express glenn ballard - greatest hits.mp3 Infected: Trojan-Downloader.WMA.GetCodec.n 1

C:\Documents and Settings\Timothy\My Documents\New Folder\LimeWire\polar express soundtrack.mp3 Infected: Trojan-Downloader.WMA.GetCodec.r 1

C:\Documents and Settings\Timothy\My Documents\New Folder\LimeWire\silver bells kate smith - greatest hits.mp3 Infected: Trojan-Downloader.WMA.GetCodec.n 1

C:\WINDOWS\system32\deimg40132.dll Infected: Trojan-Downloader.Win32.Agent.arsg 1

C:\WINDOWS\system32\GroupPolicyManifest\1.music.mp3 Infected: Trojan-Downloader.WMA.GetCodec.r 1

C:\WINDOWS\system32\GroupPolicyManifest\10.setup.zip Infected: P2P-Worm.Win32.Nugg.w 1

C:\WINDOWS\system32\GroupPolicyManifest\11.unpack.zip Infected: P2P-Worm.Win32.Nugg.w 1

C:\WINDOWS\system32\GroupPolicyManifest\12.limepro.zip Infected: P2P-Worm.Win32.Nugg.w 1

C:\WINDOWS\system32\GroupPolicyManifest\13.keygen.zip Infected: P2P-Worm.Win32.Nugg.w 1

C:\WINDOWS\system32\GroupPolicyManifest\2.crack.zip Infected: P2P-Worm.Win32.Nugg.w 1

C:\WINDOWS\system32\GroupPolicyManifest\8.mpgvideo.mpg Infected: Trojan-Downloader.WMA.GetCodec.s 1

C:\WINDOWS\system32\GroupPolicyManifest\9.remix.mp3 Infected: Trojan-Downloader.WMA.GetCodec.r 1

G:\My Downloads\Beach Boys - Barbara Ann.wma Infected: Trojan-Downloader.WMA.GetCodec.a 1

G:\My Downloads\i just wanna get to know you.mp3 Infected: Trojan-Downloader.WMA.GetCodec.c 1

G:\My Downloads\i shall call him squishy nemo.mp3 Infected: Trojan-Downloader.WMA.GetCodec.c 1

G:\My Downloads\love is free sheral crow.mp3 Infected: Trojan-Downloader.WMA.GetCodec.c 1

G:\My Downloads\Venga Boys - Kiss (When The Sun Don'...).wma Infected: Trojan-Downloader.WMA.GetCodec.a 1

G:\My Downloads\winnie pooh soundtrack.mp3 Infected: Trojan-Downloader.WMA.GetCodec.c 1

The selected area was scanned.



I still need to do GMER but I hope this can get s started.

Will post asap

tenno

#9 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:02 AM

Posted 06 January 2009 - 04:05 PM

Hello.

Post back the GMER log once you are done with it. I like doing things all at once instead of going back to something that we didn't take care of. It saves more time and energy for both of us :thumbsup:

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#10 tenno

tenno
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:07:02 AM

Posted 06 January 2009 - 04:47 PM

I'm having trouble saving the log for gmer. I will try to copy it stright from the scan report. It says that it has benn copied to the clipboard, now I neeed to find that and get it too you.


GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2009-01-06 13:17:37
Windows 5.1.2600 Service Pack 3


---- System - GMER 1.0.14 ----

Code 86D14978 ZwCreateSection
Code 871973B0 ZwDuplicateObject
Code 8706F410 ZwSetInformationFile
Code 86D344E0 ZwSetSystemInformation
Code 86F8D018 ZwWriteFile
Code 86D14977 NtCreateSection
Code 871973AF NtDuplicateObject
Code 8706F40F NtSetInformationFile
Code 86F8D017 NtWriteFile

---- Kernel code sections - GMER 1.0.14 ----

PAGE ntoskrnl.exe!NtCreateSection 805652B3 7 Bytes JMP 86D1497C
PAGE ntoskrnl.exe!ZwQueryPerformanceCounter + 590 805678D8 7 Bytes JMP 86F9E01C
PAGE ntoskrnl.exe!FsRtlCurrentBatchOplock + 28D 8056CC66 7 Bytes JMP 86D2301C
PAGE ntoskrnl.exe!NtDuplicateObject 805715E0 7 Bytes JMP 871973B4
PAGE ntoskrnl.exe!NtSetInformationFile 8057494A 5 Bytes JMP 8706F414
PAGE ntoskrnl.exe!NtWriteFile 80574BF5 7 Bytes JMP 86F8D01C
PAGE ntoskrnl.exe!ZwSetSystemInformation 805A7BED 5 Bytes JMP 86D344E4
PAGE Fastfat.SYS B2B489C8 7 Bytes JMP 871994C4

---- User code sections - GMER 1.0.14 ----

.text C:\WINDOWS\Explorer.EXE[2012] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 1000D0EF C:\WINDOWS\System32\deimg40132.dll
.text C:\WINDOWS\Explorer.EXE[2012] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 1000D097 C:\WINDOWS\System32\deimg40132.dll
.text C:\WINDOWS\Explorer.EXE[2012] ADVAPI32.dll!CreateProcessAsUserW 77DEA889 5 Bytes JMP 1000D1D6 C:\WINDOWS\System32\deimg40132.dll
.text C:\WINDOWS\Explorer.EXE[2012] ADVAPI32.dll!CreateProcessAsUserA 77E10C80 5 Bytes JMP 1000D161 C:\WINDOWS\System32\deimg40132.dll
.text C:\WINDOWS\Explorer.EXE[2012] ADVAPI32.dll!CreateProcessWithLogonW 77E15FD5 5 Bytes JMP 1000D24B C:\WINDOWS\System32\deimg40132.dll
.text C:\Program Files\Webroot\Washer\WasherSvc.exe[2852] kernel32.dll!CreateThread + 1A 7C8106E1 4 Bytes [ B3, E6, 87, 83 ]

---- User IAT/EAT - GMER 1.0.14 ----

IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] [0137FDB0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!LoadLibraryA] [0137F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] [01380160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!GetProcAddress] [0137F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!LoadLibraryW] [0137FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [0137F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [0137FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [0137F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [0137F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [0137F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [0137FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [0137F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [0137F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [0137FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [0137F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [0137F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [01380160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [0137F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [0137F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [0137FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [0137F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [0137F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [0137F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [0137FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [0137FDB0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [0137FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [0137F4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [01380160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [0137F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [0137F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [0137FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [0137F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [0137F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [0137F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [0137F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [0137F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [0137F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!CreateProcessAsUserA] [0137FBD0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [0137FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [0137F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [0137F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [0137F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [0137F4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [0137F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [0137FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [0137FF90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [01380160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [0137F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [0137F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [0137F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [0137F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [0137FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [0137F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [0137F4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [01380160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [0137FDB0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [0137F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [01380160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [0137FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [0137F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [0137F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [0137F4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [0137F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\services.exe[848] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [0137F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [00EAF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [00EAF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [00EAF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [00EAF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [00EAFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [00EAF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [00EAF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [00EAF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [00EAFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [00EAF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [00EAF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [00EAFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [00EAF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [00EAF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [00EB0160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [00EAF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [00EAF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [00EAFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [00EAF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [00EAF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [00EAF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [00EAFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [00EAF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [00EAF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [00EAFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [00EAF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [00EAF4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [00EB0160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [00EAFDB0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [00EAF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [00EB0160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [00EAFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [00EAF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [00EAF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [00EAF4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [00EAF4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [00EAF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [00EAFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [00EAFF90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [00EB0160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [00EAF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [00EAF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [00EAFDB0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [00EAFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [00EAF4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [00EB0160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [00EAF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [00EAF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [00EAF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [00EAF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [00EAF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [00EAF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!CreateProcessAsUserA] [00EAFBD0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [00EAFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [00EAF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [00EAF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [00EAF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ c:\windows\system32\rpcss.dll [ADVAPI32.dll!CreateProcessAsUserW] [00EAFDB0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryA] [00EAF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!GetProcAddress] [00EAF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!CreateProcessW] [00EB0160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExA] [00EAF4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryW] [00EAFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExW] [00EAF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [00EAFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [00EAF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [00EAF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [00EAF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [00EAF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [00EAF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [00EAF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [00EAF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [00EAF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [00EAF4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [00EAF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!GetProcAddress] [00EAF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryW] [00EAFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1048] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryA] [00EAF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [0102F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [0102F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [0102F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [0102F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [0102FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [0102F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [0102F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [0102F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [0102FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [0102F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [0102F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [0102FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [0102F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [0102F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [01030160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [0102F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [0102F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [0102FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [0102F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [0102F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [0102F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [0102FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [0102F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [0102F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [0102FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [0102F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [0102F4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [01030160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [0102FDB0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [0102F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [01030160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [0102FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [0102F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [0102F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [0102F4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [0102F4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [0102F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [0102FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [0102FF90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [01030160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [0102F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [0102F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [0102FDB0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [0102FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [0102F4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [01030160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [0102F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [0102F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [0102F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [0102F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [0102F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [0102F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!CreateProcessAsUserA] [0102FBD0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [0102FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [0102F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [0102F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [0102F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ c:\windows\system32\rpcss.dll [ADVAPI32.dll!CreateProcessAsUserW] [0102FDB0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryA] [0102F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!GetProcAddress] [0102F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!CreateProcessW] [01030160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExA] [0102F4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryW] [0102FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExW] [0102F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [0102F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [0102F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [0102F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1112] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [0102F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcAddress] [01DCF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [01DCF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] [01DCF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [01DCF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [01DCFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [01DCF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [01DCF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [01DCF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [01DCFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [01DCF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [01DCF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [01DCFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [01DCF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [01DCF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [01DD0160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [01DCF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [01DCF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [01DCFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [01DCF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [01DCF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [01DCF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [01DCFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [01DCF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [01DCF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [01DCFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [01DCF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [01DCF4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [01DD0160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [01DCFDB0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [01DCF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [01DD0160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [01DCFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [01DCF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [01DCF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [01DCF4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [01DCF4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [01DCF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [01DCFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [01DCFF90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [01DD0160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [01DCF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [01DCF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [01DCFDB0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [01DCFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [01DCF4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [01DD0160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [01DCF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [01DCF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\System32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [01DCF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\System32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [01DCF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\System32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [01DCF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\System32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [01DCF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!CreateProcessAsUserA] [01DCFBD0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [01DCFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [01DCF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [01DCF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [01DCF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [01DCFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [01DCF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [01DCF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [01DCF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [01DCF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [01DCF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [01DCF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [01DCF4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [01DCF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [01DCF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1212] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [01DCF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [00B4F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [00B4F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [00B4F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [00B4F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [00B4FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [00B4F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [00B4F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [00B4F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [00B4FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [00B4F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [00B4F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [00B4FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [00B4F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [00B4F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [00B50160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [00B4F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [00B4F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [00B4FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [00B4F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [00B4F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [00B4F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [00B4FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [00B4F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [00B4F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [00B4FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [00B4F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [00B4F4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [00B50160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [00B4FDB0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [00B4F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [00B50160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [00B4FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [00B4F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [00B4F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [00B4F4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [00B4F4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [00B4F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [00B4FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [00B4FF90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [00B50160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [00B4F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [00B4F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [00B4FDB0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [00B4FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [00B4F4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [00B50160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [00B4F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [00B4F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [00B4F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [00B4F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [00B4F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [00B4F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!CreateProcessAsUserA] [00B4FBD0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [00B4FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [00B4F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [00B4F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [00B4F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [00B4F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [00B4F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [00B4F4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [00B4F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [00B4F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\system32\svchost.exe[1248] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [00B4F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcAddress] [009EF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [009EF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] [009EF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [009EF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [009EFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [009EF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [009EF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [009EF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [009EFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [009EF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [009EF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [009EFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [009EF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [009EF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [009F0160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [009EF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [009EF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [009EFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [009EF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [009EF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [009EF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [009EFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [009EF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [009EF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [009EFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [009EF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [009EF4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [009F0160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [009EFDB0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [009EF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [009F0160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [009EFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [009EF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [009EF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [009EF4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [009EF4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [009EF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [009EFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [009EFF90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [009F0160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [009EF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [009EF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [009EFDB0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [009EFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [009EF4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [009F0160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [009EF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [009EF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\System32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [009EF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\System32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [009EF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\System32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [009EF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\System32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [009EF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!CreateProcessAsUserA] [009EFBD0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [009EFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [009EF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [009EF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [009EF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [009EF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [009EF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [009EF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1476] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [009EF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcAddress] [00D4F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [00D4F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] [00D4F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [00D4F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [00D4FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [00D4F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [00D4F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [00D4F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [00D4FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [00D4F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [00D4F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [00D4FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [00D4F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [00D4F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [00D50160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [00D4F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [00D4F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [00D4FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [00D4F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [00D4F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [00D4F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [00D4FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [00D4F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [00D4F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [00D4FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [00D4F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [00D4F4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [00D50160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [00D4FDB0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [00D4F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [00D50160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [00D4FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [00D4F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [00D4F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [00D4F4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [00D4F4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [00D4F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [00D4FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [00D4FF90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [00D50160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [00D4F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [00D4F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [00D4FDB0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [00D4FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [00D4F4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [00D50160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [00D4F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [00D4F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\System32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [00D4F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\System32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [00D4F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\System32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [00D4F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\System32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [00D4F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!CreateProcessAsUserA] [00D4FBD0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [00D4FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [00D4F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [00D4F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [00D4F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [00D4F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [00D4F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [00D4F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [00D4F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!LoadLibraryW] [00D4FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!LoadLibraryA] [00D4F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[1644] @ C:\WINDOWS\system32\netapi32.dll [KERNEL32.dll!GetProcAddress] [00D4F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryExA] [0179F4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryExW] [0179F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryA] [0179F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!CreateProcessW] [017A0160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryW] [0179FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!GetProcAddress] [0179F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [0179F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [0179FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [0179F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [0179F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [0179F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [0179FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [0179F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [0179F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [0179FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [0179F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [0179F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [0179F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [0179F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [0179FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [0179F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [017A0160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [0179F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [0179F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [0179FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [0179F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [0179F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [0179FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [0179F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [0179F4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [017A0160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [0179F4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [0179F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [0179FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [0179FF90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [017A0160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [0179F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [0179F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [0179F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [0179F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [0179F4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [0179F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [0179FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [0179F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [0179F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!CreateProcessAsUserA] [0179FBD0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [0179FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [0179F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [0179F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [0179F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [0179FDB0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [0179F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [017A0160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [0179FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [0179F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [0179F6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [0179F4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [0179FDB0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [0179FA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [0179F4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [017A0160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [0179F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [0179F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [0179F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [0179F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [0179F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [0179F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [0179F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [0179F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [0179F330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\Explorer.EXE[2012] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [0179F8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcAddress] [00FDF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [00FDF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] [00FDF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [00FDF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [00FDFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [00FDF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [00FDF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [00FDF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [00FDFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [00FDF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [00FDF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [00FDFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [00FDF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [00FDF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [00FE0160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [00FDF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [00FDF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [00FDFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [00FDF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [00FDF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [00FDF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [00FDFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [00FDF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [00FDF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [00FDFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [00FDF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [00FDF4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [00FE0160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [00FDFDB0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [00FDF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [00FE0160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [00FDFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [00FDF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [00FDF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [00FDF4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [00FDF4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [00FDF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [00FDFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [00FDFF90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [00FE0160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [00FDF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [00FDF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [00FDFDB0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [00FDFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [00FDF4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [00FE0160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [00FDF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [00FDF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\System32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [00FDF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\System32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [00FDF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\System32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [00FDF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\System32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [00FDF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!CreateProcessAsUserA] [00FDFBD0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [00FDFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [00FDF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [00FDF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [00FDF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [00FDF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [00FDF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [00FDF4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [00FDF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [00FDF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2156] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [00FDF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcAddress] [009AF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [009AF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] [009AF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [009AF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [009AFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [009AF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [009AF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [009AF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [009AFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [009AF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [009AF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [009AFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [009AF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [009AF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [009B0160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [009AF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [009AF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [009AFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [009AF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [009AF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [009AF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [009AFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [009AF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [009AF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [009AFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [009AF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [009AF4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [009B0160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [009AFDB0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [009AF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [009B0160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [009AFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [009AF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [009AF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [009AF4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [009AF4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [009AF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [009AFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [009AFF90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [009B0160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [009AF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [009AF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [009AFDB0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [009AFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [009AF4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [009B0160] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [009AF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [009AF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\System32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [009AF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\System32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [009AF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\System32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [009AF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\System32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [009AF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\WININET.dll [ADVAPI32.dll!CreateProcessAsUserA] [009AFBD0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [009AFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [009AF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [009AF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [009AF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [009AF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [009AF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [009AFA50] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [009AF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [009AF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [009AF330] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [009AF8D0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [009AF4B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)
IAT C:\WINDOWS\System32\svchost.exe[2764] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [009AF6C0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.)

---- Devices - GMER 1.0.14 ----

Device \FileSystem\Fastfat \FatCdrom Code 871994C0

AttachedDevice \Driver\Tcpip \Device\Ip rp_skt32.sys (Radialpoint Filter/Radialpoint Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp rp_skt32.sys (Radialpoint Filter/Radialpoint Inc.)
AttachedDevice \Driver\Tcpip \Device\Udp rp_skt32.sys (Radialpoint Filter/Radialpoint Inc.)
AttachedDevice \Driver\Tcpip \Device\RawIp rp_skt32.sys (Radialpoint Filter/Radialpoint Inc.)

Device \FileSystem\Fastfat \Fat Code 871994C0

---- Registry - GMER 1.0.14 ----

Reg HKLM\SOFTWARE\Classes\CLSID\{636025FC-331E-3981-F590-A8933FB4DFAB}\InProcServer32@ %SystemRoot%\system32\SHELL32.dll
Reg HKLM\SOFTWARE\Classes\CLSID\{636025FC-331E-3981-F590-A8933FB4DFAB}\InProcServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{636025FC-331E-3981-F590-A8933FB4DFAB}\shellex@
Reg HKLM\SOFTWARE\Classes\CLSID\{636025FC-331E-3981-F590-A8933FB4DFAB}\shellex\MayChangeDefaultMenu
Reg HKLM\SOFTWARE\Classes\CLSID\{636025FC-331E-3981-F590-A8933FB4DFAB}\shellex\MayChangeDefaultMenu@

---- EOF - GMER 1.0.14 ----

I think I did it!

tenno

#11 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:02 AM

Posted 07 January 2009 - 04:08 PM

Hello.

Great!

What problems do you still have? Could you describe to me in your next post please. Also you had a backdoor trojan according to this link. Your computer may be already compromised so it would be best to format/reinstall according to most experts once you are infected by this kind of Trojan.

Registry Cleaner(s) Warning
The following is referring to RegCure

Please be aware that Bleeping Computer staff do not recommend the usage of registry cleaners/tools due to the following facts:
  • Registry tools can cause irreparable damage to your Operating System. This could include making your computer inoperatable.
  • These programs generally only delete "orphaned" or "dead" entries. This merely removes entries that point to files that no longer exist on your computer. Registry entries do not take up a significant amount of hardrive space. The program itself (and its own registry entries) likely occupy relatively more space.
  • The amount of improvement in performance you gain is minimal.
This is done, assuming that the major audience here at this board may be inexperienced users and thus a suggested safeguard from our side.
If you feel that your have sufficient knowledge to use such tools safely, then you are welcome to keep them.

There is some .mp3 music files that are infected so we will remove it, if you don't tell me first.

Install Recovery Console and Run ComboFix

Download Combofix from any of the links below, and save it to your desktop.

Link 1
Link 2
Link 3
  • Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix. Refer to this page if you are not sure how.
  • Close any open windows, including this one.
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • If you did not have it installed, you will see the prompt below. Choose YES.
  • Posted Image
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Note:The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you
should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    Posted Image
  • Click on Yes, to continue scanning for malware.
  • When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).
Leave your computer alone while ComboFix is running.
ComboFix will restart your computer if malware is found; allow it to do so.


Note: Please Do NOT mouseclick combofix's window while its running because it may call it to stall.

Download and run MalwareBytes Anti-Malware

Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2
  • Make sure you are connected to the Internet.
  • Double-click on Download_mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • On the Scanner tab:
    • Make sure the "Perform Quick Scan" option is selected.
    • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

For complete or visual instructions on installing and running Malwarebytes Anti-Malware please read this link

Pleaase post back with:
-Combofix log
-MBAM log
-New OTViewiT logs
-What Problems do you have


With Regards,
Extremeboy

Edited by extremeboy, 07 January 2009 - 04:14 PM.

Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#12 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:02 AM

Posted 10 January 2009 - 02:02 PM

Hi.

Are you still there?

If you are please follow the instructions in my previous post.

If you still need help, follow the instructions I have given in my response. If you have since had your problem solved, we would appreciate you letting us know so we can close the topic.

Please reply back telling us so. If you don't reply within 5-7 days the topic will need to be closed.

Thanks for understanding. :thumbsup:

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#13 tenno

tenno
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:07:02 AM

Posted 11 January 2009 - 01:38 PM

still here

having problems running combo fix.

during the "preparing log report" is reads "cannot open temp01" and then sits idle, what should I do next?

tenno

#14 tenno

tenno
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:07:02 AM

Posted 11 January 2009 - 02:33 PM

ok things are starting to work, be back with the results soon.

tenno

#15 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:02 AM

Posted 11 January 2009 - 02:39 PM

Okay.

Thanks for the update :thumbsup:

Post back the logs, once it's complete. I will need to leave again so I will get back to you ASAP.

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users