GMER 1.0.15.15641 - http://www.gmer.net Rootkit scan 2012-02-02 13:33:56 Windows 5.1.2600 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST380815AS rev.4.ADA Running: st1uzkl3.exe; Driver: C:\DOCUME~1\Rick\LOCALS~1\Temp\pgdyapob.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwAddBootEntry [0xAA00A374] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwAllocateVirtualMemory [0xAA0992B8] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwClose [0xAA02E829] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEvent [0xAA00C996] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateEventPair [0xAA00C9EE] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateIoCompletion [0xAA00CB04] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateKey [0xAA02E1DD] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateMutant [0xAA00C8EC] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSection [0xAA00CA3E] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateSemaphore [0xAA00C940] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwCreateTimer [0xAA00CAB2] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteBootEntry [0xAA00A398] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteKey [0xAA02EEEF] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDeleteValueKey [0xAA02F1A5] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwDuplicateObject [0xAA00CD88] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateKey [0xAA02ED5A] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateValueKey [0xAA02EBC5] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwFreeVirtualMemory [0xAA099368] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwLoadDriver [0xAA00A162] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwModifyBootEntry [0xAA00A3BC] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeKey [0xAA00CEFC] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwNotifyChangeMultipleKeys [0xAA00AE54] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEvent [0xAA00C9C6] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenEventPair [0xAA00CA16] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenIoCompletion [0xAA00CB2E] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenKey [0xAA02E539] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenMutant [0xAA00C918] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenProcess [0xAA00CBC0] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSection [0xAA00CA7E] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenSemaphore [0xAA00C96E] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenThread [0xAA00CCA4] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwOpenTimer [0xAA00CADC] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwProtectVirtualMemory [0xAA099400] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryKey [0xAA02EA40] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryObject [0xAA00AD1A] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwQueryValueKey [0xAA02E892] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwRenameKey [0xAA0A16E2] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwRestoreKey [0xAA02D850] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootEntryOrder [0xAA00A3E0] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetBootOptions [0xAA00A404] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemInformation [0xAA00A1BC] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetSystemPowerState [0xAA00A2F8] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSetValueKey [0xAA02EFF6] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwShutdownSystem [0xAA00A2D4] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwSystemDebugControl [0xAA00A31C] SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwVdmControl [0xAA00A428] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xAA0AE9A6] Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!ZwCallbackReturn + 2C2C 80504498 4 Bytes CALL B5B6EE9F .text ntkrnlpa.exe!ZwCallbackReturn + 2E48 805046B4 4 Bytes [40, EA, 02, AA] .text ntkrnlpa.exe!ZwCallbackReturn + 2E8C 805046F8 4 Bytes CALL FAC2F0FF PAGE ntkrnlpa.exe!ZwReplyWaitReceivePortEx + 5EC 805A533E 4 Bytes CALL AA00B4AF \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) PAGE ntkrnlpa.exe!ObMakeTemporaryObject 805BB35A 5 Bytes JMP AA0AA3DE \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ObInsertObject 805C1C90 5 Bytes JMP AA0ABE84 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) PAGE ntkrnlpa.exe!ZwCreateProcessEx 805CFE96 7 Bytes JMP AA0AE9AA \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) .text win32k.sys!EngFreeUserMem + 674 BF809B45 5 Bytes JMP AA00DE48 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngDeleteSurface + 45 BF80FBC0 5 Bytes JMP AA00DD54 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngPaint + 4EF BF8255ED 5 Bytes JMP AA00D0DA \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngUnmapFontFileFD + 1E5F BF8341A1 5 Bytes JMP AA00DFB2 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngUnmapFontFileFD + 237D BF8346BF 5 Bytes JMP AA00DCC4 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngUnmapFontFileFD + 4564 BF8368A6 5 Bytes JMP AA00E1BA \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngUnmapFontFileFD + EE3F BF841181 5 Bytes JMP AA00D14A \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!FONTOBJ_pxoGetXform + DE42 BF85AD4E 5 Bytes JMP AA00D016 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!XLATEOBJ_iXlate + 3474 BF87111B 5 Bytes JMP AA00D326 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!XLATEOBJ_iXlate + 34FF BF8711A6 5 Bytes JMP AA00D4CC \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngStretchBlt + 35C1 BF87593B 5 Bytes JMP AA00DD7E \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngGetCurrentCodePage + 411E BF894CB8 5 Bytes JMP AA00D4A4 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngGradientFill + 3AA1 BF8B6854 5 Bytes JMP AA00DEFA \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngStretchBltROP + 34B7 BF8BA260 5 Bytes JMP AA00CFFE \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngStretchBltROP + 8A22 BF8BF7CB 5 Bytes JMP AA00E118 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngAlphaBlend + 3E8 BF8C333C 5 Bytes JMP AA00D1E4 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngFillPath + 1517 BF8EB97D 5 Bytes JMP AA00D254 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngFillPath + 1797 BF8EBBFD 5 Bytes JMP AA00D28E \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!PATHOBJ_bCloseFigure + 19EF BF8F9A43 5 Bytes JMP AA00CF32 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngCreateClip + 19C1 BF913245 5 Bytes JMP AA00D096 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngCreateClip + 2595 BF913E19 5 Bytes JMP AA00D1AE \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngCreateClip + 4EF4 BF916778 5 Bytes JMP AA00D5E6 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) .text win32k.sys!EngPlgBlt + 18EC BF94468A 5 Bytes JMP AA00E070 \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Java\jre6\bin\jqs.exe[124] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001501F8 .text C:\Program Files\Java\jre6\bin\jqs.exe[124] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\Java\jre6\bin\jqs.exe[124] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001503FC .text C:\Program Files\Java\jre6\bin\jqs.exe[124] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\Java\jre6\bin\jqs.exe[124] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00381014 .text C:\Program Files\Java\jre6\bin\jqs.exe[124] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00380804 .text C:\Program Files\Java\jre6\bin\jqs.exe[124] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00380A08 .text C:\Program Files\Java\jre6\bin\jqs.exe[124] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00380C0C .text C:\Program Files\Java\jre6\bin\jqs.exe[124] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00380E10 .text C:\Program Files\Java\jre6\bin\jqs.exe[124] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003801F8 .text C:\Program Files\Java\jre6\bin\jqs.exe[124] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003803FC .text C:\Program Files\Java\jre6\bin\jqs.exe[124] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00380600 .text C:\Program Files\Java\jre6\bin\jqs.exe[124] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003901F8 .text C:\Program Files\Java\jre6\bin\jqs.exe[124] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003903FC .text C:\Program Files\Java\jre6\bin\jqs.exe[124] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00390804 .text C:\Program Files\Java\jre6\bin\jqs.exe[124] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00390A08 .text C:\Program Files\Java\jre6\bin\jqs.exe[124] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00390600 .text C:\WINDOWS\System32\svchost.exe[148] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 000901F8 .text C:\WINDOWS\System32\svchost.exe[148] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\System32\svchost.exe[148] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 000903FC .text C:\WINDOWS\System32\svchost.exe[148] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\System32\svchost.exe[148] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 002A1014 .text C:\WINDOWS\System32\svchost.exe[148] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 002A0804 .text C:\WINDOWS\System32\svchost.exe[148] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 002A0A08 .text C:\WINDOWS\System32\svchost.exe[148] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 002A0C0C .text C:\WINDOWS\System32\svchost.exe[148] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 002A0E10 .text C:\WINDOWS\System32\svchost.exe[148] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 002A01F8 .text C:\WINDOWS\System32\svchost.exe[148] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 002A03FC .text C:\WINDOWS\System32\svchost.exe[148] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 002A0600 .text C:\WINDOWS\System32\svchost.exe[148] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 002B01F8 .text C:\WINDOWS\System32\svchost.exe[148] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 002B03FC .text C:\WINDOWS\System32\svchost.exe[148] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 002B0804 .text C:\WINDOWS\System32\svchost.exe[148] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 002B0A08 .text C:\WINDOWS\System32\svchost.exe[148] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 002B0600 .text C:\WINDOWS\System32\svchost.exe[176] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 000901F8 .text C:\WINDOWS\System32\svchost.exe[176] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\System32\svchost.exe[176] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 000903FC .text C:\WINDOWS\System32\svchost.exe[176] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\System32\svchost.exe[176] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 002A1014 .text C:\WINDOWS\System32\svchost.exe[176] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 002A0804 .text C:\WINDOWS\System32\svchost.exe[176] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 002A0A08 .text C:\WINDOWS\System32\svchost.exe[176] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 002A0C0C .text C:\WINDOWS\System32\svchost.exe[176] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 002A0E10 .text C:\WINDOWS\System32\svchost.exe[176] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 002A01F8 .text C:\WINDOWS\System32\svchost.exe[176] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 002A03FC .text C:\WINDOWS\System32\svchost.exe[176] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 002A0600 .text C:\WINDOWS\System32\svchost.exe[176] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 002B01F8 .text C:\WINDOWS\System32\svchost.exe[176] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 002B03FC .text C:\WINDOWS\System32\svchost.exe[176] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 002B0804 .text C:\WINDOWS\System32\svchost.exe[176] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 002B0A08 .text C:\WINDOWS\System32\svchost.exe[176] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 002B0600 .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[208] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001501F8 .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[208] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[208] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001503FC .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[208] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[208] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003801F8 .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[208] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003803FC .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[208] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00380804 .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[208] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00380A08 .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[208] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00380600 .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[208] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00391014 .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[208] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00390804 .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[208] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00390A08 .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[208] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00390C0C .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[208] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00390E10 .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[208] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003901F8 .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[208] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003903FC .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[208] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00390600 .text C:\WINDOWS\RTHDCPL.EXE[212] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001401F8 .text C:\WINDOWS\RTHDCPL.EXE[212] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\RTHDCPL.EXE[212] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001403FC .text C:\WINDOWS\RTHDCPL.EXE[212] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\RTHDCPL.EXE[212] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003701F8 .text C:\WINDOWS\RTHDCPL.EXE[212] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003703FC .text C:\WINDOWS\RTHDCPL.EXE[212] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00370804 .text C:\WINDOWS\RTHDCPL.EXE[212] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00370A08 .text C:\WINDOWS\RTHDCPL.EXE[212] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00370600 .text C:\WINDOWS\RTHDCPL.EXE[212] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00381014 .text C:\WINDOWS\RTHDCPL.EXE[212] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00380804 .text C:\WINDOWS\RTHDCPL.EXE[212] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00380A08 .text C:\WINDOWS\RTHDCPL.EXE[212] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00380C0C .text C:\WINDOWS\RTHDCPL.EXE[212] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00380E10 .text C:\WINDOWS\RTHDCPL.EXE[212] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003801F8 .text C:\WINDOWS\RTHDCPL.EXE[212] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003803FC .text C:\WINDOWS\RTHDCPL.EXE[212] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00380600 .text C:\WINDOWS\System32\snmp.exe[216] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 000801F8 .text C:\WINDOWS\System32\snmp.exe[216] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\System32\snmp.exe[216] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 000803FC .text C:\WINDOWS\System32\snmp.exe[216] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\System32\snmp.exe[216] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 002B1014 .text C:\WINDOWS\System32\snmp.exe[216] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 002B0804 .text C:\WINDOWS\System32\snmp.exe[216] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 002B0A08 .text C:\WINDOWS\System32\snmp.exe[216] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 002B0C0C .text C:\WINDOWS\System32\snmp.exe[216] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 002B0E10 .text C:\WINDOWS\System32\snmp.exe[216] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 002B01F8 .text C:\WINDOWS\System32\snmp.exe[216] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 002B03FC .text C:\WINDOWS\System32\snmp.exe[216] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 002B0600 .text C:\WINDOWS\system32\svchost.exe[232] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 000901F8 .text C:\WINDOWS\system32\svchost.exe[232] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\system32\svchost.exe[232] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 000903FC .text C:\WINDOWS\system32\svchost.exe[232] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\system32\svchost.exe[232] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 002A1014 .text C:\WINDOWS\system32\svchost.exe[232] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 002A0804 .text C:\WINDOWS\system32\svchost.exe[232] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 002A0A08 .text C:\WINDOWS\system32\svchost.exe[232] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 002A0C0C .text C:\WINDOWS\system32\svchost.exe[232] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 002A0E10 .text C:\WINDOWS\system32\svchost.exe[232] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 002A01F8 .text C:\WINDOWS\system32\svchost.exe[232] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 002A03FC .text C:\WINDOWS\system32\svchost.exe[232] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 002A0600 .text C:\WINDOWS\system32\svchost.exe[232] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 002B01F8 .text C:\WINDOWS\system32\svchost.exe[232] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 002B03FC .text C:\WINDOWS\system32\svchost.exe[232] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 002B0804 .text C:\WINDOWS\system32\svchost.exe[232] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 002B0A08 .text C:\WINDOWS\system32\svchost.exe[232] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 002B0600 .text C:\WINDOWS\system32\hkcmd.exe[340] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001501F8 .text C:\WINDOWS\system32\hkcmd.exe[340] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\system32\hkcmd.exe[340] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001503FC .text C:\WINDOWS\system32\hkcmd.exe[340] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\system32\hkcmd.exe[340] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003901F8 .text C:\WINDOWS\system32\hkcmd.exe[340] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003903FC .text C:\WINDOWS\system32\hkcmd.exe[340] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00390804 .text C:\WINDOWS\system32\hkcmd.exe[340] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00390A08 .text C:\WINDOWS\system32\hkcmd.exe[340] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00390600 .text C:\WINDOWS\system32\hkcmd.exe[340] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 003A1014 .text C:\WINDOWS\system32\hkcmd.exe[340] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 003A0804 .text C:\WINDOWS\system32\hkcmd.exe[340] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 003A0A08 .text C:\WINDOWS\system32\hkcmd.exe[340] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 003A0C0C .text C:\WINDOWS\system32\hkcmd.exe[340] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 003A0E10 .text C:\WINDOWS\system32\hkcmd.exe[340] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003A01F8 .text C:\WINDOWS\system32\hkcmd.exe[340] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003A03FC .text C:\WINDOWS\system32\hkcmd.exe[340] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 003A0600 .text C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe[420] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001501F8 .text C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe[420] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe[420] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001503FC .text C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe[420] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe[420] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00381014 .text C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe[420] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00380804 .text C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe[420] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00380A08 .text C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe[420] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00380C0C .text C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe[420] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00380E10 .text C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe[420] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003801F8 .text C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe[420] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003803FC .text C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe[420] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00380600 .text C:\WINDOWS\System32\smss.exe[664] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\system32\csrss.exe[712] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\system32\csrss.exe[712] KERNEL32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\system32\winlogon.exe[736] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 000701F8 .text C:\WINDOWS\system32\winlogon.exe[736] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\system32\winlogon.exe[736] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 000703FC .text C:\WINDOWS\system32\winlogon.exe[736] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\system32\winlogon.exe[736] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 002A1014 .text C:\WINDOWS\system32\winlogon.exe[736] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 002A0804 .text C:\WINDOWS\system32\winlogon.exe[736] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 002A0A08 .text C:\WINDOWS\system32\winlogon.exe[736] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 002A0C0C .text C:\WINDOWS\system32\winlogon.exe[736] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 002A0E10 .text C:\WINDOWS\system32\winlogon.exe[736] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 002A01F8 .text C:\WINDOWS\system32\winlogon.exe[736] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 002A03FC .text C:\WINDOWS\system32\winlogon.exe[736] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 002A0600 .text C:\WINDOWS\system32\winlogon.exe[736] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 002B01F8 .text C:\WINDOWS\system32\winlogon.exe[736] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 002B03FC .text C:\WINDOWS\system32\winlogon.exe[736] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 002B0804 .text C:\WINDOWS\system32\winlogon.exe[736] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 002B0A08 .text C:\WINDOWS\system32\winlogon.exe[736] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 002B0600 .text C:\WINDOWS\system32\services.exe[780] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 000901F8 .text C:\WINDOWS\system32\services.exe[780] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\system32\services.exe[780] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 000903FC .text C:\WINDOWS\system32\services.exe[780] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\system32\services.exe[780] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 002A1014 .text C:\WINDOWS\system32\services.exe[780] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 002A0804 .text C:\WINDOWS\system32\services.exe[780] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 002A0A08 .text C:\WINDOWS\system32\services.exe[780] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 002A0C0C .text C:\WINDOWS\system32\services.exe[780] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 002A0E10 .text C:\WINDOWS\system32\services.exe[780] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 002A01F8 .text C:\WINDOWS\system32\services.exe[780] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 002A03FC .text C:\WINDOWS\system32\services.exe[780] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 002A0600 .text C:\WINDOWS\system32\services.exe[780] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 002B01F8 .text C:\WINDOWS\system32\services.exe[780] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 002B03FC .text C:\WINDOWS\system32\services.exe[780] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 002B0804 .text C:\WINDOWS\system32\services.exe[780] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 002B0A08 .text C:\WINDOWS\system32\services.exe[780] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 002B0600 .text C:\WINDOWS\system32\lsass.exe[792] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 000901F8 .text C:\WINDOWS\system32\lsass.exe[792] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\system32\lsass.exe[792] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 000903FC .text C:\WINDOWS\system32\lsass.exe[792] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\system32\lsass.exe[792] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 002A1014 .text C:\WINDOWS\system32\lsass.exe[792] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 002A0804 .text C:\WINDOWS\system32\lsass.exe[792] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 002A0A08 .text C:\WINDOWS\system32\lsass.exe[792] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 002A0C0C .text C:\WINDOWS\system32\lsass.exe[792] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 002A0E10 .text C:\WINDOWS\system32\lsass.exe[792] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 002A01F8 .text C:\WINDOWS\system32\lsass.exe[792] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 002A03FC .text C:\WINDOWS\system32\lsass.exe[792] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 002A0600 .text C:\WINDOWS\system32\lsass.exe[792] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 002B01F8 .text C:\WINDOWS\system32\lsass.exe[792] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 002B03FC .text C:\WINDOWS\system32\lsass.exe[792] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 002B0804 .text C:\WINDOWS\system32\lsass.exe[792] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 002B0A08 .text C:\WINDOWS\system32\lsass.exe[792] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 002B0600 .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[844] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001501F8 .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[844] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[844] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001503FC .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[844] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[844] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003801F8 .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[844] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003803FC .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[844] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00380804 .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[844] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00380A08 .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[844] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00380600 .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[844] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00391014 .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[844] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00390804 .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[844] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00390A08 .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[844] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00390C0C .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[844] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00390E10 .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[844] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003901F8 .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[844] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003903FC .text C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe[844] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00390600 .text C:\WINDOWS\system32\svchost.exe[1012] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 000901F8 .text C:\WINDOWS\system32\svchost.exe[1012] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\system32\svchost.exe[1012] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 000903FC .text C:\WINDOWS\system32\svchost.exe[1012] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\system32\svchost.exe[1012] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 002A1014 .text C:\WINDOWS\system32\svchost.exe[1012] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 002A0804 .text C:\WINDOWS\system32\svchost.exe[1012] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 002A0A08 .text C:\WINDOWS\system32\svchost.exe[1012] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 002A0C0C .text C:\WINDOWS\system32\svchost.exe[1012] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 002A0E10 .text C:\WINDOWS\system32\svchost.exe[1012] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 002A01F8 .text C:\WINDOWS\system32\svchost.exe[1012] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 002A03FC .text C:\WINDOWS\system32\svchost.exe[1012] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 002A0600 .text C:\WINDOWS\system32\svchost.exe[1012] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 002B01F8 .text C:\WINDOWS\system32\svchost.exe[1012] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 002B03FC .text C:\WINDOWS\system32\svchost.exe[1012] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 002B0804 .text C:\WINDOWS\system32\svchost.exe[1012] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 002B0A08 .text C:\WINDOWS\system32\svchost.exe[1012] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 002B0600 .text C:\WINDOWS\system32\svchost.exe[1100] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 000901F8 .text C:\WINDOWS\system32\svchost.exe[1100] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\system32\svchost.exe[1100] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 000903FC .text C:\WINDOWS\system32\svchost.exe[1100] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\system32\svchost.exe[1100] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 002A1014 .text C:\WINDOWS\system32\svchost.exe[1100] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 002A0804 .text C:\WINDOWS\system32\svchost.exe[1100] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 002A0A08 .text C:\WINDOWS\system32\svchost.exe[1100] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 002A0C0C .text C:\WINDOWS\system32\svchost.exe[1100] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 002A0E10 .text C:\WINDOWS\system32\svchost.exe[1100] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 002A01F8 .text C:\WINDOWS\system32\svchost.exe[1100] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 002A03FC .text C:\WINDOWS\system32\svchost.exe[1100] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 002A0600 .text C:\WINDOWS\system32\svchost.exe[1100] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 002B01F8 .text C:\WINDOWS\system32\svchost.exe[1100] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 002B03FC .text C:\WINDOWS\system32\svchost.exe[1100] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 002B0804 .text C:\WINDOWS\system32\svchost.exe[1100] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 002B0A08 .text C:\WINDOWS\system32\svchost.exe[1100] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 002B0600 .text C:\WINDOWS\system32\igfxtray.exe[1148] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001501F8 .text C:\WINDOWS\system32\igfxtray.exe[1148] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\system32\igfxtray.exe[1148] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001503FC .text C:\WINDOWS\system32\igfxtray.exe[1148] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\system32\igfxtray.exe[1148] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003901F8 .text C:\WINDOWS\system32\igfxtray.exe[1148] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003903FC .text C:\WINDOWS\system32\igfxtray.exe[1148] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00390804 .text C:\WINDOWS\system32\igfxtray.exe[1148] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00390A08 .text C:\WINDOWS\system32\igfxtray.exe[1148] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00390600 .text C:\WINDOWS\system32\igfxtray.exe[1148] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 003A1014 .text C:\WINDOWS\system32\igfxtray.exe[1148] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 003A0804 .text C:\WINDOWS\system32\igfxtray.exe[1148] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 003A0A08 .text C:\WINDOWS\system32\igfxtray.exe[1148] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 003A0C0C .text C:\WINDOWS\system32\igfxtray.exe[1148] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 003A0E10 .text C:\WINDOWS\system32\igfxtray.exe[1148] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003A01F8 .text C:\WINDOWS\system32\igfxtray.exe[1148] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003A03FC .text C:\WINDOWS\system32\igfxtray.exe[1148] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 003A0600 .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1188] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001501F8 .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1188] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1188] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001503FC .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1188] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1188] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003801F8 .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1188] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003803FC .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1188] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00380804 .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1188] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00380A08 .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1188] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00380600 .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1188] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00391014 .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1188] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00390804 .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1188] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00390A08 .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1188] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00390C0C .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1188] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00390E10 .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1188] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003901F8 .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1188] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003903FC .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[1188] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00390600 .text C:\WINDOWS\system32\svchost.exe[1224] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 000901F8 .text C:\WINDOWS\system32\svchost.exe[1224] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\system32\svchost.exe[1224] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 000903FC .text C:\WINDOWS\system32\svchost.exe[1224] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\system32\svchost.exe[1224] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 002A1014 .text C:\WINDOWS\system32\svchost.exe[1224] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 002A0804 .text C:\WINDOWS\system32\svchost.exe[1224] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 002A0A08 .text C:\WINDOWS\system32\svchost.exe[1224] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 002A0C0C .text C:\WINDOWS\system32\svchost.exe[1224] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 002A0E10 .text C:\WINDOWS\system32\svchost.exe[1224] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 002A01F8 .text C:\WINDOWS\system32\svchost.exe[1224] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 002A03FC .text C:\WINDOWS\system32\svchost.exe[1224] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 002A0600 .text C:\WINDOWS\system32\svchost.exe[1224] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 002B01F8 .text C:\WINDOWS\system32\svchost.exe[1224] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 002B03FC .text C:\WINDOWS\system32\svchost.exe[1224] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 002B0804 .text C:\WINDOWS\system32\svchost.exe[1224] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 002B0A08 .text C:\WINDOWS\system32\svchost.exe[1224] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 002B0600 .text C:\WINDOWS\system32\svchost.exe[1284] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 000901F8 .text C:\WINDOWS\system32\svchost.exe[1284] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\system32\svchost.exe[1284] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 000903FC .text C:\WINDOWS\system32\svchost.exe[1284] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\system32\svchost.exe[1284] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 002A1014 .text C:\WINDOWS\system32\svchost.exe[1284] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 002A0804 .text C:\WINDOWS\system32\svchost.exe[1284] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 002A0A08 .text C:\WINDOWS\system32\svchost.exe[1284] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 002A0C0C .text C:\WINDOWS\system32\svchost.exe[1284] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 002A0E10 .text C:\WINDOWS\system32\svchost.exe[1284] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 002A01F8 .text C:\WINDOWS\system32\svchost.exe[1284] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 002A03FC .text C:\WINDOWS\system32\svchost.exe[1284] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 002A0600 .text C:\WINDOWS\system32\svchost.exe[1284] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 002B01F8 .text C:\WINDOWS\system32\svchost.exe[1284] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 002B03FC .text C:\WINDOWS\system32\svchost.exe[1284] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 002B0804 .text C:\WINDOWS\system32\svchost.exe[1284] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 002B0A08 .text C:\WINDOWS\system32\svchost.exe[1284] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 002B0600 .text C:\WINDOWS\system32\svchost.exe[1296] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 000901F8 .text C:\WINDOWS\system32\svchost.exe[1296] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\system32\svchost.exe[1296] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 000903FC .text C:\WINDOWS\system32\svchost.exe[1296] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\system32\svchost.exe[1296] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 002A1014 .text C:\WINDOWS\system32\svchost.exe[1296] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 002A0804 .text C:\WINDOWS\system32\svchost.exe[1296] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 002A0A08 .text C:\WINDOWS\system32\svchost.exe[1296] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 002A0C0C .text C:\WINDOWS\system32\svchost.exe[1296] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 002A0E10 .text C:\WINDOWS\system32\svchost.exe[1296] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 002A01F8 .text C:\WINDOWS\system32\svchost.exe[1296] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 002A03FC .text C:\WINDOWS\system32\svchost.exe[1296] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 002A0600 .text C:\WINDOWS\system32\svchost.exe[1296] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 002B01F8 .text C:\WINDOWS\system32\svchost.exe[1296] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 002B03FC .text C:\WINDOWS\system32\svchost.exe[1296] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 002B0804 .text C:\WINDOWS\system32\svchost.exe[1296] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 002B0A08 .text C:\WINDOWS\system32\svchost.exe[1296] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 002B0600 .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1348] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001501F8 .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1348] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1348] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001503FC .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1348] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1348] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00381014 .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1348] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00380804 .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1348] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00380A08 .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1348] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00380C0C .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1348] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00380E10 .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1348] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003801F8 .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1348] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003803FC .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1348] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00380600 .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1348] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003901F8 .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1348] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003903FC .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1348] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00390804 .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1348] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00390A08 .text C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe[1348] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00390600 .text C:\WINDOWS\system32\wscntfy.exe[1352] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 000901F8 .text C:\WINDOWS\system32\wscntfy.exe[1352] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\system32\wscntfy.exe[1352] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 000903FC .text C:\WINDOWS\system32\wscntfy.exe[1352] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\system32\wscntfy.exe[1352] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 002C01F8 .text C:\WINDOWS\system32\wscntfy.exe[1352] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 002C03FC .text C:\WINDOWS\system32\wscntfy.exe[1352] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 002C0804 .text C:\WINDOWS\system32\wscntfy.exe[1352] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 002C0A08 .text C:\WINDOWS\system32\wscntfy.exe[1352] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 002C0600 .text C:\WINDOWS\system32\wscntfy.exe[1352] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 002D1014 .text C:\WINDOWS\system32\wscntfy.exe[1352] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 002D0804 .text C:\WINDOWS\system32\wscntfy.exe[1352] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 002D0A08 .text C:\WINDOWS\system32\wscntfy.exe[1352] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 002D0C0C .text C:\WINDOWS\system32\wscntfy.exe[1352] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 002D0E10 .text C:\WINDOWS\system32\wscntfy.exe[1352] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 002D01F8 .text C:\WINDOWS\system32\wscntfy.exe[1352] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 002D03FC .text C:\WINDOWS\system32\wscntfy.exe[1352] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 002D0600 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1356] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001501F8 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1356] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1356] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001503FC .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1356] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1356] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00381014 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1356] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00380804 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1356] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00380A08 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1356] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00380C0C .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1356] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00380E10 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1356] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003801F8 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1356] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003803FC .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1356] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00380600 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1356] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003901F8 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1356] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003903FC .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1356] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00390804 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1356] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00390A08 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[1356] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00390600 .text C:\WINDOWS\system32\svchost.exe[1376] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 000901F8 .text C:\WINDOWS\system32\svchost.exe[1376] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\system32\svchost.exe[1376] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 000903FC .text C:\WINDOWS\system32\svchost.exe[1376] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\system32\svchost.exe[1376] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 002A1014 .text C:\WINDOWS\system32\svchost.exe[1376] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 002A0804 .text C:\WINDOWS\system32\svchost.exe[1376] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 002A0A08 .text C:\WINDOWS\system32\svchost.exe[1376] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 002A0C0C .text C:\WINDOWS\system32\svchost.exe[1376] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 002A0E10 .text C:\WINDOWS\system32\svchost.exe[1376] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 002A01F8 .text C:\WINDOWS\system32\svchost.exe[1376] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 002A03FC .text C:\WINDOWS\system32\svchost.exe[1376] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 002A0600 .text C:\WINDOWS\system32\svchost.exe[1376] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 002B01F8 .text C:\WINDOWS\system32\svchost.exe[1376] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 002B03FC .text C:\WINDOWS\system32\svchost.exe[1376] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 002B0804 .text C:\WINDOWS\system32\svchost.exe[1376] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 002B0A08 .text C:\WINDOWS\system32\svchost.exe[1376] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 002B0600 .text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1488] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1488] kernel32.dll!SetUnhandledExceptionFilter 7C8447ED 4 Bytes [C2, 04, 00, 90] {RET 0x4; NOP } .text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1488] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[1516] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001501F8 .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[1516] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[1516] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001503FC .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[1516] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[1516] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00381014 .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[1516] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00380804 .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[1516] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00380A08 .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[1516] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00380C0C .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[1516] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00380E10 .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[1516] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003801F8 .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[1516] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003803FC .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[1516] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00380600 .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[1516] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003901F8 .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[1516] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003903FC .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[1516] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00390804 .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[1516] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00390A08 .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[1516] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00390600 .text C:\WINDOWS\system32\hkcmd.exe[1652] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001501F8 .text C:\WINDOWS\system32\hkcmd.exe[1652] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\system32\hkcmd.exe[1652] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001503FC .text C:\WINDOWS\system32\hkcmd.exe[1652] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\system32\hkcmd.exe[1652] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003901F8 .text C:\WINDOWS\system32\hkcmd.exe[1652] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003903FC .text C:\WINDOWS\system32\hkcmd.exe[1652] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00390804 .text C:\WINDOWS\system32\hkcmd.exe[1652] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00390A08 .text C:\WINDOWS\system32\hkcmd.exe[1652] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00390600 .text C:\WINDOWS\system32\hkcmd.exe[1652] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 003A1014 .text C:\WINDOWS\system32\hkcmd.exe[1652] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 003A0804 .text C:\WINDOWS\system32\hkcmd.exe[1652] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 003A0A08 .text C:\WINDOWS\system32\hkcmd.exe[1652] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 003A0C0C .text C:\WINDOWS\system32\hkcmd.exe[1652] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 003A0E10 .text C:\WINDOWS\system32\hkcmd.exe[1652] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003A01F8 .text C:\WINDOWS\system32\hkcmd.exe[1652] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003A03FC .text C:\WINDOWS\system32\hkcmd.exe[1652] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 003A0600 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[1656] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001401F8 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[1656] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[1656] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001403FC .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[1656] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[1656] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00371014 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[1656] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00370804 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[1656] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00370A08 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[1656] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00370C0C .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[1656] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00370E10 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[1656] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003701F8 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[1656] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003703FC .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[1656] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00370600 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[1656] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003801F8 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[1656] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003803FC .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[1656] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00380804 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[1656] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00380A08 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[1656] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00380600 .text C:\WINDOWS\system32\spoolsv.exe[1816] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 000901F8 .text C:\WINDOWS\system32\spoolsv.exe[1816] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\system32\spoolsv.exe[1816] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 000903FC .text C:\WINDOWS\system32\spoolsv.exe[1816] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\system32\spoolsv.exe[1816] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 002A1014 .text C:\WINDOWS\system32\spoolsv.exe[1816] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 002A0804 .text C:\WINDOWS\system32\spoolsv.exe[1816] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 002A0A08 .text C:\WINDOWS\system32\spoolsv.exe[1816] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 002A0C0C .text C:\WINDOWS\system32\spoolsv.exe[1816] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 002A0E10 .text C:\WINDOWS\system32\spoolsv.exe[1816] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 002A01F8 .text C:\WINDOWS\system32\spoolsv.exe[1816] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 002A03FC .text C:\WINDOWS\system32\spoolsv.exe[1816] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 002A0600 .text C:\WINDOWS\system32\spoolsv.exe[1816] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 002B01F8 .text C:\WINDOWS\system32\spoolsv.exe[1816] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 002B03FC .text C:\WINDOWS\system32\spoolsv.exe[1816] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 002B0804 .text C:\WINDOWS\system32\spoolsv.exe[1816] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 002B0A08 .text C:\WINDOWS\system32\spoolsv.exe[1816] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 002B0600 .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[1880] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001501F8 .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[1880] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[1880] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001503FC .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[1880] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[1880] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003E01F8 .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[1880] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003E03FC .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[1880] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 003E0804 .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[1880] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 003E0A08 .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[1880] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 003E0600 .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[1880] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 003F1014 .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[1880] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 003F0804 .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[1880] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 003F0A08 .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[1880] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 003F0C0C .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[1880] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 003F0E10 .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[1880] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003F01F8 .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[1880] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003F03FC .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[1880] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 003F0600 .text C:\WINDOWS\system32\svchost.exe[1928] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 000901F8 .text C:\WINDOWS\system32\svchost.exe[1928] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\system32\svchost.exe[1928] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 000903FC .text C:\WINDOWS\system32\svchost.exe[1928] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\system32\svchost.exe[1928] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 002A1014 .text C:\WINDOWS\system32\svchost.exe[1928] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 002A0804 .text C:\WINDOWS\system32\svchost.exe[1928] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 002A0A08 .text C:\WINDOWS\system32\svchost.exe[1928] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 002A0C0C .text C:\WINDOWS\system32\svchost.exe[1928] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 002A0E10 .text C:\WINDOWS\system32\svchost.exe[1928] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 002A01F8 .text C:\WINDOWS\system32\svchost.exe[1928] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 002A03FC .text C:\WINDOWS\system32\svchost.exe[1928] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 002A0600 .text C:\WINDOWS\system32\svchost.exe[1928] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 002B01F8 .text C:\WINDOWS\system32\svchost.exe[1928] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 002B03FC .text C:\WINDOWS\system32\svchost.exe[1928] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 002B0804 .text C:\WINDOWS\system32\svchost.exe[1928] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 002B0A08 .text C:\WINDOWS\system32\svchost.exe[1928] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 002B0600 .text C:\Program Files\AVAST Software\Avast\avastUI.exe[1980] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\AVAST Software\Avast\avastUI.exe[1980] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe[2020] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001401F8 .text C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe[2020] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe[2020] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001403FC .text C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe[2020] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe[2020] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00371014 .text C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe[2020] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00370804 .text C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe[2020] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00370A08 .text C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe[2020] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00370C0C .text C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe[2020] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00370E10 .text C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe[2020] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003701F8 .text C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe[2020] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003703FC .text C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe[2020] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00370600 .text C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe[2020] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003801F8 .text C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe[2020] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003803FC .text C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe[2020] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00380804 .text C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe[2020] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00380A08 .text C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe[2020] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00380600 .text C:\WINDOWS\System32\alg.exe[2060] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 000901F8 .text C:\WINDOWS\System32\alg.exe[2060] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\System32\alg.exe[2060] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 000903FC .text C:\WINDOWS\System32\alg.exe[2060] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\System32\alg.exe[2060] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 002A01F8 .text C:\WINDOWS\System32\alg.exe[2060] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 002A03FC .text C:\WINDOWS\System32\alg.exe[2060] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 002A0804 .text C:\WINDOWS\System32\alg.exe[2060] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 002A0A08 .text C:\WINDOWS\System32\alg.exe[2060] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 002A0600 .text C:\WINDOWS\System32\alg.exe[2060] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 002B1014 .text C:\WINDOWS\System32\alg.exe[2060] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 002B0804 .text C:\WINDOWS\System32\alg.exe[2060] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 002B0A08 .text C:\WINDOWS\System32\alg.exe[2060] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 002B0C0C .text C:\WINDOWS\System32\alg.exe[2060] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 002B0E10 .text C:\WINDOWS\System32\alg.exe[2060] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 002B01F8 .text C:\WINDOWS\System32\alg.exe[2060] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 002B03FC .text C:\WINDOWS\System32\alg.exe[2060] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 002B0600 .text C:\Program Files\Real\RealPlayer\update\realsched.exe[2068] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001401F8 .text C:\Program Files\Real\RealPlayer\update\realsched.exe[2068] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\Real\RealPlayer\update\realsched.exe[2068] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001403FC .text C:\Program Files\Real\RealPlayer\update\realsched.exe[2068] kernel32.dll!SetUnhandledExceptionFilter 7C8447ED 5 Bytes [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4} .text C:\Program Files\Real\RealPlayer\update\realsched.exe[2068] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\Real\RealPlayer\update\realsched.exe[2068] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003801F8 .text C:\Program Files\Real\RealPlayer\update\realsched.exe[2068] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003803FC .text C:\Program Files\Real\RealPlayer\update\realsched.exe[2068] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00380804 .text C:\Program Files\Real\RealPlayer\update\realsched.exe[2068] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00380A08 .text C:\Program Files\Real\RealPlayer\update\realsched.exe[2068] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00380600 .text C:\Program Files\Real\RealPlayer\update\realsched.exe[2068] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00391014 .text C:\Program Files\Real\RealPlayer\update\realsched.exe[2068] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00390804 .text C:\Program Files\Real\RealPlayer\update\realsched.exe[2068] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00390A08 .text C:\Program Files\Real\RealPlayer\update\realsched.exe[2068] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00390C0C .text C:\Program Files\Real\RealPlayer\update\realsched.exe[2068] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00390E10 .text C:\Program Files\Real\RealPlayer\update\realsched.exe[2068] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003901F8 .text C:\Program Files\Real\RealPlayer\update\realsched.exe[2068] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003903FC .text C:\Program Files\Real\RealPlayer\update\realsched.exe[2068] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00390600 .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[2120] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001501F8 .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[2120] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[2120] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001503FC .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[2120] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[2120] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00381014 .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[2120] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00380804 .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[2120] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00380A08 .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[2120] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00380C0C .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[2120] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00380E10 .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[2120] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003801F8 .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[2120] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003803FC .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[2120] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00380600 .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[2120] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003901F8 .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[2120] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003903FC .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[2120] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00390804 .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[2120] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00390A08 .text C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe[2120] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00390600 .text C:\WINDOWS\system32\svchost.exe[2148] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 000A01F8 .text C:\WINDOWS\system32\svchost.exe[2148] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\system32\svchost.exe[2148] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 000A03FC .text C:\WINDOWS\system32\svchost.exe[2148] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\system32\svchost.exe[2148] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 002B1014 .text C:\WINDOWS\system32\svchost.exe[2148] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 002B0804 .text C:\WINDOWS\system32\svchost.exe[2148] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 002B0A08 .text C:\WINDOWS\system32\svchost.exe[2148] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 002B0C0C .text C:\WINDOWS\system32\svchost.exe[2148] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 002B0E10 .text C:\WINDOWS\system32\svchost.exe[2148] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 002B01F8 .text C:\WINDOWS\system32\svchost.exe[2148] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 002B03FC .text C:\WINDOWS\system32\svchost.exe[2148] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 002B0600 .text C:\WINDOWS\system32\svchost.exe[2148] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 002C01F8 .text C:\WINDOWS\system32\svchost.exe[2148] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 002C03FC .text C:\WINDOWS\system32\svchost.exe[2148] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 002C0804 .text C:\WINDOWS\system32\svchost.exe[2148] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 002C0A08 .text C:\WINDOWS\system32\svchost.exe[2148] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 002C0600 .text C:\WINDOWS\system32\wscntfy.exe[2200] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 000901F8 .text C:\WINDOWS\system32\wscntfy.exe[2200] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\system32\wscntfy.exe[2200] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 000903FC .text C:\WINDOWS\system32\wscntfy.exe[2200] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\system32\wscntfy.exe[2200] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 002C01F8 .text C:\WINDOWS\system32\wscntfy.exe[2200] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 002C03FC .text C:\WINDOWS\system32\wscntfy.exe[2200] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 002C0804 .text C:\WINDOWS\system32\wscntfy.exe[2200] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 002C0A08 .text C:\WINDOWS\system32\wscntfy.exe[2200] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 002C0600 .text C:\WINDOWS\system32\wscntfy.exe[2200] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 002D1014 .text C:\WINDOWS\system32\wscntfy.exe[2200] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 002D0804 .text C:\WINDOWS\system32\wscntfy.exe[2200] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 002D0A08 .text C:\WINDOWS\system32\wscntfy.exe[2200] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 002D0C0C .text C:\WINDOWS\system32\wscntfy.exe[2200] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 002D0E10 .text C:\WINDOWS\system32\wscntfy.exe[2200] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 002D01F8 .text C:\WINDOWS\system32\wscntfy.exe[2200] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 002D03FC .text C:\WINDOWS\system32\wscntfy.exe[2200] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 002D0600 .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[2272] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001501F8 .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[2272] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[2272] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001503FC .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[2272] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[2272] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003E01F8 .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[2272] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003E03FC .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[2272] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 003E0804 .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[2272] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 003E0A08 .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[2272] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 003E0600 .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[2272] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 003F1014 .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[2272] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 003F0804 .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[2272] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 003F0A08 .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[2272] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 003F0C0C .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[2272] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 003F0E10 .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[2272] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003F01F8 .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[2272] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003F03FC .text C:\Program Files\Leapfrog\FlyWorld\bin\FlyMonitor.exe[2272] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 003F0600 .text C:\Program Files\Common Files\SupportSoft\bin\bcont.exe[2296] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001501F8 .text C:\Program Files\Common Files\SupportSoft\bin\bcont.exe[2296] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\Common Files\SupportSoft\bin\bcont.exe[2296] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001503FC .text C:\Program Files\Common Files\SupportSoft\bin\bcont.exe[2296] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\Common Files\SupportSoft\bin\bcont.exe[2296] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003801F8 .text C:\Program Files\Common Files\SupportSoft\bin\bcont.exe[2296] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003803FC .text C:\Program Files\Common Files\SupportSoft\bin\bcont.exe[2296] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00380804 .text C:\Program Files\Common Files\SupportSoft\bin\bcont.exe[2296] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00380A08 .text C:\Program Files\Common Files\SupportSoft\bin\bcont.exe[2296] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00380600 .text C:\Program Files\Common Files\SupportSoft\bin\bcont.exe[2296] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00391014 .text C:\Program Files\Common Files\SupportSoft\bin\bcont.exe[2296] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00390804 .text C:\Program Files\Common Files\SupportSoft\bin\bcont.exe[2296] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00390A08 .text C:\Program Files\Common Files\SupportSoft\bin\bcont.exe[2296] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00390C0C .text C:\Program Files\Common Files\SupportSoft\bin\bcont.exe[2296] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00390E10 .text C:\Program Files\Common Files\SupportSoft\bin\bcont.exe[2296] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003901F8 .text C:\Program Files\Common Files\SupportSoft\bin\bcont.exe[2296] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003903FC .text C:\Program Files\Common Files\SupportSoft\bin\bcont.exe[2296] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00390600 .text C:\WINDOWS\system32\wuauclt.exe[2316] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 000A01F8 .text C:\WINDOWS\system32\wuauclt.exe[2316] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\system32\wuauclt.exe[2316] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 000A03FC .text C:\WINDOWS\system32\wuauclt.exe[2316] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\system32\wuauclt.exe[2316] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 002B01F8 .text C:\WINDOWS\system32\wuauclt.exe[2316] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 002B03FC .text C:\WINDOWS\system32\wuauclt.exe[2316] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 002B0804 .text C:\WINDOWS\system32\wuauclt.exe[2316] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 002B0A08 .text C:\WINDOWS\system32\wuauclt.exe[2316] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 002B0600 .text C:\WINDOWS\system32\wuauclt.exe[2316] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 002C1014 .text C:\WINDOWS\system32\wuauclt.exe[2316] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 002C0804 .text C:\WINDOWS\system32\wuauclt.exe[2316] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 002C0A08 .text C:\WINDOWS\system32\wuauclt.exe[2316] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 002C0C0C .text C:\WINDOWS\system32\wuauclt.exe[2316] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 3 Bytes JMP 002C0E10 .text C:\WINDOWS\system32\wuauclt.exe[2316] ADVAPI32.dll!ChangeServiceConfig2W + 4 77E372D5 1 Byte [88] .text C:\WINDOWS\system32\wuauclt.exe[2316] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 002C01F8 .text C:\WINDOWS\system32\wuauclt.exe[2316] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 002C03FC .text C:\WINDOWS\system32\wuauclt.exe[2316] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 002C0600 .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2408] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001501F8 .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2408] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2408] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001503FC .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2408] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2408] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00381014 .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2408] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00380804 .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2408] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00380A08 .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2408] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00380C0C .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2408] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00380E10 .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2408] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003801F8 .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2408] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003803FC .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2408] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00380600 .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2408] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003901F8 .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2408] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003903FC .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2408] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00390804 .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2408] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00390A08 .text C:\Program Files\Common Files\Java\Java Update\jucheck.exe[2408] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00390600 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[2468] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001401F8 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[2468] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[2468] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001403FC .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[2468] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[2468] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003701F8 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[2468] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003703FC .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[2468] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00370804 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[2468] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00370A08 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[2468] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00370600 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[2468] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00381014 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[2468] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00380804 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[2468] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00380A08 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[2468] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00380C0C .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[2468] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00380E10 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[2468] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003801F8 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[2468] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003803FC .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[2468] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00380600 .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[2504] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001501F8 .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[2504] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[2504] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001503FC .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[2504] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[2504] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003801F8 .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[2504] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003803FC .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[2504] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00380804 .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[2504] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00380A08 .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[2504] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00380600 .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[2504] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00391014 .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[2504] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00390804 .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[2504] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00390A08 .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[2504] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00390C0C .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[2504] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00390E10 .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[2504] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003901F8 .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[2504] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003903FC .text C:\Program Files\HP\HP Software Update\HPWuSchd2.exe[2504] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00390600 .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[2556] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001501F8 .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[2556] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[2556] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001503FC .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[2556] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[2556] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00381014 .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[2556] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00380804 .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[2556] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00380A08 .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[2556] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00380C0C .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[2556] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00380E10 .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[2556] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003801F8 .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[2556] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003803FC .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[2556] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00380600 .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[2556] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003901F8 .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[2556] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003903FC .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[2556] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00390804 .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[2556] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00390A08 .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[2556] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00390600 .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[2580] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001501F8 .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[2580] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[2580] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001503FC .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[2580] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[2580] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003801F8 .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[2580] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003803FC .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[2580] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00380804 .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[2580] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00380A08 .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[2580] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00380600 .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[2580] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00391014 .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[2580] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00390804 .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[2580] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00390A08 .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[2580] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00390C0C .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[2580] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00390E10 .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[2580] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003901F8 .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[2580] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003903FC .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[2580] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00390600 .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2756] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001401F8 .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2756] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2756] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001403FC .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2756] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2756] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00371014 .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2756] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00370804 .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2756] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00370A08 .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2756] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00370C0C .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2756] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00370E10 .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2756] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003701F8 .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2756] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003703FC .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2756] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00370600 .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2756] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003801F8 .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2756] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003803FC .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2756] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00380804 .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2756] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00380A08 .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[2756] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00380600 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[2836] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001401F8 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[2836] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[2836] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001403FC .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[2836] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[2836] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00371014 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[2836] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00370804 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[2836] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00370A08 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[2836] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00370C0C .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[2836] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00370E10 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[2836] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003701F8 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[2836] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003703FC .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[2836] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00370600 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[2836] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003801F8 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[2836] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003803FC .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[2836] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00380804 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[2836] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00380A08 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmon.exe[2836] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00380600 .text C:\WINDOWS\system32\igfxsrvc.exe[2936] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001501F8 .text C:\WINDOWS\system32\igfxsrvc.exe[2936] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\system32\igfxsrvc.exe[2936] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001503FC .text C:\WINDOWS\system32\igfxsrvc.exe[2936] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\system32\igfxsrvc.exe[2936] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003801F8 .text C:\WINDOWS\system32\igfxsrvc.exe[2936] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003803FC .text C:\WINDOWS\system32\igfxsrvc.exe[2936] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00380804 .text C:\WINDOWS\system32\igfxsrvc.exe[2936] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00380A08 .text C:\WINDOWS\system32\igfxsrvc.exe[2936] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00380600 .text C:\WINDOWS\system32\igfxsrvc.exe[2936] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00391014 .text C:\WINDOWS\system32\igfxsrvc.exe[2936] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00390804 .text C:\WINDOWS\system32\igfxsrvc.exe[2936] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00390A08 .text C:\WINDOWS\system32\igfxsrvc.exe[2936] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00390C0C .text C:\WINDOWS\system32\igfxsrvc.exe[2936] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00390E10 .text C:\WINDOWS\system32\igfxsrvc.exe[2936] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003901F8 .text C:\WINDOWS\system32\igfxsrvc.exe[2936] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003903FC .text C:\WINDOWS\system32\igfxsrvc.exe[2936] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00390600 .text C:\WINDOWS\RTHDCPL.EXE[2948] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001401F8 .text C:\WINDOWS\RTHDCPL.EXE[2948] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\RTHDCPL.EXE[2948] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001403FC .text C:\WINDOWS\RTHDCPL.EXE[2948] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\RTHDCPL.EXE[2948] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003701F8 .text C:\WINDOWS\RTHDCPL.EXE[2948] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003703FC .text C:\WINDOWS\RTHDCPL.EXE[2948] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00370804 .text C:\WINDOWS\RTHDCPL.EXE[2948] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00370A08 .text C:\WINDOWS\RTHDCPL.EXE[2948] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00370600 .text C:\WINDOWS\RTHDCPL.EXE[2948] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00381014 .text C:\WINDOWS\RTHDCPL.EXE[2948] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00380804 .text C:\WINDOWS\RTHDCPL.EXE[2948] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00380A08 .text C:\WINDOWS\RTHDCPL.EXE[2948] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00380C0C .text C:\WINDOWS\RTHDCPL.EXE[2948] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00380E10 .text C:\WINDOWS\RTHDCPL.EXE[2948] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003801F8 .text C:\WINDOWS\RTHDCPL.EXE[2948] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003803FC .text C:\WINDOWS\RTHDCPL.EXE[2948] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00380600 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3004] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001501F8 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3004] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3004] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001503FC .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3004] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3004] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00381014 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3004] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00380804 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3004] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00380A08 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3004] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00380C0C .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3004] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00380E10 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3004] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003801F8 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3004] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003803FC .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3004] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00380600 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3004] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003901F8 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3004] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003903FC .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3004] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00390804 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3004] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00390A08 .text C:\Program Files\Common Files\Java\Java Update\jusched.exe[3004] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00390600 .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[3140] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001401F8 .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[3140] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[3140] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001403FC .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[3140] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[3140] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00371014 .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[3140] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00370804 .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[3140] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00370A08 .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[3140] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00370C0C .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[3140] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00370E10 .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[3140] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003701F8 .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[3140] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003703FC .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[3140] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00370600 .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[3140] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003801F8 .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[3140] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003803FC .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[3140] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00380804 .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[3140] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00380A08 .text C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe[3140] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00380600 .text C:\Program Files\Winamp\winampa.exe[3168] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 000801F8 .text C:\Program Files\Winamp\winampa.exe[3168] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\Winamp\winampa.exe[3168] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 000803FC .text C:\Program Files\Winamp\winampa.exe[3168] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\Winamp\winampa.exe[3168] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 002C1014 .text C:\Program Files\Winamp\winampa.exe[3168] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 002C0804 .text C:\Program Files\Winamp\winampa.exe[3168] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 002C0A08 .text C:\Program Files\Winamp\winampa.exe[3168] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 002C0C0C .text C:\Program Files\Winamp\winampa.exe[3168] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 3 Bytes JMP 002C0E10 .text C:\Program Files\Winamp\winampa.exe[3168] ADVAPI32.dll!ChangeServiceConfig2W + 4 77E372D5 1 Byte [88] .text C:\Program Files\Winamp\winampa.exe[3168] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 002C01F8 .text C:\Program Files\Winamp\winampa.exe[3168] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 002C03FC .text C:\Program Files\Winamp\winampa.exe[3168] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 002C0600 .text C:\Program Files\Winamp\winampa.exe[3168] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 002D01F8 .text C:\Program Files\Winamp\winampa.exe[3168] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 002D03FC .text C:\Program Files\Winamp\winampa.exe[3168] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 002D0804 .text C:\Program Files\Winamp\winampa.exe[3168] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 002D0A08 .text C:\Program Files\Winamp\winampa.exe[3168] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 002D0600 .text C:\Program Files\Gratitude Journal\Sticky.exe[3268] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001401F8 .text C:\Program Files\Gratitude Journal\Sticky.exe[3268] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\Gratitude Journal\Sticky.exe[3268] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001403FC .text C:\Program Files\Gratitude Journal\Sticky.exe[3268] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\Gratitude Journal\Sticky.exe[3268] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003701F8 .text C:\Program Files\Gratitude Journal\Sticky.exe[3268] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003703FC .text C:\Program Files\Gratitude Journal\Sticky.exe[3268] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00370804 .text C:\Program Files\Gratitude Journal\Sticky.exe[3268] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00370A08 .text C:\Program Files\Gratitude Journal\Sticky.exe[3268] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00370600 .text C:\Program Files\Gratitude Journal\Sticky.exe[3268] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00381014 .text C:\Program Files\Gratitude Journal\Sticky.exe[3268] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00380804 .text C:\Program Files\Gratitude Journal\Sticky.exe[3268] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00380A08 .text C:\Program Files\Gratitude Journal\Sticky.exe[3268] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00380C0C .text C:\Program Files\Gratitude Journal\Sticky.exe[3268] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00380E10 .text C:\Program Files\Gratitude Journal\Sticky.exe[3268] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003801F8 .text C:\Program Files\Gratitude Journal\Sticky.exe[3268] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003803FC .text C:\Program Files\Gratitude Journal\Sticky.exe[3268] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00380600 .text C:\Program Files\AVAST Software\Avast\avastUI.exe[3292] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\AVAST Software\Avast\avastUI.exe[3292] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\Winamp\winampa.exe[3344] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 000801F8 .text C:\Program Files\Winamp\winampa.exe[3344] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\Winamp\winampa.exe[3344] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 000803FC .text C:\Program Files\Winamp\winampa.exe[3344] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\Winamp\winampa.exe[3344] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 002C1014 .text C:\Program Files\Winamp\winampa.exe[3344] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 002C0804 .text C:\Program Files\Winamp\winampa.exe[3344] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 002C0A08 .text C:\Program Files\Winamp\winampa.exe[3344] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 002C0C0C .text C:\Program Files\Winamp\winampa.exe[3344] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 3 Bytes JMP 002C0E10 .text C:\Program Files\Winamp\winampa.exe[3344] ADVAPI32.dll!ChangeServiceConfig2W + 4 77E372D5 1 Byte [88] .text C:\Program Files\Winamp\winampa.exe[3344] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 002C01F8 .text C:\Program Files\Winamp\winampa.exe[3344] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 002C03FC .text C:\Program Files\Winamp\winampa.exe[3344] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 002C0600 .text C:\Program Files\Winamp\winampa.exe[3344] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 002D01F8 .text C:\Program Files\Winamp\winampa.exe[3344] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 002D03FC .text C:\Program Files\Winamp\winampa.exe[3344] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 002D0804 .text C:\Program Files\Winamp\winampa.exe[3344] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 002D0A08 .text C:\Program Files\Winamp\winampa.exe[3344] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 002D0600 .text C:\WINDOWS\system32\igfxpers.exe[3452] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001501F8 .text C:\WINDOWS\system32\igfxpers.exe[3452] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\system32\igfxpers.exe[3452] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001503FC .text C:\WINDOWS\system32\igfxpers.exe[3452] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\system32\igfxpers.exe[3452] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003801F8 .text C:\WINDOWS\system32\igfxpers.exe[3452] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003803FC .text C:\WINDOWS\system32\igfxpers.exe[3452] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00380804 .text C:\WINDOWS\system32\igfxpers.exe[3452] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00380A08 .text C:\WINDOWS\system32\igfxpers.exe[3452] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00380600 .text C:\WINDOWS\system32\igfxpers.exe[3452] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00391014 .text C:\WINDOWS\system32\igfxpers.exe[3452] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00390804 .text C:\WINDOWS\system32\igfxpers.exe[3452] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00390A08 .text C:\WINDOWS\system32\igfxpers.exe[3452] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00390C0C .text C:\WINDOWS\system32\igfxpers.exe[3452] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00390E10 .text C:\WINDOWS\system32\igfxpers.exe[3452] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003901F8 .text C:\WINDOWS\system32\igfxpers.exe[3452] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003903FC .text C:\WINDOWS\system32\igfxpers.exe[3452] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00390600 .text C:\WINDOWS\Explorer.EXE[3540] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 000A01F8 .text C:\WINDOWS\Explorer.EXE[3540] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\Explorer.EXE[3540] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 000A03FC .text C:\WINDOWS\Explorer.EXE[3540] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\Explorer.EXE[3540] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 002C1014 .text C:\WINDOWS\Explorer.EXE[3540] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 002C0804 .text C:\WINDOWS\Explorer.EXE[3540] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 002C0A08 .text C:\WINDOWS\Explorer.EXE[3540] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 002C0C0C .text C:\WINDOWS\Explorer.EXE[3540] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 3 Bytes JMP 002C0E10 .text C:\WINDOWS\Explorer.EXE[3540] ADVAPI32.dll!ChangeServiceConfig2W + 4 77E372D5 1 Byte [88] .text C:\WINDOWS\Explorer.EXE[3540] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 002C01F8 .text C:\WINDOWS\Explorer.EXE[3540] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 002C03FC .text C:\WINDOWS\Explorer.EXE[3540] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 002C0600 .text C:\WINDOWS\Explorer.EXE[3540] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 002D01F8 .text C:\WINDOWS\Explorer.EXE[3540] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 002D03FC .text C:\WINDOWS\Explorer.EXE[3540] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 002D0804 .text C:\WINDOWS\Explorer.EXE[3540] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 002D0A08 .text C:\WINDOWS\Explorer.EXE[3540] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 002D0600 .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3564] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001501F8 .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3564] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3564] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001503FC .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3564] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3564] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00381014 .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3564] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00380804 .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3564] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00380A08 .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3564] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00380C0C .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3564] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00380E10 .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3564] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003801F8 .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3564] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003803FC .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3564] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00380600 .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3564] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003901F8 .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3564] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003903FC .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3564] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00390804 .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3564] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00390A08 .text C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe[3564] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00390600 .text C:\Documents and Settings\Rick\Desktop\st1uzkl3.exe[3648] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Documents and Settings\Rick\Desktop\st1uzkl3.exe[3648] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[3668] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001401F8 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[3668] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[3668] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001403FC .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[3668] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[3668] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003701F8 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[3668] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003703FC .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[3668] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00370804 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[3668] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00370A08 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[3668] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00370600 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[3668] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00381014 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[3668] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00380804 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[3668] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00380A08 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[3668] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00380C0C .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[3668] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00380E10 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[3668] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003801F8 .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[3668] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003803FC .text C:\Program Files\Dell Photo AIO Printer 922\dlbtbmgr.exe[3668] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00380600 .text C:\WINDOWS\Explorer.EXE[3696] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 000901F8 .text C:\WINDOWS\Explorer.EXE[3696] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\Explorer.EXE[3696] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 000903FC .text C:\WINDOWS\Explorer.EXE[3696] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\Explorer.EXE[3696] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 002B1014 .text C:\WINDOWS\Explorer.EXE[3696] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 002B0804 .text C:\WINDOWS\Explorer.EXE[3696] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 002B0A08 .text C:\WINDOWS\Explorer.EXE[3696] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 002B0C0C .text C:\WINDOWS\Explorer.EXE[3696] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 002B0E10 .text C:\WINDOWS\Explorer.EXE[3696] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 002B01F8 .text C:\WINDOWS\Explorer.EXE[3696] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 002B03FC .text C:\WINDOWS\Explorer.EXE[3696] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 002B0600 .text C:\WINDOWS\Explorer.EXE[3696] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 002C01F8 .text C:\WINDOWS\Explorer.EXE[3696] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 002C03FC .text C:\WINDOWS\Explorer.EXE[3696] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 002C0804 .text C:\WINDOWS\Explorer.EXE[3696] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 002C0A08 .text C:\WINDOWS\Explorer.EXE[3696] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 002C0600 .text C:\WINDOWS\system32\winlogon.exe[3736] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 000701F8 .text C:\WINDOWS\system32\winlogon.exe[3736] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\system32\winlogon.exe[3736] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 000703FC .text C:\WINDOWS\system32\winlogon.exe[3736] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\system32\winlogon.exe[3736] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 002A1014 .text C:\WINDOWS\system32\winlogon.exe[3736] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 002A0804 .text C:\WINDOWS\system32\winlogon.exe[3736] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 002A0A08 .text C:\WINDOWS\system32\winlogon.exe[3736] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 002A0C0C .text C:\WINDOWS\system32\winlogon.exe[3736] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 002A0E10 .text C:\WINDOWS\system32\winlogon.exe[3736] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 002A01F8 .text C:\WINDOWS\system32\winlogon.exe[3736] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 002A03FC .text C:\WINDOWS\system32\winlogon.exe[3736] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 002A0600 .text C:\WINDOWS\system32\winlogon.exe[3736] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 002B01F8 .text C:\WINDOWS\system32\winlogon.exe[3736] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 002B03FC .text C:\WINDOWS\system32\winlogon.exe[3736] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 002B0804 .text C:\WINDOWS\system32\winlogon.exe[3736] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 002B0A08 .text C:\WINDOWS\system32\winlogon.exe[3736] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 002B0600 .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[3752] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001501F8 .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[3752] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[3752] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001503FC .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[3752] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[3752] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003801F8 .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[3752] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003803FC .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[3752] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00380804 .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[3752] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00380A08 .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[3752] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00380600 .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[3752] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00391014 .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[3752] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00390804 .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[3752] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00390A08 .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[3752] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00390C0C .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[3752] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00390E10 .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[3752] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003901F8 .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[3752] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003903FC .text C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe[3752] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00390600 .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3776] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001401F8 .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3776] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3776] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001403FC .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3776] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3776] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003701F8 .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3776] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003703FC .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3776] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00370804 .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3776] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00370A08 .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3776] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00370600 .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3776] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00381014 .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3776] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00380804 .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3776] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00380A08 .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3776] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00380C0C .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3776] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00380E10 .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3776] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003801F8 .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3776] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003803FC .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3776] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00380600 .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3828] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001401F8 .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3828] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3828] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001403FC .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3828] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3828] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003701F8 .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3828] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003703FC .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3828] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00370804 .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3828] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00370A08 .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3828] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00370600 .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3828] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00381014 .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3828] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00380804 .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3828] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00380A08 .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3828] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00380C0C .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3828] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00380E10 .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3828] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003801F8 .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3828] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003803FC .text C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe[3828] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00380600 .text C:\WINDOWS\system32\igfxsrvc.exe[3972] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001501F8 .text C:\WINDOWS\system32\igfxsrvc.exe[3972] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\system32\igfxsrvc.exe[3972] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001503FC .text C:\WINDOWS\system32\igfxsrvc.exe[3972] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\system32\igfxsrvc.exe[3972] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003801F8 .text C:\WINDOWS\system32\igfxsrvc.exe[3972] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003803FC .text C:\WINDOWS\system32\igfxsrvc.exe[3972] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00380804 .text C:\WINDOWS\system32\igfxsrvc.exe[3972] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00380A08 .text C:\WINDOWS\system32\igfxsrvc.exe[3972] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00380600 .text C:\WINDOWS\system32\igfxsrvc.exe[3972] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00391014 .text C:\WINDOWS\system32\igfxsrvc.exe[3972] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00390804 .text C:\WINDOWS\system32\igfxsrvc.exe[3972] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00390A08 .text C:\WINDOWS\system32\igfxsrvc.exe[3972] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00390C0C .text C:\WINDOWS\system32\igfxsrvc.exe[3972] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00390E10 .text C:\WINDOWS\system32\igfxsrvc.exe[3972] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003901F8 .text C:\WINDOWS\system32\igfxsrvc.exe[3972] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003903FC .text C:\WINDOWS\system32\igfxsrvc.exe[3972] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00390600 .text C:\WINDOWS\system32\igfxpers.exe[4012] ntdll.dll!LdrLoadDll 7C915CD3 5 Bytes JMP 001501F8 .text C:\WINDOWS\system32\igfxpers.exe[4012] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\system32\igfxpers.exe[4012] ntdll.dll!LdrUnloadDll 7C916C9B 5 Bytes JMP 001503FC .text C:\WINDOWS\system32\igfxpers.exe[4012] kernel32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] .text C:\WINDOWS\system32\igfxpers.exe[4012] USER32.dll!SetWinEventHook 77D6E3D3 5 Bytes JMP 003801F8 .text C:\WINDOWS\system32\igfxpers.exe[4012] USER32.dll!UnhookWinEvent 77D6E544 5 Bytes JMP 003803FC .text C:\WINDOWS\system32\igfxpers.exe[4012] USER32.dll!SetWindowsHookExW 77D6E621 5 Bytes JMP 00380804 .text C:\WINDOWS\system32\igfxpers.exe[4012] USER32.dll!UnhookWindowsHookEx 77D6F29F 5 Bytes JMP 00380A08 .text C:\WINDOWS\system32\igfxpers.exe[4012] USER32.dll!SetWindowsHookExA 77D702B2 5 Bytes JMP 00380600 .text C:\WINDOWS\system32\igfxpers.exe[4012] ADVAPI32.dll!SetServiceObjectSecurity 77E36EC9 5 Bytes JMP 00391014 .text C:\WINDOWS\system32\igfxpers.exe[4012] ADVAPI32.dll!ChangeServiceConfigA 77E36FB1 5 Bytes JMP 00390804 .text C:\WINDOWS\system32\igfxpers.exe[4012] ADVAPI32.dll!ChangeServiceConfigW 77E37149 5 Bytes JMP 00390A08 .text C:\WINDOWS\system32\igfxpers.exe[4012] ADVAPI32.dll!ChangeServiceConfig2A 77E37249 5 Bytes JMP 00390C0C .text C:\WINDOWS\system32\igfxpers.exe[4012] ADVAPI32.dll!ChangeServiceConfig2W 77E372D1 5 Bytes JMP 00390E10 .text C:\WINDOWS\system32\igfxpers.exe[4012] ADVAPI32.dll!CreateServiceA 77E37359 5 Bytes JMP 003901F8 .text C:\WINDOWS\system32\igfxpers.exe[4012] ADVAPI32.dll!CreateServiceW 77E374F1 5 Bytes JMP 003903FC .text C:\WINDOWS\system32\igfxpers.exe[4012] ADVAPI32.dll!DeleteService 77E375F9 5 Bytes JMP 00390600 .text C:\WINDOWS\system32\csrss.exe[4068] ntdll.dll!RtlDosSearchPath_U + 1D1 7C916ADA 1 Byte [62] .text C:\WINDOWS\system32\csrss.exe[4068] KERNEL32.dll!GetBinaryTypeW + 80 7C867E3C 1 Byte [62] ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[148] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\System32\svchost.exe [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\System32\svchost.exe[176] @ C:\WINDOWS\System32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[232] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\winlogon.exe [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[736] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\services.exe[780] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ c:\windows\system32\rpcss.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1012] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ c:\windows\system32\rpcss.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ c:\windows\system32\rpcss.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1100] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1224] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1284] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1296] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ c:\windows\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1376] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ c:\windows\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ c:\windows\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[1928] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\svchost.exe [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\svchost.exe[2148] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3540] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryExA] [00C5FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryExW] [00C5FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryA] [00C5FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!CreateProcessW] [00C60910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!FreeLibrary] [00C5FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!LoadLibraryW] [00C601B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\Explorer.EXE [KERNEL32.dll!GetProcAddress] [00C5F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [00C5F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [00C5FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [00C5FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [00C60740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [00C60910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [00C5FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [00C601B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [00C5FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [00C5FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [00C5F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [00C5FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [00C601B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [00C5F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [00C5FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [00C5FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [00C601B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [00C5F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [00C5FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [00C5FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [00C5FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [00C5FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [00C5F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [00C601B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [00C5FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [00C60910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [00C5FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [00C5F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [00C601B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [00C5FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [00C5FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [00C5FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [00C601B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [00C60740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [00C60910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [00C5FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [00C5FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [00C5F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [00C60560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [00C5FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [00C60910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [00C601B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [00C5F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [00C5FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [00C5FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [00C5FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [00C5F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [00C5FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [00C5FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [00C601B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [00C5FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [00C5FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [00C60910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] [00C5FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [00C5F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [00C5FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [00C5FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [00C5FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [00C601B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [00C5FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] [00C5FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [00C5F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExA] [00C5FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [00C601B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [00C5F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [00C5FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!FreeLibrary] [00C5FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [00C60560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [00C601B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [00C5FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [00C60910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [00C5F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [00C5FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [00C5FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [00C5F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [00C5FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [00C5FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [00C5FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [00C5FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [00C5F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] [00C5FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [00C5F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [00C5FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [00C5FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [00C5FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\Explorer.EXE[3696] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [00C5F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\winlogon.exe [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\winlogon.exe [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\USERENV.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\REGAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\SHELL32.dll [ADVAPI32.dll!CreateProcessAsUserW] [10010560] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessA] [10010740] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [100101B0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [1000FD90] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [1000FB40] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateProcessW] [10010910] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!FreeLibrary] [1000FA00] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [1000F890] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) IAT C:\WINDOWS\system32\winlogon.exe[3736] @ C:\WINDOWS\system32\iphlpapi.dll [KERNEL32.dll!LoadLibraryA] [1000FFE0] C:\Program Files\CA\PPRT\bin\CACheck.dll (API interceptors/CA, Inc.) ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software) AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software) AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software) Device \FileSystem\Fastfat \Fat A85D2C8A AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software) Device \FileSystem\Cdfs \Cdfs DLAIFS_M.SYS (Drive Letter Access Component/Roxio) ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthboetqpooyxgpodvjkctqmomstifemnnn@start 1 Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthboetqpooyxgpodvjkctqmomstifemnnn@type 1 Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthboetqpooyxgpodvjkctqmomstifemnnn@group file system Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthboetqpooyxgpodvjkctqmomstifemnnn@imagepath \systemroot\system32\drivers\ovfsthjxujnruufhlianhlvmnitysardogjipe.sys Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@DeviceNotSelectedTimeout 15 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@GDIProcessHandleQuota 10000 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@Spooler yes Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@swapdisk Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@TransmissionRetryTimeout 90 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@USERProcessHandleQuota 10000 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@RequireSignedAppInit_DLLs 1 ---- EOF - GMER 1.0.15 ----