Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unknown infection - Places 5,000+ run32dll.exe strings in registry


  • This topic is locked This topic is locked
2 replies to this topic

#1 Richard_1974

Richard_1974

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:17 PM

Posted 04 October 2010 - 02:25 AM

Hello everyone. I booted my computer last week and was bombarded with messages that run32dll.exe failed to load a DLL file. I went in to safe mode, removed the 5k+ entries, ran MBAM, SuperAntiSpyware, and my Norton virus scanner (all updated) and they came up with nothing.

The next day, the entries were back. I've done everything I can think to do, so I'd really appreciate any help you can provide. I tried to run GMER, but it ran for an hour or so and then my computer rebooted. I've attached a hijackthis log instead. I had to remove several of the run32dll.exe entries as both this text and the log were too big for the board to accept. They are essentially all identical. A random string of characters for the name and the data field is always rundll32.exe "yabawt.dll",s

Thanks!

Here's my DDS.txt:


DDS (Ver_10-03-17.01) - NTFSx86 NETWORK
Run by Administrator at 1:14:13.09 on Mon 10/04/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2037.1596 [GMT -4:00]

AV: Symantec Endpoint Protection *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}
FW: Symantec Endpoint Protection *enabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\dds.scr

============== Pseudo HJT Report ===============

mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
mURLSearchHooks: AIM Toolbar Search Class: {03402f96-3dc7-4285-bc50-9e81fefafe43} - c:\program files\aim toolbar\aimtb.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\2.0.301.7164\swg.dll
BHO: AIM Toolbar Loader: {b0cda128-b425-4eef-a174-61a11ac5dbf8} - c:\program files\aim toolbar\aimtb.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: AIM Toolbar: {61539ecd-cc67-4437-a03c-9aaccbd14326} - c:\program files\aim toolbar\aimtb.dll
uRun: [DellAutomatedPCTuneUp] "c:\program files\dellautomatedpctuneup\PTAgnt.exe" /startup
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe"
mRun: [RoxioDragToDisc] "c:\program files\roxio\drag-to-disc\DrgToDsc.exe"
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [ECenter] c:\dell\e-center\EULALauncher.exe
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
mRun: [QuickBooksDB17] c:\program files\intuit\quickbooks 2007\qbdbmgrn.exe -n qb_payrolldell_17 -qs -gd all -gk all -gp 4096 -gu all -ch 64m -c 32m -x tcpip(broadcastlistener=no;port=10172) -ti 0 -ec simple -ct- -qi -qw -tl 120 -oe c:\docume~1\peggy\locals~1\applic~1\intuit\quickb~1\log\DBSTAR~1.LOG -y
mRun: [PeachtreePrefetcher.exe] "c:\progra~1\sageso~1\peacht~1\PeachtreePrefetcher.exe" /configfile:peachtreeprefetcher.winstart.config
mRun: [Intuit SyncManager] c:\program files\common files\intuit\sync\IntuitSyncManager.exe startup
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [QuickBooksDB20] c:\progra~1\intuit\quc2c1~1\qbdbmgrn.exe -n qb_payrolldell_20 -qs -gd all -gk all -gp 4096 -gu all -ch 256m -c 128m -x tcpip(broadcastlistener=no;port=55338) -ti 0 -ec simple -qi -qw -tl 120 -oe c:\docume~1\alluse~1\applic~1\intuit\quickb~1\DBSTAR~1.LOG -y
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [oponnksys] rundll32.exe "yabawt.dll",s
mRun: [mlmllmsys] rundll32.exe "yabawt.dll",s
mRun: [awuvursys] rundll32.exe "yabawt.dll",s
mRun: [khijgdsys] rundll32.exe "yabawt.dll",s
mRun: [xxxurqsys] rundll32.exe "yabawt.dll",s
mRun: [ljifdasys] rundll32.exe "yabawt.dll",s
mRun: [mlkkkksys] rundll32.exe "yabawt.dll",s
mRun: [xxvtqosys] rundll32.exe "yabawt.dll",s
mRun: [xxywuusys] rundll32.exe "yabawt.dll",s
mRun: [byvtussys] rundll32.exe "yabawt.dll",s
mRun: [fcyaaxsys] rundll32.exe "yabawt.dll",s
mRun: [sstrsqsys] rundll32.exe "yabawt.dll",s
mRun: [efcabasys] rundll32.exe "yabawt.dll",s
mRun: [opqqonsys] rundll32.exe "yabawt.dll",s
mRun: [mlijjisys] rundll32.exe "yabawt.dll",s
mRun: [cbyvvtsys] rundll32.exe "yabawt.dll",s
mRun: [gebccysys] rundll32.exe "yabawt.dll",s
mRun: [fcbaaasys] rundll32.exe "yabawt.dll",s
mRun: [qopmkksys] rundll32.exe "yabawt.dll",s
mRun: [kheebcsys] rundll32.exe "yabawt.dll",s
mRun: [qomjgesys] rundll32.exe "yabawt.dll",s
mRun: [iiijijsys] rundll32.exe "yabawt.dll",s
mRun: [iifgedsys] rundll32.exe "yabawt.dll",s
mRun: [ssrqrosys] rundll32.exe "yabawt.dll",s
mRun: [rqoonosys] rundll32.exe "yabawt.dll",s
mRun: [ljkhigsys] rundll32.exe "yabawt.dll",s
mRun: [fcccdesys] rundll32.exe "yabawt.dll",s
mRun: [qonljisys] rundll32.exe "yabawt.dll",s
mRun: [khgecysys] rundll32.exe "yabawt.dll",s
mRun: [oponmjsys] rundll32.exe "yabawt.dll",s
mRun: [efdbyysys] rundll32.exe "yabawt.dll",s
mRun: [xxxvvusys] rundll32.exe "yabawt.dll",s
mRun: [hgffdbsys] rundll32.exe "yabawt.dll",s
mRun: [ljighesys] rundll32.exe "yabawt.dll",s
mRun: [vttqnosys] rundll32.exe "yabawt.dll",s
mRun: [yaxuspsys] rundll32.exe "yabawt.dll",s
mRun: [xxvuussys] rundll32.exe "yabawt.dll",s
mRun: [pmlmkhsys] rundll32.exe "yabawt.dll",s
mRun: [xxyxyysys] rundll32.exe "yabawt.dll",s
mRun: [efcyvtsys] rundll32.exe "yabawt.dll",s
mRun: [geedaxsys] rundll32.exe "yabawt.dll",s
mRun: [awwxussys] rundll32.exe "yabawt.dll",s
mRun: [dddaxwsys] rundll32.exe "yabawt.dll",s
mRun: [tuvuttsys] rundll32.exe "yabawt.dll",s
mRun: [tusrpnsys] rundll32.exe "yabawt.dll",s
mRun: [opqrsrsys] rundll32.exe "yabawt.dll",s
mRun: [hggffdsys] rundll32.exe "yabawt.dll",s
mRun: [dddebasys] rundll32.exe "yabawt.dll",s
mRun: [kheffgsys] rundll32.exe "yabawt.dll",s
mRun: [qopnoosys] rundll32.exe "yabawt.dll",s
mRun: [qomkkisys] rundll32.exe "yabawt.dll",s
mRun: [tuttsrsys] rundll32.exe "yabawt.dll",s
mRun: [urpqnlsys] rundll32.exe "yabawt.dll",s
mRun: [urstrrsys] rundll32.exe "yabawt.dll",s
mRun: [mlmkjjsys] rundll32.exe "yabawt.dll",s
mRun: [gebcabsys] rundll32.exe "yabawt.dll",s
mRun: [qonmnmsys] rundll32.exe "yabawt.dll",s
mRun: [gedcbxsys] rundll32.exe "yabawt.dll",s
mRun: [mlkjihsys] rundll32.exe "yabawt.dll",s
mRun: [byyvwvsys] rundll32.exe "yabawt.dll",s
mRun: [vttrrssys] rundll32.exe "yabawt.dll",s
mRun: [xxyvsrsys] rundll32.exe "yabawt.dll",s
mRun: [byvsspsys] rundll32.exe "yabawt.dll",s
mRun: [yaxvwtsys] rundll32.exe "yabawt.dll",s
mRun: [sstqqnsys] rundll32.exe "yabawt.dll",s
mRun: [mliihfsys] rundll32.exe "yabawt.dll",s
mRun: [opqpmksys] rundll32.exe "yabawt.dll",s
mRun: [effcddsys] rundll32.exe "yabawt.dll",s
mRun: [tusstrsys] rundll32.exe "yabawt.dll",s
mRun: [iiiiggsys] rundll32.exe "yabawt.dll",s
mRun: [iiffcasys] rundll32.exe "yabawt.dll",s
mRun: [vtroposys] rundll32.exe "yabawt.dll",s
mRun: [rqonllsys] rundll32.exe "yabawt.dll",s
mRun: [fccbbbsys] rundll32.exe "yabawt.dll",s
mRun: [qonkhfsys] rundll32.exe "yabawt.dll",s
mRun: [xxxutrsys] rundll32.exe "yabawt.dll",s
mRun: [efdawvsys] rundll32.exe "yabawt.dll",s
mRun: [jkjgghsys] rundll32.exe "yabawt.dll",s
mRun: [rqppopsys] rundll32.exe "yabawt.dll",s
mRun: [ddbcdasys] rundll32.exe "yabawt.dll",s
mRun: [nnmmjksys] rundll32.exe "yabawt.dll",s
mRun: [xxvtspsys] rundll32.exe "yabawt.dll",s
mRun: [xxywwvsys] rundll32.exe "yabawt.dll",s
mRun: [khgfefsys] rundll32.exe "yabawt.dll",s
mRun: [vturopsys] rundll32.exe "yabawt.dll",s
mRun: [opqqqosys] rundll32.exe "yabawt.dll",s
mRun: [hgdebysys] rundll32.exe "yabawt.dll",s
mRun: [nnkliisys] rundll32.exe "yabawt.dll",s
mRun: [tuvtrqsys] rundll32.exe "yabawt.dll",s
mRun: [tusqnksys] rundll32.exe "yabawt.dll",s
mRun: [hggedasys] rundll32.exe "yabawt.dll",s
mRun: [efcbyxsys] rundll32.exe "yabawt.dll",s
mRun: [qopmmlsys] rundll32.exe "yabawt.dll",s
mRun: [kheeddsys] rundll32.exe "yabawt.dll",s
mRun: [fcbbxxsys] rundll32.exe "yabawt.dll",s
mRun: [qomjifsys] rundll32.exe "yabawt.dll",s
mRun: [iiijkksys] rundll32.exe "yabawt.dll",s
mRun: [iifggesys] rundll32.exe "yabawt.dll",s
mRun: [rqooppsys] rundll32.exe "yabawt.dll",s
mRun: [tutsqosys] rundll32.exe "yabawt.dll",s
mRun: [mlmjhgsys] rundll32.exe "yabawt.dll",s
mRun: [urssposys] rundll32.exe "yabawt.dll",s
mRun: [qonlljsys] rundll32.exe "yabawt.dll",s
mRun: [mlkigesys] rundll32.exe "yabawt.dll",s
mRun: [hgfffcsys] rundll32.exe "yabawt.dll",s
mRun: [vttqppsys] rundll32.exe "yabawt.dll",s
mRun: [nnmnnosys] rundll32.exe "yabawt.dll",s
mRun: [yaaxwxsys] rundll32.exe "yabawt.dll",s
mRun: [efcyxusys] rundll32.exe "yabawt.dll",s
mRun: [opmjklsys] rundll32.exe "yabawt.dll",s
mRun: [awwxwtsys] rundll32.exe "yabawt.dll",s
mRun: [fcbywusys] rundll32.exe "yabawt.dll",s
mRun: [geedcysys] rundll32.exe "yabawt.dll",s
mRun: [mlihfcsys] rundll32.exe "yabawt.dll",s
mRun: [vtusstsys] rundll32.exe "yabawt.dll",s
mRun: [awtrpqsys] rundll32.exe "yabawt.dll",s
mRun: [tuvuvusys] rundll32.exe "yabawt.dll",s
mRun: [tusrrosys] rundll32.exe "yabawt.dll",s
mRun: [gedddesys] rundll32.exe "yabawt.dll",s
mRun: [iiihedsys] rundll32.exe "yabawt.dll",s
mRun: [dddedbsys] rundll32.exe "yabawt.dll",s
mRun: [rqrpnosys] rundll32.exe "yabawt.dll",s
mRun: [rqomjisys] rundll32.exe "yabawt.dll",s
mRun: [tuttussys] rundll32.exe "yabawt.dll",s
mRun: [fcyaabsys] rundll32.exe "yabawt.dll",s
mRun: [ddawvwsys] rundll32.exe "yabawt.dll",s
mRun: [urpqpmsys] rundll32.exe "yabawt.dll",s
mRun: [ursttssys] rundll32.exe "yabawt.dll",s
mRun: [mlmklksys] rundll32.exe "yabawt.dll",s
mRun: [gebcccsys] rundll32.exe "yabawt.dll",s
mRun: [rqpommsys] rundll32.exe "yabawt.dll",s
mRun: [awurrssys] rundll32.exe "yabawt.dll",s
mRun: [khifdesys] rundll32.exe "yabawt.dll",s
mRun: [iihigfsys] rundll32.exe "yabawt.dll",s
mRun: [mlkjkisys] rundll32.exe "yabawt.dll",s
mRun: [xxyvussys] rundll32.exe "yabawt.dll",s
mRun: [dddaaysys] rundll32.exe "yabawt.dll",s
mRun: [khgeccsys] rundll32.exe "yabawt.dll",s
mRun: [opqpolsys] rundll32.exe "yabawt.dll",s
mRun: [mliijgsys] rundll32.exe "yabawt.dll",s
mRun: [tuvspnsys] rundll32.exe "yabawt.dll",s
mRun: [efcawusys] rundll32.exe "yabawt.dll",s
mRun: [wvtspqsys] rundll32.exe "yabawt.dll",s
mRun: [awtstusys] rundll32.exe "yabawt.dll",s
mRun: [khedbasys] rundll32.exe "yabawt.dll",s
mRun: [iiiiihsys] rundll32.exe "yabawt.dll",s
mRun: [iiffebsys] rundll32.exe "yabawt.dll",s
mRun: [tutrolsys] rundll32.exe "yabawt.dll",s
mRun: [rqrqrssys] rundll32.exe "yabawt.dll",s
mRun: [rqonnmsys] rundll32.exe "yabawt.dll",s
mRun: [pmnomjsys] rundll32.exe "yabawt.dll",s
mRun: [geedabsys] rundll32.exe "yabawt.dll",s
mRun: [fcccyysys] rundll32.exe "yabawt.dll",s
mRun: [pmkifgsys] rundll32.exe "yabawt.dll",s
mRun: [qonkjgsys] rundll32.exe "yabawt.dll",s
mRun: [bywxvssys] rundll32.exe "yabawt.dll",s
mRun: [xxxuvssys] rundll32.exe "yabawt.dll",s
mRun: [efdaywsys] rundll32.exe "yabawt.dll",s
mRun: [rqppqqsys] rundll32.exe "yabawt.dll",s
mRun: [mlkhebsys] rundll32.exe "yabawt.dll",s
mRun: [khighisys] rundll32.exe "yabawt.dll",s
mRun: [efdecasys] rundll32.exe "yabawt.dll",s
mRun: [nnmmllsys] rundll32.exe "yabawt.dll",s
mRun: [yaawuusys] rundll32.exe "yabawt.dll",s
mRun: [fcbxursys] rundll32.exe "yabawt.dll",s
mRun: [pmlihisys] rundll32.exe "yabawt.dll",s
mRun: [khgfggsys] rundll32.exe "yabawt.dll",s
mRun: [urrspnsys] rundll32.exe "yabawt.dll",s
mRun: [vturqqsys] rundll32.exe "yabawt.dll",s
mRun: [awtqnnsys] rundll32.exe "yabawt.dll",s
mRun: [nnklkjsys] rundll32.exe "yabawt.dll",s
mRun: [tuvttrsys] rundll32.exe "yabawt.dll",s
mRun: [gedcbbsys] rundll32.exe "yabawt.dll",s
mRun: [rqrollsys] rundll32.exe "yabawt.dll",s
mRun: [kheefesys] rundll32.exe "yabawt.dll",s
mRun: [jkkljksys] rundll32.exe "yabawt.dll",s
mRun: [jkhifesys] rundll32.exe "yabawt.dll",s
mRun: [ssqqopsys] rundll32.exe "yabawt.dll",s
mRun: [tutsspsys] rundll32.exe "yabawt.dll",s
mRun: [geeeefsys] rundll32.exe "yabawt.dll",s
mRun: [mlmjjhsys] rundll32.exe "yabawt.dll",s
mRun: [urssrpsys] rundll32.exe "yabawt.dll",s
mRun: [pmkjjksys] rundll32.exe "yabawt.dll",s
mRun: [rqpnkjsys] rundll32.exe "yabawt.dll",s
mRun: [ddbxwxsys] rundll32.exe "yabawt.dll",s
mRun: [iihhecsys] rundll32.exe "yabawt.dll",s
mRun: [mlkiifsys] rundll32.exe "yabawt.dll",s
mRun: [vttqrqsys] rundll32.exe "yabawt.dll",s
mRun: [yaaxyysys] rundll32.exe "yabawt.dll",s
mRun: [cbbcawsys] rundll32.exe "yabawt.dll",s
mRun: [fcbyyvsys] rundll32.exe "yabawt.dll",s
mRun: [effcyxsys] rundll32.exe "yabawt.dll",s
mRun: [awtrrrsys] rundll32.exe "yabawt.dll",s
mRun: [dddefcsys] rundll32.exe "yabawt.dll",s
mRun: [iiihgesys] rundll32.exe "yabawt.dll",s
mRun: [ljghghsys] rundll32.exe "yabawt.dll",s
mRun: [rqrpppsys] rundll32.exe "yabawt.dll",s
mRun: [nnoolmsys] rundll32.exe "yabawt.dll",s
mRun: [rqomljsys] rundll32.exe "yabawt.dll",s
mRun: [hgdaxysys] rundll32.exe "yabawt.dll",s
mRun: [ssqrstsys] rundll32.exe "yabawt.dll",s
mRun: [ddawxxsys] rundll32.exe "yabawt.dll",s
mRun: [hgdebcsys] rundll32.exe "yabawt.dll",s
mRun: [vtuvsssys] rundll32.exe "yabawt.dll",s
mRun: [rqpoonsys] rundll32.exe "yabawt.dll",s
mRun: [khifffsys] rundll32.exe "yabawt.dll",s
mRun: [efcyawsys] rundll32.exe "yabawt.dll",s
mRun: [nnmljisys] rundll32.exe "yabawt.dll",s
mRun: [iihiigsys] rundll32.exe "yabawt.dll",s
mRun: [wvvtstsys] rundll32.exe "yabawt.dll",s
mRun: [xxyvwtsys] rundll32.exe "yabawt.dll",s
mRun: [khgeedsys] rundll32.exe "yabawt.dll",s
mRun: [nnkkigsys] rundll32.exe "yabawt.dll",s
mRun: [tuvsrosys] rundll32.exe "yabawt.dll",s
mRun: [efcayvsys] rundll32.exe "yabawt.dll",s
mRun: [wvtsrrsys] rundll32.exe "yabawt.dll",s
mRun: [fccyvssys] rundll32.exe "yabawt.dll",s
mRun: [fcbaxvsys] rundll32.exe "yabawt.dll",s
mRun: [kheddbsys] rundll32.exe "yabawt.dll",s
mRun: [jkkkhhsys] rundll32.exe "yabawt.dll",s
mRun: [fcyywvsys] rundll32.exe "yabawt.dll",s
mRun: [nnoppqsys] rundll32.exe "yabawt.dll",s
mRun: [ssqpmmsys] rundll32.exe "yabawt.dll",s
mRun: [geedccsys] rundll32.exe "yabawt.dll",s
mRun: [ursrpmsys] rundll32.exe "yabawt.dll",s
mRun: [pmkihhsys] rundll32.exe "yabawt.dll",s
mRun: [ssrrpqsys] rundll32.exe "yabawt.dll",s
mRun: [efdeebsys] rundll32.exe "yabawt.dll",s
mRun: [nnmmnmsys] rundll32.exe "yabawt.dll",s
mRun: [yaawwvsys] rundll32.exe "yabawt.dll",s
mRun: [urrsrosys] rundll32.exe "yabawt.dll",s
mRun: [ljihfgsys] rundll32.exe "yabawt.dll",s
mRun: [pmlijjsys] rundll32.exe "yabawt.dll",s
mRun: [awwttusys] rundll32.exe "yabawt.dll",s
mRun: [awtqposys] rundll32.exe "yabawt.dll",s
mRun: [vtursrsys] rundll32.exe "yabawt.dll",s
mRun: [nnklmksys] rundll32.exe "yabawt.dll",s
mRun: [cbxvuvsys] rundll32.exe "yabawt.dll",s
mRun: [iiigebsys] rundll32.exe "yabawt.dll",s
mRun: [gedcdcsys] rundll32.exe "yabawt.dll",s
mRun: [rqoljgsys] rundll32.exe "yabawt.dll",s
mRun: [rqronmsys] rundll32.exe "yabawt.dll",s
mRun: [ljggeesys] rundll32.exe "yabawt.dll",s
mRun: [jkhihfsys] rundll32.exe "yabawt.dll",s
mRun: [jkklllsys] rundll32.exe "yabawt.dll",s
mRun: [ssqqqqsys] rundll32.exe "yabawt.dll",s
mRun: [efdabysys] rundll32.exe "yabawt.dll",s
mRun: [gebbcasys] rundll32.exe "yabawt.dll",s
mRun: [ursstqsys] rundll32.exe "yabawt.dll",s
mRun: [urpmmnsys] rundll32.exe "yabawt.dll",s
mRun: [rqpnmksys] rundll32.exe "yabawt.dll",s
mRun: [ddbxyysys] rundll32.exe "yabawt.dll",s
mRun: [ssrstusys] rundll32.exe "yabawt.dll",s
mRun: [nnmkhfsys] rundll32.exe "yabawt.dll",s
mRun: [iihhgdsys] rundll32.exe "yabawt.dll",s
mRun: [wvvsqqsys] rundll32.exe "yabawt.dll",s
mRun: [opopopsys] rundll32.exe "yabawt.dll",s
mRun: [khgdcasys] rundll32.exe "yabawt.dll",s
mRun: [efdayasys] rundll32.exe "yabawt.dll",s
mRun: [nnkjgdsys] rundll32.exe "yabawt.dll",s
mRun: [ljiijksys] rundll32.exe "yabawt.dll",s
mRun: [wvtrposys] rundll32.exe "yabawt.dll",s
mRun: [wvwutusys] rundll32.exe "yabawt.dll",s
mRun: [byvtqrsys] rundll32.exe "yabawt.dll",s
mRun: [yaxwuvsys] rundll32.exe "yabawt.dll",s
mRun: [iiihifsys] rundll32.exe "yabawt.dll",s
mRun: [effgecsys] rundll32.exe "yabawt.dll",s
mRun: [fcyxussys] rundll32.exe "yabawt.dll",s
mRun: [sstropsys] rundll32.exe "yabawt.dll",s
mRun: [nnoonnsys] rundll32.exe "yabawt.dll",s
mRun: [ljghiisys] rundll32.exe "yabawt.dll",s
mRun: [rqomnksys] rundll32.exe "yabawt.dll",s
mRun: [fccbywsys] rundll32.exe "yabawt.dll",s
mRun: [pmkhfesys] rundll32.exe "yabawt.dll",s
mRun: [pmnkjksys] rundll32.exe "yabawt.dll",s
mRun: [vtuvutsys] rundll32.exe "yabawt.dll",s
mRun: [vtrsqnsys] rundll32.exe "yabawt.dll",s
mRun: [hgdeddsys] rundll32.exe "yabawt.dll",s
mRun: [bywtstsys] rundll32.exe "yabawt.dll",s
mRun: [ssrqnnsys] rundll32.exe "yabawt.dll",s
mRun: [ljkhefsys] rundll32.exe "yabawt.dll",s
mRun: [jkjkhgsys] rundll32.exe "yabawt.dll",s
mRun: [nnmlljsys] rundll32.exe "yabawt.dll",s
mRun: [wvvtuusys] rundll32.exe "yabawt.dll",s
mRun: [ljigddsys] rundll32.exe "yabawt.dll",s
mRun: [nnkkkhsys] rundll32.exe "yabawt.dll",s
mRun: [cbxusssys] rundll32.exe "yabawt.dll",s
mRun: [wvtstssys] rundll32.exe "yabawt.dll",s
mRun: [byvuuvsys] rundll32.exe "yabawt.dll",s
mRun: [ljgfcbsys] rundll32.exe "yabawt.dll",s
mRun: [jkhhfcsys] rundll32.exe "yabawt.dll",s
mRun: [jkkkjisys] rundll32.exe "yabawt.dll",s
mRun: [fcyyywsys] rundll32.exe "yabawt.dll",s
mRun: [cbywvwsys] rundll32.exe "yabawt.dll",s
mRun: [ssqponsys] rundll32.exe "yabawt.dll",s
mRun: [sstsstsys] rundll32.exe "yabawt.dll",s
mRun: [qopqnksys] rundll32.exe "yabawt.dll",s
mRun: [cbbcaasys] rundll32.exe "yabawt.dll",s
mRun: [geededsys] rundll32.exe "yabawt.dll",s
mRun: [pmkijisys] rundll32.exe "yabawt.dll",s
mRun: [rqpmkhsys] rundll32.exe "yabawt.dll",s
mRun: [ssrrrrsys] rundll32.exe "yabawt.dll",s
mRun: [ljkiijsys] rundll32.exe "yabawt.dll",s
mRun: [opoommsys] rundll32.exe "yabawt.dll",s
mRun: [efcabxsys] rundll32.exe "yabawt.dll",s
mRun: [ljihhhsys] rundll32.exe "yabawt.dll",s
mRun: [fcbaaxsys] rundll32.exe "yabawt.dll",s
mRun: [awtqrpsys] rundll32.exe "yabawt.dll",s
mRun: [wvtqnlsys] rundll32.exe "yabawt.dll",s
mRun: [wvwtrrsys] rundll32.exe "yabawt.dll",s
mRun: [yaxvsssys] rundll32.exe "yabawt.dll",s
mRun: [cbxvwwsys] rundll32.exe "yabawt.dll",s
mRun: [efcyaasys] rundll32.exe "yabawt.dll",s
mRun: [opmnlksys] rundll32.exe "yabawt.dll",s
mRun: [xxvvuvsys] rundll32.exe "yabawt.dll",s
mRun: [ljgggfsys] rundll32.exe "yabawt.dll",s
mRun: [rqropnsys] rundll32.exe "yabawt.dll",s
mRun: [nnonlksys] rundll32.exe "yabawt.dll",s
mRun: [jkhijgsys] rundll32.exe "yabawt.dll",s
mRun: [fccawtsys] rundll32.exe "yabawt.dll",s
mRun: [tusspqsys] rundll32.exe "yabawt.dll",s
mRun: [fcyaxwsys] rundll32.exe "yabawt.dll",s
mRun: [hgddbasys] rundll32.exe "yabawt.dll",s
mRun: [hgggfgsys] rundll32.exe "yabawt.dll",s
mRun: [vtuusqsys] rundll32.exe "yabawt.dll",s
mRun: [qomlklsys] rundll32.exe "yabawt.dll",s
mRun: [rqpnolsys] rundll32.exe "yabawt.dll",s
mRun: [nnmkjgsys] rundll32.exe "yabawt.dll",s
mRun: [awuvsrsys] rundll32.exe "yabawt.dll",s
mRun: [wvvssrsys] rundll32.exe "yabawt.dll",s
mRun: [opopqqsys] rundll32.exe "yabawt.dll",s
mRun: [khgdebsys] rundll32.exe "yabawt.dll",s
mRun: [dddebxsys] rundll32.exe "yabawt.dll",s
mRun: [wvwuvvsys] rundll32.exe "yabawt.dll",s
mRun: [byvtsssys] rundll32.exe "yabawt.dll",s
mRun: [wvtrrpsys] rundll32.exe "yabawt.dll",s
mRun: [yaxwwwsys] rundll32.exe "yabawt.dll",s
mRun: [fcyxwtsys] rundll32.exe "yabawt.dll",s
mRun: [jkkjhfsys] rundll32.exe "yabawt.dll",s
mRun: [effggdsys] rundll32.exe "yabawt.dll",s
mRun: [gebcaysys] rundll32.exe "yabawt.dll",s
mRun: [mlijhisys] rundll32.exe "yabawt.dll",s
mRun: [cbyvttsys] rundll32.exe "yabawt.dll",s
mRun: [sstrqqsys] rundll32.exe "yabawt.dll",s
mRun: [ssqomksys] rundll32.exe "yabawt.dll",s
mRun: [nnooposys] rundll32.exe "yabawt.dll",s
mRun: [geeccasys] rundll32.exe "yabawt.dll",s
mRun: [pmkhhfsys] rundll32.exe "yabawt.dll",s
mRun: [tusttusys] rundll32.exe "yabawt.dll",s
mRun: [pmnkllsys] rundll32.exe "yabawt.dll",s
mRun: [vtuvwusys] rundll32.exe "yabawt.dll",s
mRun: [hgdefesys] rundll32.exe "yabawt.dll",s
mRun: [ssrqposys] rundll32.exe "yabawt.dll",s
mRun: [bywtuusys] rundll32.exe "yabawt.dll",s
mRun: [ljkhggsys] rundll32.exe "yabawt.dll",s
mRun: [oponkjsys] rundll32.exe "yabawt.dll",s
mRun: [jkjkjhsys] rundll32.exe "yabawt.dll",s
mRun: [efdabcsys] rundll32.exe "yabawt.dll",s
mRun: [xxxvtusys] rundll32.exe "yabawt.dll",s
mRun: [ljigfesys] rundll32.exe "yabawt.dll",s
mRun: [urroopsys] rundll32.exe "yabawt.dll",s
mRun: [cbxuutsys] rundll32.exe "yabawt.dll",s
mRun: [opmmjhsys] rundll32.exe "yabawt.dll",s
mRun: [xxvusssys] rundll32.exe "yabawt.dll",s
mRun: [fccbbysys] rundll32.exe "yabawt.dll",s
mRun: [nnomjhsys] rundll32.exe "yabawt.dll",s
mRun: [gedcywsys] rundll32.exe "yabawt.dll",s
mRun: [ljgfecsys] rundll32.exe "yabawt.dll",s
mRun: [jkkkljsys] rundll32.exe "yabawt.dll",s
mRun: [ssqpqosys] rundll32.exe "yabawt.dll",s
mRun: [cbywxxsys] rundll32.exe "yabawt.dll",s
mRun: [opqrqrsys] rundll32.exe "yabawt.dll",s
mRun: [cbbccbsys] rundll32.exe "yabawt.dll",s
mRun: [vtutqnsys] rundll32.exe "yabawt.dll",s
mRun: [hggfddsys] rundll32.exe "yabawt.dll",s
mRun: [gebbxusys] rundll32.exe "yabawt.dll",s
mRun: [qomkiisys] rundll32.exe "yabawt.dll",s
mRun: [tuttqrsys] rundll32.exe "yabawt.dll",s
mRun: [qonmlmsys] rundll32.exe "yabawt.dll",s
mRun: [opooonsys] rundll32.exe "yabawt.dll",s
mRun: [fccbyasys] rundll32.exe "yabawt.dll",s
mRun: [xxxwxysys] rundll32.exe "yabawt.dll",s
mRun: [mlkjghsys] rundll32.exe "yabawt.dll",s
mRun: [vttuspsys] rundll32.exe "yabawt.dll",s
mRun: [wvtqpmsys] rundll32.exe "yabawt.dll",s
mRun: [wvwttssys] rundll32.exe "yabawt.dll",s
mRun: [byyvuvsys] rundll32.exe "yabawt.dll",s
mRun: [byvsqpsys] rundll32.exe "yabawt.dll",s
mRun: [yaxvutsys] rundll32.exe "yabawt.dll",s
mRun: [opmnnlsys] rundll32.exe "yabawt.dll",s
mRun: [xxvvwwsys] rundll32.exe "yabawt.dll",s
mRun: [jkkifcsys] rundll32.exe "yabawt.dll",s
mRun: [ssqnkhsys] rundll32.exe "yabawt.dll",s
mRun: [mliiffsys] rundll32.exe "yabawt.dll",s
mRun: [nnonnlsys] rundll32.exe "yabawt.dll",s
mRun: [sstqonsys] rundll32.exe "yabawt.dll",s
mRun: [tussrrsys] rundll32.exe "yabawt.dll",s
mRun: [hggghhsys] rundll32.exe "yabawt.dll",s
mRun: [vtuuursys] rundll32.exe "yabawt.dll",s
mRun: [hgdddbsys] rundll32.exe "yabawt.dll",s
mRun: [cbbyvssys] rundll32.exe "yabawt.dll",s
mRun: [qomlmmsys] rundll32.exe "yabawt.dll",s
mRun: [vtronosys] rundll32.exe "yabawt.dll",s
mRun: [ssrpnlsys] rundll32.exe "yabawt.dll",s
mRun: [fcyyyasys] rundll32.exe "yabawt.dll",s
mRun: [tutuuvsys] rundll32.exe "yabawt.dll",s
mRun: [jkjjhesys] rundll32.exe "yabawt.dll",s
mRun: [awuvussys] rundll32.exe "yabawt.dll",s
mRun: [khijgesys] rundll32.exe "yabawt.dll",s
mRun: [xxxurrsys] rundll32.exe "yabawt.dll",s
mRun: [ljifdbsys] rundll32.exe "yabawt.dll",s
mRun: [ddbcbasys] rundll32.exe "yabawt.dll",s
mRun: [mlkkklsys] rundll32.exe "yabawt.dll",s
mRun: [byvtutsys] rundll32.exe "yabawt.dll",s
mRun: [xxvtqpsys] rundll32.exe "yabawt.dll",s
mRun: [xxywuvsys] rundll32.exe "yabawt.dll",s
mRun: [jkkjjgsys] rundll32.exe "yabawt.dll",s
mRun: [fcyaaysys] rundll32.exe "yabawt.dll",s
mRun: [cbyvvusys] rundll32.exe "yabawt.dll",s
mRun: [ssqoolsys] rundll32.exe "yabawt.dll",s
mRun: [sstrsrsys] rundll32.exe "yabawt.dll",s
mRun: [opqqoosys] rundll32.exe "yabawt.dll",s
mRun: [mlijjjsys] rundll32.exe "yabawt.dll",s
mRun: [efcabbsys] rundll32.exe "yabawt.dll",s
mRun: [fcbaabsys] rundll32.exe "yabawt.dll",s
mRun: [hggebasys] rundll32.exe "yabawt.dll",s
mRun: [qopmklsys] rundll32.exe "yabawt.dll",s
mRun: [qomjgfsys] rundll32.exe "yabawt.dll",s
mRun: [iifgeesys] rundll32.exe "yabawt.dll",s
mRun: [wvturosys] rundll32.exe "yabawt.dll",s
mRun: [ssrqrpsys] rundll32.exe "yabawt.dll",s
mRun: [ljkhihsys] rundll32.exe "yabawt.dll",s
mRun: [qonljjsys] rundll32.exe "yabawt.dll",s
mRun: [jkjklisys] rundll32.exe "yabawt.dll",s
mRun: [oponmksys] rundll32.exe "yabawt.dll",s
mRun: [xxxvvvsys] rundll32.exe "yabawt.dll",s
mRun: [hgffdcsys] rundll32.exe "yabawt.dll",s
mRun: [ljighfsys] rundll32.exe "yabawt.dll",s
mRun: [khedbxsys] rundll32.exe "yabawt.dll",s
mRun: [yaxusqsys] rundll32.exe "yabawt.dll",s
mRun: [opmmlisys] rundll32.exe "yabawt.dll",s
mRun: [efcyvusys] rundll32.exe "yabawt.dll",s
mRun: [pmlmkisys] rundll32.exe "yabawt.dll",s
mRun: [xxvuutsys] rundll32.exe "yabawt.dll",s
mRun: [awwxutsys] rundll32.exe "yabawt.dll",s
mRun: [geedaysys] rundll32.exe "yabawt.dll",s
mRun: [ljgfgdsys] rundll32.exe "yabawt.dll",s
mRun: [nnomlisys] rundll32.exe "yabawt.dll",s
mRun: [dddaxxsys] rundll32.exe "yabawt.dll",s
mRun: [opqrsssys] rundll32.exe "yabawt.dll",s
mRun: [tusrposys] rundll32.exe "yabawt.dll",s
mRun: [tuvutusys] rundll32.exe "yabawt.dll",s
mRun: [dddebbsys] rundll32.exe "yabawt.dll",s
mRun: [hggffesys] rundll32.exe "yabawt.dll",s
mRun: [ssrolisys] rundll32.exe "yabawt.dll",s
mRun: [qopnopsys] rundll32.exe "yabawt.dll",s
mRun: [qomkkjsys] rundll32.exe "yabawt.dll",s
mRun: [tuttsssys] rundll32.exe "yabawt.dll",s
mRun: [mlmkjksys] rundll32.exe "yabawt.dll",s
mRun: [awuuspsys] rundll32.exe "yabawt.dll",s
mRun: [urstrssys] rundll32.exe "yabawt.dll",s
mRun: [urpqnmsys] rundll32.exe "yabawt.dll",s
mRun: [qonmnnsys] rundll32.exe "yabawt.dll",s
mRun: [gedcbysys] rundll32.exe "yabawt.dll",s
mRun: [mlkjiisys] rundll32.exe "yabawt.dll",s
mRun: [byyvwwsys] rundll32.exe "yabawt.dll",s
mRun: [xxyvsssys] rundll32.exe "yabawt.dll",s
mRun: [byvssqsys] rundll32.exe "yabawt.dll",s
mRun: [yaxvwusys] rundll32.exe "yabawt.dll",s
mRun: [gebbawsys] rundll32.exe "yabawt.dll",s
mRun: [mliihgsys] rundll32.exe "yabawt.dll",s
mRun: [opqpmlsys] rundll32.exe "yabawt.dll",s
mRun: [sstqqosys] rundll32.exe "yabawt.dll",s
mRun: [effcdesys] rundll32.exe "yabawt.dll",s
mRun: [tusstssys] rundll32.exe "yabawt.dll",s
mRun: [iiffcbsys] rundll32.exe "yabawt.dll",s
mRun: [iiiighsys] rundll32.exe "yabawt.dll",s
mRun: [ssrppmsys] rundll32.exe "yabawt.dll",s
mRun: [vtroppsys] rundll32.exe "yabawt.dll",s
mRun: [rqonlmsys] rundll32.exe "yabawt.dll",s
mRun: [gedcyasys] rundll32.exe "yabawt.dll",s
mRun: [fccbbcsys] rundll32.exe "yabawt.dll",s
mRun: [khgdawsys] rundll32.exe "yabawt.dll",s
mRun: [qonkhgsys] rundll32.exe "yabawt.dll",s
mRun: [opomkhsys] rundll32.exe "yabawt.dll",s
mRun: [awuvwtsys] rundll32.exe "yabawt.dll",s
mRun: [xxxutssys] rundll32.exe "yabawt.dll",s
mRun: [efdawwsys] rundll32.exe "yabawt.dll",s
mRun: [khijifsys] rundll32.exe "yabawt.dll",s
mRun: [ljiffcsys] rundll32.exe "yabawt.dll",s
mRun: [ddbcdbsys] rundll32.exe "yabawt.dll",s
mRun: [xxvtsqsys] rundll32.exe "yabawt.dll",s
mRun: [pmllifsys] rundll32.exe "yabawt.dll",s
mRun: [xxywwwsys] rundll32.exe "yabawt.dll",s
mRun: [tuvtrrsys] rundll32.exe "yabawt.dll",s
mRun: [tusqnlsys] rundll32.exe "yabawt.dll",s
mRun: [nnklijsys] rundll32.exe "yabawt.dll",s
mRun: [opqqqpsys] rundll32.exe "yabawt.dll",s
mRun: [hggedbsys] rundll32.exe "yabawt.dll",s
mRun: [efcbyysys] rundll32.exe "yabawt.dll",s
mRun: [qopmmmsys] rundll32.exe "yabawt.dll",s
mRun: [kheedesys] rundll32.exe "yabawt.dll",s
mRun: [fcbbxysys] rundll32.exe "yabawt.dll",s
mRun: [qomjigsys] rundll32.exe "yabawt.dll",s
mRun: [iiijklsys] rundll32.exe "yabawt.dll",s
mRun: [iifggfsys] rundll32.exe "yabawt.dll",s
mRun: [tutsqpsys] rundll32.exe "yabawt.dll",s
mRun: [rqoopqsys] rundll32.exe "yabawt.dll",s
mRun: [mlmjhhsys] rundll32.exe "yabawt.dll",s
mRun: [urssppsys] rundll32.exe "yabawt.dll",s
mRun: [qonllksys] rundll32.exe "yabawt.dll",s
mRun: [oponolsys] rundll32.exe "yabawt.dll",s
mRun: [hgfffdsys] rundll32.exe "yabawt.dll",s
mRun: [mlkigfsys] rundll32.exe "yabawt.dll",s
mRun: [vttqpqsys] rundll32.exe "yabawt.dll",s
mRun: [yaxuursys] rundll32.exe "yabawt.dll",s
mRun: [pmlmmjsys] rundll32.exe "yabawt.dll",s
mRun: [efcyxvsys] rundll32.exe "yabawt.dll",s
mRun: [fcbywvsys] rundll32.exe "yabawt.dll",s
mRun: [mlihfdsys] rundll32.exe "yabawt.dll",s
mRun: [awwxwusys] rundll32.exe "yabawt.dll",s
mRun: [tuvuvvsys] rundll32.exe "yabawt.dll",s
mRun: [tusrrpsys] rundll32.exe "yabawt.dll",s
mRun: [dddedcsys] rundll32.exe "yabawt.dll",s
mRun: [iiiheesys] rundll32.exe "yabawt.dll",s
mRun: [rqomjjsys] rundll32.exe "yabawt.dll",s
mRun: [tuttutsys] rundll32.exe "yabawt.dll",s
mRun: [mlmkllsys] rundll32.exe "yabawt.dll",s
mRun: [urpqpnsys] rundll32.exe "yabawt.dll",s
mRun: [urstttsys] rundll32.exe "yabawt.dll",s
mRun: [gebccdsys] rundll32.exe "yabawt.dll",s
mRun: [rqpomnsys] rundll32.exe "yabawt.dll",s
mRun: [mlkjkjsys] rundll32.exe "yabawt.dll",s
mRun: [wvvwtqsys] rundll32.exe "yabawt.dll",s
mRun: [iihiggsys] rundll32.exe "yabawt.dll",s
mRun: [xxvsqnsys] rundll32.exe "yabawt.dll",s
mRun: [xxyvutsys] rundll32.exe "yabawt.dll",s
mRun: [khgecdsys] rundll32.exe "yabawt.dll",s
mRun: [tuvsposys] rundll32.exe "yabawt.dll",s
mRun: [opqpomsys] rundll32.exe "yabawt.dll",s
mRun: [mliijhsys] rundll32.exe "yabawt.dll",s
mRun: [efcawvsys] rundll32.exe "yabawt.dll",s
mRun: [khedbbsys] rundll32.exe "yabawt.dll",s
mRun: [iiiiiisys] rundll32.exe "yabawt.dll",s
mRun: [iiffecsys] rundll32.exe "yabawt.dll",s
mRun: [tutromsys] rundll32.exe "yabawt.dll",s
mRun: [rqonnnsys] rundll32.exe "yabawt.dll",s
mRun: [pmnomksys] rundll32.exe "yabawt.dll",s
mRun: [qonkjhsys] rundll32.exe "yabawt.dll",s
mRun: [bywxvtsys] rundll32.exe "yabawt.dll",s
mRun: [rqppqrsys] rundll32.exe "yabawt.dll",s
mRun: [efdayxsys] rundll32.exe "yabawt.dll",s
mRun: [xxxuvtsys] rundll32.exe "yabawt.dll",s
mRun: [hgfedasys] rundll32.exe "yabawt.dll",s
mRun: [mlkhecsys] rundll32.exe "yabawt.dll",s
mRun: [efdecbsys] rundll32.exe "yabawt.dll",s
mRun: [nnmmlmsys] rundll32.exe "yabawt.dll",s
mRun: [yaawuvsys] rundll32.exe "yabawt.dll",s
mRun: [xxvtursys] rundll32.exe "yabawt.dll",s
mRun: [urrsposys] rundll32.exe "yabawt.dll",s
mRun: [khgfghsys] rundll32.exe "yabawt.dll",s
mRun: [fcbxussys] rundll32.exe "yabawt.dll",s
mRun: [awwwursys] rundll32.exe "yabawt.dll",s
mRun: [geecawsys] rundll32.exe "yabawt.dll",s
mRun: [mligdasys] rundll32.exe "yabawt.dll",s
mRun: [vturqrsys] rundll32.exe "yabawt.dll",s
mRun: [cbxyvssys] rundll32.exe "yabawt.dll",s
mRun: [awtqnosys] rundll32.exe "yabawt.dll",s
mRun: [tusqpmsys] rundll32.exe "yabawt.dll",s
mRun: [nnklkksys] rundll32.exe "yabawt.dll",s
mRun: [tuvttssys] rundll32.exe "yabawt.dll",s
mRun: [gedcbcsys] rundll32.exe "yabawt.dll",s
mRun: [hggefcsys] rundll32.exe "yabawt.dll",s
mRun: [qomjkhsys] rundll32.exe "yabawt.dll",s
mRun: [rqrolmsys] rundll32.exe "yabawt.dll",s
mRun: [kheeffsys] rundll32.exe "yabawt.dll",s
mRun: [jkhiffsys] rundll32.exe "yabawt.dll",s
mRun: [tutssqsys] rundll32.exe "yabawt.dll",s
mRun: [mlmjjisys] rundll32.exe "yabawt.dll",s
mRun: [gebbaasys] rundll32.exe "yabawt.dll",s
mRun: [urppnksys] rundll32.exe "yabawt.dll",s
mRun: [urssrqsys] rundll32.exe "yabawt.dll",s
mRun: [rqpnkksys] rundll32.exe "yabawt.dll",s
mRun: [mlkiigsys] rundll32.exe "yabawt.dll",s
mRun: [iihhedsys] rundll32.exe "yabawt.dll",s
mRun: [vttqrrsys] rundll32.exe "yabawt.dll",s
mRun: [ljgfcysys] rundll32.exe "yabawt.dll",s
mRun: [khgdaasys] rundll32.exe "yabawt.dll",s
mRun: [awwxyvsys] rundll32.exe "yabawt.dll",s
mRun: [opqomjsys] rundll32.exe "yabawt.dll",s
mRun: [wvwxursys] rundll32.exe "yabawt.dll",s
mRun: [cbbcaxsys] rundll32.exe "yabawt.dll",s
mRun: [fcbyywsys] rundll32.exe "yabawt.dll",s
mRun: [mlihhesys] rundll32.exe "yabawt.dll",s
mRun: [awtrrssys] rundll32.exe "yabawt.dll",s
mRun: [effcyysys] rundll32.exe "yabawt.dll",s
mRun: [iiihgfsys] rundll32.exe "yabawt.dll",s
mRun: [dddefdsys] rundll32.exe "yabawt.dll",s
mRun: [rqomlksys] rundll32.exe "yabawt.dll",s
mRun: [rqrppqsys] rundll32.exe "yabawt.dll",s
mRun: [fccabasys] rundll32.exe "yabawt.dll",s
mRun: [pmnnkhsys] rundll32.exe "yabawt.dll",s
mRun: [ddawxysys] rundll32.exe "yabawt.dll",s
mRun: [vtuvstsys] rundll32.exe "yabawt.dll",s
mRun: [bywwtqsys] rundll32.exe "yabawt.dll",s
mRun: [urpqrosys] rundll32.exe "yabawt.dll",s
mRun: [rqpooosys] rundll32.exe "yabawt.dll",s
mRun: [khiffgsys] rundll32.exe "yabawt.dll",s
mRun: [efcyaxsys] rundll32.exe "yabawt.dll",s
mRun: [iihiihsys] rundll32.exe "yabawt.dll",s
mRun: [ddbcyvsys] rundll32.exe "yabawt.dll",s
mRun: [nnmljjsys] rundll32.exe "yabawt.dll",s
mRun: [xxyvwusys] rundll32.exe "yabawt.dll",s
mRun: [khgeeesys] rundll32.exe "yabawt.dll",s
mRun: [opqpqnsys] rundll32.exe "yabawt.dll",s
mRun: [nnkkihsys] rundll32.exe "yabawt.dll",s
mRun: [hgddbxsys] rundll32.exe "yabawt.dll",s
mRun: [tuvsrpsys] rundll32.exe "yabawt.dll",s
mRun: [wvtsrssys] rundll32.exe "yabawt.dll",s
mRun: [efcaywsys] rundll32.exe "yabawt.dll",s
mRun: [fcbaxwsys] rundll32.exe "yabawt.dll",s
mRun: [fccyvtsys] rundll32.exe "yabawt.dll",s
mRun: [kheddcsys] rundll32.exe "yabawt.dll",s
mRun: [iiffgdsys] rundll32.exe "yabawt.dll",s
mRun: [fcyywwsys] rundll32.exe "yabawt.dll",s
mRun: [jkkkhisys] rundll32.exe "yabawt.dll",s
mRun: [tutrqnsys] rundll32.exe "yabawt.dll",s
mRun: [ssqpmnsys] rundll32.exe "yabawt.dll",s
mRun: [pmnoolsys] rundll32.exe "yabawt.dll",s
mRun: [ursrpnsys] rundll32.exe "yabawt.dll",s
mRun: [geedcdsys] rundll32.exe "yabawt.dll",s
mRun: [qonklisys] rundll32.exe "yabawt.dll",s
mRun: [pmkihisys] rundll32.exe "yabawt.dll",s
mRun: [bywxxusys] rundll32.exe "yabawt.dll",s
mRun: [ljkljgsys] rundll32.exe "yabawt.dll",s
mRun: [mlkhgdsys] rundll32.exe "yabawt.dll",s
mRun: [efdeecsys] rundll32.exe "yabawt.dll",s
mRun: [nnmmnnsys] rundll32.exe "yabawt.dll",s
mRun: [yaawwwsys] rundll32.exe "yabawt.dll",s
mRun: [pmlijksys] rundll32.exe "yabawt.dll",s
mRun: [urrsrpsys] rundll32.exe "yabawt.dll",s
mRun: [fcbxwtsys] rundll32.exe "yabawt.dll",s
mRun: [vtursssys] rundll32.exe "yabawt.dll",s
mRun: [awtqppsys] rundll32.exe "yabawt.dll",s
mRun: [nnklmlsys] rundll32.exe "yabawt.dll",s
mRun: [iiigecsys] rundll32.exe "yabawt.dll",s
mRun: [dddddasys] rundll32.exe "yabawt.dll",s
mRun: [gedcddsys] rundll32.exe "yabawt.dll",s
mRun: [rqoljhsys] rundll32.exe "yabawt.dll",s
mRun: [rqronnsys] rundll32.exe "yabawt.dll",s
mRun: [ljggefsys] rundll32.exe "yabawt.dll",s
mRun: [jkkllmsys] rundll32.exe "yabawt.dll",s
mRun: [jkhihgsys] rundll32.exe "yabawt.dll",s
mRun: [ssqqqrsys] rundll32.exe "yabawt.dll",s
mRun: [ursstrsys] rundll32.exe "yabawt.dll",s
mRun: [gebbcbsys] rundll32.exe "yabawt.dll",s
mRun: [rqpnmlsys] rundll32.exe "yabawt.dll",s
mRun: [iihhgesys] rundll32.exe "yabawt.dll",s
mRun: [nnmkhgsys] rundll32.exe "yabawt.dll",s
mRun: [wvvsqrsys] rundll32.exe "yabawt.dll",s
mRun: [khgdcbsys] rundll32.exe "yabawt.dll",s
mRun: [cbbccysys] rundll32.exe "yabawt.dll",s
mRun: [nnkjgesys] rundll32.exe "yabawt.dll",s
mRun: [wvtrppsys] rundll32.exe "yabawt.dll",s
mRun: [fcyxutsys] rundll32.exe "yabawt.dll",s
mRun: [effgedsys] rundll32.exe "yabawt.dll",s
mRun: [iiihigsys] rundll32.exe "yabawt.dll",s
mRun: [rqomnlsys] rundll32.exe "yabawt.dll",s
mRun: [ljghijsys] rundll32.exe "yabawt.dll",s
mRun: [nnoonosys] rundll32.exe "yabawt.dll",s
mRun: [geecaasys] rundll32.exe "yabawt.dll",s
mRun: [ursqnksys] rundll32.exe "yabawt.dll",s
mRun: [fccbyxsys] rundll32.exe "yabawt.dll",s
mRun: [pmkhffsys] rundll32.exe "yabawt.dll",s
mRun: [vtrsqosys] rundll32.exe "yabawt.dll",s
mRun: [hgdedesys] rundll32.exe "yabawt.dll",s
mRun: [vtuvuusys] rundll32.exe "yabawt.dll",s
mRun: [ssrqnosys] rundll32.exe "yabawt.dll",s
mRun: [jkjkhhsys] rundll32.exe "yabawt.dll",s
mRun: [nnmllksys] rundll32.exe "yabawt.dll",s
mRun: [wvvtuvsys] rundll32.exe "yabawt.dll",s
mRun: [ljigdesys] rundll32.exe "yabawt.dll",s
mRun: [urrrpmsys] rundll32.exe "yabawt.dll",s
mRun: [tuvstqsys] rundll32.exe "yabawt.dll",s
mRun: [nnkkkisys] rundll32.exe "yabawt.dll",s
mRun: [cbxustsys] rundll32.exe "yabawt.dll",s
mRun: [gedbbasys] rundll32.exe "yabawt.dll",s
mRun: [wvtsttsys] rundll32.exe "yabawt.dll",s
mRun: [ljgfccsys] rundll32.exe "yabawt.dll",s
mRun: [fccyxusys] rundll32.exe "yabawt.dll",s
mRun: [fcyyyxsys] rundll32.exe "yabawt.dll",s
mRun: [jkhhfdsys] rundll32.exe "yabawt.dll",s
mRun: [jkkkjjsys] rundll32.exe "yabawt.dll",s
mRun: [ssqpoosys] rundll32.exe "yabawt.dll",s
mRun: [qopqnlsys] rundll32.exe "yabawt.dll",s
mRun: [ursrrosys] rundll32.exe "yabawt.dll",s
mRun: [fcbyyasys] rundll32.exe "yabawt.dll",s
mRun: [cbbcabsys] rundll32.exe "yabawt.dll",s
mRun: [geedeesys] rundll32.exe "yabawt.dll",s
mRun: [pmkijjsys] rundll32.exe "yabawt.dll",s
mRun: [rqpmkisys] rundll32.exe "yabawt.dll",s
mRun: [ddbcbxsys] rundll32.exe "yabawt.dll",s
mRun: [ssrrrssys] rundll32.exe "yabawt.dll",s
mRun: [iihgebsys] rundll32.exe "yabawt.dll",s
mRun: [opoomnsys] rundll32.exe "yabawt.dll",s
mRun: [efcabysys] rundll32.exe "yabawt.dll",s
mRun: [hggebxsys] rundll32.exe "yabawt.dll",s
mRun: [urrstqsys] rundll32.exe "yabawt.dll",s
mRun: [fcbaaysys] rundll32.exe "yabawt.dll",s
mRun: [ljihhisys] rundll32.exe "yabawt.dll",s
mRun: [byyyvssys] rundll32.exe "yabawt.dll",s
mRun: [wvtqnmsys] rundll32.exe "yabawt.dll",s
mRun: [awtqrqsys] rundll32.exe "yabawt.dll",s
mRun: [wvwtrssys] rundll32.exe "yabawt.dll",s
mRun: [opmnllsys] rundll32.exe "yabawt.dll",s
mRun: [cbxvwxsys] rundll32.exe "yabawt.dll",s
mRun: [efcyabsys] rundll32.exe "yabawt.dll",s
mRun: [yaxvstsys] rundll32.exe "yabawt.dll",s
mRun: [efffcasys] rundll32.exe "yabawt.dll",s
mRun: [iiiggdsys] rundll32.exe "yabawt.dll",s
mRun: [rqollisys] rundll32.exe "yabawt.dll",s
mRun: [rqroposys] rundll32.exe "yabawt.dll",s
mRun: [nnonllsys] rundll32.exe "yabawt.dll",s
mRun: [ljggggsys] rundll32.exe "yabawt.dll",s
mRun: [jkhijhsys] rundll32.exe "yabawt.dll",s
mRun: [fccawusys] rundll32.exe "yabawt.dll",s
mRun: [vtrrolsys] rundll32.exe "yabawt.dll",s
mRun: [hgddbbsys] rundll32.exe "yabawt.dll",s
mRun: [vtuusrsys] rundll32.exe "yabawt.dll",s
mRun: [fcyaxxsys] rundll32.exe "yabawt.dll",s
mRun: [rqpnomsys] rundll32.exe "yabawt.dll",s
mRun: [efcayasys] rundll32.exe "yabawt.dll",s
mRun: [awuvsssys] rundll32.exe "yabawt.dll",s
mRun: [iihhifsys] rundll32.exe "yabawt.dll",s
mRun: [nnmkjhsys] rundll32.exe "yabawt.dll",s
mRun: [wvvssssys] rundll32.exe "yabawt.dll",s
mRun: [khgdecsys] rundll32.exe "yabawt.dll",s
mRun: [opopqrsys] rundll32.exe "yabawt.dll",s
mRun: [dddebysys] rundll32.exe "yabawt.dll",s
mRun: [nnkjifsys] rundll32.exe "yabawt.dll",s
mRun: [wvwuvwsys] rundll32.exe "yabawt.dll",s
mRun: [wvtrrqsys] rundll32.exe "yabawt.dll",s
mRun: [byvtstsys] rundll32.exe "yabawt.dll",s
mRun: [khecdasys] rundll32.exe "yabawt.dll",s
mRun: [yaxwwxsys] rundll32.exe "yabawt.dll",s
mRun: [jkhgdasys] rundll32.exe "yabawt.dll",s
mRun: [effggesys] rundll32.exe "yabawt.dll",s
mRun: [jkkjhgsys] rundll32.exe "yabawt.dll",s
mRun: [fcyxwusys] rundll32.exe "yabawt.dll",s
mRun: [ssqomlsys] rundll32.exe "yabawt.dll",s
mRun: [cbyvtusys] rundll32.exe "yabawt.dll",s
mRun: [nnooppsys] rundll32.exe "yabawt.dll",s
mRun: [sstrqrsys] rundll32.exe "yabawt.dll",s
mRun: [geeccbsys] rundll32.exe "yabawt.dll",s
mRun: [pmkhhgsys] rundll32.exe "yabawt.dll",s
mRun: [pmnklmsys] rundll32.exe "yabawt.dll",s
mRun: [vtuvwvsys] rundll32.exe "yabawt.dll",s
mRun: [hgdeffsys] rundll32.exe "yabawt.dll",s
mRun: [vtrsspsys] rundll32.exe "yabawt.dll",s
mRun: [ssrqppsys] rundll32.exe "yabawt.dll",s
mRun: [bywtuvsys] rundll32.exe "yabawt.dll",s
mRun: [ljkhghsys] rundll32.exe "yabawt.dll",s
mRun: [oponkksys] rundll32.exe "yabawt.dll",s
mRun: [jkjkjisys] rundll32.exe "yabawt.dll",s
mRun: [ljigffsys] rundll32.exe "yabawt.dll",s
mRun: [opmmjisys] rundll32.exe "yabawt.dll",s
mRun: [iiffcysys] rundll32.exe "yabawt.dll",s
mRun: [cbxuuusys] rundll32.exe "yabawt.dll",s
mRun: [xxvustsys] rundll32.exe "yabawt.dll",s
mRun: [ljgfedsys] rundll32.exe "yabawt.dll",s
mRun: [gedcyxsys] rundll32.exe "yabawt.dll",s
mRun: [nnomjisys] rundll32.exe "yabawt.dll",s
mRun: [jkkklksys] rundll32.exe "yabawt.dll",s
mRun: [jkhhhesys] rundll32.exe "yabawt.dll",s
mRun: [cbywxysys] rundll32.exe "yabawt.dll",s
mRun: [ssqpqpsys] rundll32.exe "yabawt.dll",s
mRun: [hggfdesys] rundll32.exe "yabawt.dll",s
mRun: [vtutqosys] rundll32.exe "yabawt.dll",s
mRun: [qopqpmsys] rundll32.exe "yabawt.dll",s
mRun: [cbbcccsys] rundll32.exe "yabawt.dll",s
mRun: [qomkijsys] rundll32.exe "yabawt.dll",s
mRun: [gebbxvsys] rundll32.exe "yabawt.dll",s
mRun: [rqpmmjsys] rundll32.exe "yabawt.dll",s
mRun: [mlmnkhsys] rundll32.exe "yabawt.dll",s
mRun: [nnmjhesys] rundll32.exe "yabawt.dll",s
mRun: [opoooosys] rundll32.exe "yabawt.dll",s
mRun: [fccyawsys] rundll32.exe "yabawt.dll",s
mRun: [vttusqsys] rundll32.exe "yabawt.dll",s
mRun: [wvwtttsys] rundll32.exe "yabawt.dll",s
mRun: [byvsqqsys] rundll32.exe "yabawt.dll",s
mRun: [wvtqpnsys] rundll32.exe "yabawt.dll",s
mRun: [yaxvuusys] rundll32.exe "yabawt.dll",s
mRun: [opmnnmsys] rundll32.exe "yabawt.dll",s
mRun: [efffebsys] rundll32.exe "yabawt.dll",s
mRun: [jkkifdsys] rundll32.exe "yabawt.dll",s
mRun: [fcywursys] rundll32.exe "yabawt.dll",s
mRun: [xxvvwxsys] rundll32.exe "yabawt.dll",s
mRun: [sstqoosys] rundll32.exe "yabawt.dll",s
mRun: [mliifgsys] rundll32.exe "yabawt.dll",s
mRun: [ssqnkisys] rundll32.exe "yabawt.dll",s
mRun: [nnonnmsys] rundll32.exe "yabawt.dll",s
mRun: [tussrssys] rundll32.exe "yabawt.dll",s
mRun: [fccayvsys] rundll32.exe "yabawt.dll",s
mRun: [hgdddcsys] rundll32.exe "yabawt.dll",s
mRun: [cbbyvtsys] rundll32.exe "yabawt.dll",s
mRun: [hggghisys] rundll32.exe "yabawt.dll",s
mRun: [vtuuussys] rundll32.exe "yabawt.dll",s
mRun: [ssrpnmsys] rundll32.exe "yabawt.dll",s
mRun: [qomlmnsys] rundll32.exe "yabawt.dll",s
mRun: [awuvutsys] rundll32.exe "yabawt.dll",s
mRun: [nnmklisys] rundll32.exe "yabawt.dll",s
mRun: [jkjjhfsys] rundll32.exe "yabawt.dll",s
mRun: [khijgfsys] rundll32.exe "yabawt.dll",s
mRun: [xxxurssys] rundll32.exe "yabawt.dll",s
mRun: [ljifdcsys] rundll32.exe "yabawt.dll",s
mRun: [ddbcbbsys] rundll32.exe "yabawt.dll",s
mRun: [xxvtqqsys] rundll32.exe "yabawt.dll",s
mRun: [byvtuusys] rundll32.exe "yabawt.dll",s
mRun: [ljgecasys] rundll32.exe "yabawt.dll",s
mRun: [byyawtsys] rundll32.exe "yabawt.dll",s
mRun: [jkkjjhsys] rundll32.exe "yabawt.dll",s
mRun: [fcyxyvsys] rundll32.exe "yabawt.dll",s
mRun: [cbyvvvsys] rundll32.exe "yabawt.dll",s
mRun: [mlijjksys] rundll32.exe "yabawt.dll",s
mRun: [opqqopsys] rundll32.exe "yabawt.dll",s
mRun: [efcabcsys] rundll32.exe "yabawt.dll",s
mRun: [sstrsssys] rundll32.exe "yabawt.dll",s
mRun: [ssqoomsys] rundll32.exe "yabawt.dll",s
mRun: [hggebbsys] rundll32.exe "yabawt.dll",s
mRun: [qomjggsys] rundll32.exe "yabawt.dll",s
mRun: [iifgefsys] rundll32.exe "yabawt.dll",s
mRun: [wvturpsys] rundll32.exe "yabawt.dll",s
mRun: [ssrqrqsys] rundll32.exe "yabawt.dll",s
mRun: [ljkhiisys] rundll32.exe "yabawt.dll",s
mRun: [qonljksys] rundll32.exe "yabawt.dll",s
mRun: [oponmlsys] rundll32.exe "yabawt.dll",s
mRun: [jkjkljsys] rundll32.exe "yabawt.dll",s
mRun: [xxxvvwsys] rundll32.exe "yabawt.dll",s
mRun: [vtttqnsys] rundll32.exe "yabawt.dll",s
mRun: [ljighgsys] rundll32.exe "yabawt.dll",s
mRun: [hgffddsys] rundll32.exe "yabawt.dll",s
mRun: [khedbysys] rundll32.exe "yabawt.dll",s
mRun: [yaxusrsys] rundll32.exe "yabawt.dll",s
mRun: [opmmljsys] rundll32.exe "yabawt.dll",s
mRun: [pmlmkjsys] rundll32.exe "yabawt.dll",s
mRun: [xxvuuusys] rundll32.exe "yabawt.dll",s
mRun: [efcyvvsys] rundll32.exe "yabawt.dll",s
mRun: [nnomljsys] rundll32.exe "yabawt.dll",s
mRun: [ljgfgesys] rundll32.exe "yabawt.dll",s
mRun: [awwxuusys] rundll32.exe "yabawt.dll",s
mRun: [dddaxysys] rundll32.exe "yabawt.dll",s
mRun: [tusrppsys] rundll32.exe "yabawt.dll",s
mRun: [opqrstsys] rundll32.exe "yabawt.dll",s
mRun: [vtutspsys] rundll32.exe "yabawt.dll",s
mRun: [hggfffsys] rundll32.exe "yabawt.dll",s
mRun: [dddebcsys] rundll32.exe "yabawt.dll",s
mRun: [qomkkksys] rundll32.exe "yabawt.dll",s
mRun: [ssroljsys] rundll32.exe "yabawt.dll",s
mRun: [efdecysys] rundll32.exe "yabawt.dll",s
mRun: [tuttstsys] rundll32.exe "yabawt.dll",s
mRun: [awuusqsys] rundll32.exe "yabawt.dll",s
mRun: [urpqnnsys] rundll32.exe "yabawt.dll",s
mRun: [jkjifcsys] rundll32.exe "yabawt.dll",s
mRun: [qonmnosys] rundll32.exe "yabawt.dll",s
mRun: [mlkjijsys] rundll32.exe "yabawt.dll",s
mRun: [vttuursys] rundll32.exe "yabawt.dll",s
mRun: [byvssrsys] rundll32.exe "yabawt.dll",s
mRun: [byyvwxsys] rundll32.exe "yabawt.dll",s
mRun: [wvtqrosys] rundll32.exe "yabawt.dll",s
mRun: [xxyvstsys] rundll32.exe "yabawt.dll",s
mRun: [yaxvwvsys] rundll32.exe "yabawt.dll",s
mRun: [jkkihesys] rundll32.exe "yabawt.dll",s
mRun: [gebbaxsys] rundll32.exe "yabawt.dll",s
mRun: [opqpmmsys] rundll32.exe "yabawt.dll",s
mRun: [mliihhsys] rundll32.exe "yabawt.dll",s
mRun: [sstqqpsys] rundll32.exe "yabawt.dll",s
mRun: [ssqnmjsys] rundll32.exe "yabawt.dll",s
mRun: [tussttsys] rundll32.exe "yabawt.dll",s
mRun: [iiffccsys] rundll32.exe "yabawt.dll",s
mRun: [cbbyxusys] rundll32.exe "yabawt.dll",s
mRun: [ssrppnsys] rundll32.exe "yabawt.dll",s
mRun: [vtropqsys] rundll32.exe "yabawt.dll",s
mRun: [khgdaxsys] rundll32.exe "yabawt.dll",s
mRun: [qonkhhsys] rundll32.exe "yabawt.dll",s
mRun: [opomkisys] rundll32.exe "yabawt.dll",s
mRun: [jkjjjgsys] rundll32.exe "yabawt.dll",s
mRun: [awuvwusys] rundll32.exe "yabawt.dll",s
mRun: [khijigsys] rundll32.exe "yabawt.dll",s
mRun: [efdawxsys] rundll32.exe "yabawt.dll",s
mRun: [xxxuttsys] rundll32.exe "yabawt.dll",s
mRun: [ljiffdsys] rundll32.exe "yabawt.dll",s
mRun: [hgfebasys] rundll32.exe "yabawt.dll",s
mRun: [ddbcdcsys] rundll32.exe "yabawt.dll",s
mRun: [opmljgsys] rundll32.exe "yabawt.dll",s
mRun: [pmlligsys] rundll32.exe "yabawt.dll",s
mRun: [xxywwxsys] rundll32.exe "yabawt.dll",s
mRun: [xxvtsrsys] rundll32.exe "yabawt.dll",s
mRun: [fccabxsys] rundll32.exe "yabawt.dll",s
mRun: [nnoljgsys] rundll32.exe "yabawt.dll",s
mRun: [ljgeebsys] rundll32.exe "yabawt.dll",s
mRun: [gedbyvsys] rundll32.exe "yabawt.dll",s
mRun: [tusqnmsys] rundll32.exe "yabawt.dll",s
mRun: [tuvtrssys] rundll32.exe "yabawt.dll",s
mRun: [opqqqqsys] rundll32.exe "yabawt.dll",s
mRun: [fccyaasys] rundll32.exe "yabawt.dll",s
mRun: [hggedcsys] rundll32.exe "yabawt.dll",s
mRun: [cbbbcasys] rundll32.exe "yabawt.dll",s
mRun: [qopmmnsys] rundll32.exe "yabawt.dll",s
mRun: [qomjihsys] rundll32.exe "yabawt.dll",s
mRun: [wvtutqsys] rundll32.exe "yabawt.dll",s
mRun: [iifgggsys] rundll32.exe "yabawt.dll",s
mRun: [tutsqqsys] rundll32.exe "yabawt.dll",s
mRun: [ursspqsys] rundll32.exe "yabawt.dll",s
mRun: [awutqnsys] rundll32.exe "yabawt.dll",s
mRun: [mlmjhisys] rundll32.exe "yabawt.dll",s
mRun: [qonlllsys] rundll32.exe "yabawt.dll",s
mRun: [oponomsys] rundll32.exe "yabawt.dll",s
mRun: [hgfffesys] rundll32.exe "yabawt.dll",s
mRun: [mlkiggsys] rundll32.exe "yabawt.dll",s
mRun: [opmmnksys] rundll32.exe "yabawt.dll",s
mRun: [yaxuussys] rundll32.exe "yabawt.dll",s
mRun: [efcyxwsys] rundll32.exe "yabawt.dll",s
mRun: [pmlmmksys] rundll32.exe "yabawt.dll",s
mRun: [fcbywwsys] rundll32.exe "yabawt.dll",s
mRun: [mlihfesys] rundll32.exe "yabawt.dll",s
mRun: [awtuspsys] rundll32.exe "yabawt.dll",s
mRun: [awwxwvsys] rundll32.exe "yabawt.dll",s
mRun: [nnomnksys] rundll32.exe "yabawt.dll",s
mRun: [tusrrqsys] rundll32.exe "yabawt.dll",s
mRun: [tuvuvwsys] rundll32.exe "yabawt.dll",s
mRun: [dddeddsys] rundll32.exe "yabawt.dll",s
mRun: [yabccasys] rundll32.exe "yabawt.dll",s
mRun: [rqrsqnsys] rundll32.exe "yabawt.dll",s
mRun: [hgdcdasys] rundll32.exe "yabawt.dll",s
mRun: [iiihefsys] rundll32.exe "yabawt.dll",s
mRun: [rqomjksys] rundll32.exe "yabawt.dll",s
mRun: [ssronksys] rundll32.exe "yabawt.dll",s
mRun: [tuttuusys] rundll32.exe "yabawt.dll",s
mRun: [awuuursys] rundll32.exe "yabawt.dll",s
mRun: [ursttusys] rundll32.exe "yabawt.dll",s
mRun: [mlmklmsys] rundll32.exe "yabawt.dll",s
mRun: [opolifsys] rundll32.exe "yabawt.dll",s
mRun: [urpqposys] rundll32.exe "yabawt.dll",s
mRun: [khiigdsys] rundll32.exe "yabawt.dll",s
mRun: [mlkjkksys] rundll32.exe "yabawt.dll",s
mRun: [iihighsys] rundll32.exe "yabawt.dll",s
mRun: [wvvwtrsys] rundll32.exe "yabawt.dll",s
mRun: [xxvsqosys] rundll32.exe "yabawt.dll",s
mRun: [xxyvuusys] rundll32.exe "yabawt.dll",s
mRun: [gebbcysys] rundll32.exe "yabawt.dll",s
mRun: [opqponsys] rundll32.exe "yabawt.dll",s
mRun: [mliijisys] rundll32.exe "yabawt.dll",s
mRun: [tuvsppsys] rundll32.exe "yabawt.dll",s
mRun: [efcawwsys] rundll32.exe "yabawt.dll",s
mRun: [khedbcsys] rundll32.exe "yabawt.dll",s
mRun: [iiiiijsys] rundll32.exe "yabawt.dll",s
mRun: [iiffedsys] rundll32.exe "yabawt.dll",s
mRun: [tutronsys] rundll32.exe "yabawt.dll",s
mRun: [rqonnosys] rundll32.exe "yabawt.dll",s
mRun: [pmklifsys] rundll32.exe "yabawt.dll",s
mRun: [pmnomlsys] rundll32.exe "yabawt.dll",s
mRun: [qonkjisys] rundll32.exe "yabawt.dll",s
mRun: [khgdcysys] rundll32.exe "yabawt.dll",s
mRun: [opommjsys] rundll32.exe "yabawt.dll",s
mRun: [bywxvusys] rundll32.exe "yabawt.dll",s
mRun: [xxxuvusys] rundll32.exe "yabawt.dll",s
mRun: [efdayysys] rundll32.exe "yabawt.dll",s
mRun: [khijkhsys] rundll32.exe "yabawt.dll",s
mRun: [hgfedbsys] rundll32.exe "yabawt.dll",s
mRun: [mlkhedsys] rundll32.exe "yabawt.dll",s
mRun: [efdeccsys] rundll32.exe "yabawt.dll",s
mRun: [pmllkhsys] rundll32.exe "yabawt.dll",s
mRun: [xxvtussys] rundll32.exe "yabawt.dll",s
mRun: [fcbxutsys] rundll32.exe "yabawt.dll",s
mRun: [mligdbsys] rundll32.exe "yabawt.dll",s
mRun: [urrsppsys] rundll32.exe "yabawt.dll",s
mRun: [geecaxsys] rundll32.exe "yabawt.dll",s
mRun: [awwwussys] rundll32.exe "yabawt.dll",s
mRun: [cbxyvtsys] rundll32.exe "yabawt.dll",s
mRun: [cbbyawsys] rundll32.exe "yabawt.dll",s
mRun: [tuvtttsys] rundll32.exe "yabawt.dll",s
mRun: [nnklklsys] rundll32.exe "yabawt.dll",s
mRun: [tusqpnsys] rundll32.exe "yabawt.dll",s
mRun: [hggefdsys] rundll32.exe "yabawt.dll",s
mRun: [ddddbasys] rundll32.exe "yabawt.dll",s
mRun: [qomjkisys] rundll32.exe "yabawt.dll",s
mRun: [kheefgsys] rundll32.exe "yabawt.dll",s
mRun: [jkhifgsys] rundll32.exe "yabawt.dll",s
mRun: [tutssrsys] rundll32.exe "yabawt.dll",s
mRun: [mlmjjjsys] rundll32.exe "yabawt.dll",s
mRun: [urssrrsys] rundll32.exe "yabawt.dll",s
mRun: [urppnlsys] rundll32.exe "yabawt.dll",s
mRun: [gebbabsys] rundll32.exe "yabawt.dll",s
mRun: [rqpnklsys] rundll32.exe "yabawt.dll",s
mRun: [iihheesys] rundll32.exe "yabawt.dll",s
mRun: [gedbbxsys] rundll32.exe "yabawt.dll",s
mRun: [mlkiihsys] rundll32.exe "yabawt.dll",s
mRun: [vttqrssys] rundll32.exe "yabawt.dll",s
mRun: [khgdabsys] rundll32.exe "yabawt.dll",s
mRun: [awwxywsys] rundll32.exe "yabawt.dll",s
mRun: [wvwxussys] rundll32.exe "yabawt.dll",s
mRun: [opqomksys] rundll32.exe "yabawt.dll",s
mRun: [mlihhfsys] rundll32.exe "yabawt.dll",s
mRun: [cbbcaysys] rundll32.exe "yabawt.dll",s
mRun: [fcbyyxsys] rundll32.exe "yabawt.dll",s
mRun: [dddefesys] rundll32.exe "yabawt.dll",s
mRun: [iiihggsys] rundll32.exe "yabawt.dll",s
mRun: [iifecasys] rundll32.exe "yabawt.dll",s
mRun: [rqomllsys] rundll32.exe "yabawt.dll",s
mRun: [fccabbsys] rundll32.exe "yabawt.dll",s
mRun: [pmnnkisys] rundll32.exe "yabawt.dll",s
mRun: [urpqrpsys] rundll32.exe "yabawt.dll",s
mRun: [bywwtrsys] rundll32.exe "yabawt.dll",s
mRun: [rqpoopsys] rundll32.exe "yabawt.dll",s
mRun: [efcyaysys] rundll32.exe "yabawt.dll",s
mRun: [wvvwvssys] rundll32.exe "yabawt.dll",s
mRun: [iihiiisys] rundll32.exe "yabawt.dll",s
mRun: [nnmljksys] rundll32.exe "yabawt.dll",s
mRun: [ddbcywsys] rundll32.exe "yabawt.dll",s
mRun: [xxyvwvsys] rundll32.exe "yabawt.dll",s
mRun: [xxvsspsys] rundll32.exe "yabawt.dll",s
mRun: [khgeefsys] rundll32.exe "yabawt.dll",s
mRun: [awwvspsys] rundll32.exe "yabawt.dll",s
mRun: [tuvsrqsys] rundll32.exe "yabawt.dll",s
mRun: [hgddbysys] rundll32.exe "yabawt.dll",s
mRun: [tuspnksys] rundll32.exe "yabawt.dll",s
mRun: [opqpqosys] rundll32.exe "yabawt.dll",s
mRun: [nnkkiisys] rundll32.exe "yabawt.dll",s
mRun: [hggddasys] rundll32.exe "yabawt.dll",s
mRun: [efcayxsys] rundll32.exe "yabawt.dll",s
mRun: [khedddsys] rundll32.exe "yabawt.dll",s
mRun: [fcbaxxsys] rundll32.exe "yabawt.dll",s
mRun: [cbbbxusys] rundll32.exe "yabawt.dll",s
mRun: [fccyvusys] rundll32.exe "yabawt.dll",s
mRun: [fcyywxsys] rundll32.exe "yabawt.dll",s
mRun: [iiffgesys] rundll32.exe "yabawt.dll",s
mRun: [tutrqosys] rundll32.exe "yabawt.dll",s
mRun: [ursrposys] rundll32.exe "yabawt.dll",s
mRun: [pmnoomsys] rundll32.exe "yabawt.dll",s
mRun: [urpolisys] rundll32.exe "yabawt.dll",s
mRun: [qonkljsys] rundll32.exe "yabawt.dll",s
mRun: [bywxxvsys] rundll32.exe "yabawt.dll",s
mRun: [ljkljhsys] rundll32.exe "yabawt.dll",s
mRun: [mlkhgesys] rundll32.exe "yabawt.dll",s
mRun: [hgfefcsys] rundll32.exe "yabawt.dll",s
mRun: [efdeedsys] rundll32.exe "yabawt.dll",s
mRun: [nnmmnosys] rundll32.exe "yabawt.dll",s
mRun: [yaawwxsys] rundll32.exe "yabawt.dll",s
mRun: [opqnkhsys] rundll32.exe "yabawt.dll",s
mRun: [fcbxwusys] rundll32.exe "yabawt.dll",s
mRun: [mligfcsys] rundll32.exe "yabawt.dll",s
mRun: [urrsrqsys] rundll32.exe "yabawt.dll",s
mRun: [geeccysys] rundll32.exe "yabawt.dll",s
mRun: [awwwwtsys] rundll32.exe "yabawt.dll",s
mRun: [vturstsys] rundll32.exe "yabawt.dll",s
mRun: [awtqpqsys] rundll32.exe "yabawt.dll",s
mRun: [cbxyxusys] rundll32.exe "yabawt.dll",s
mRun: [tusqrosys] rundll32.exe "yabawt.dll",s
mRun: [nnklmmsys] rundll32.exe "yabawt.dll",s
mRun: [dddddbsys] rundll32.exe "yabawt.dll",s
mRun: [iiigedsys] rundll32.exe "yabawt.dll",s
mRun: [gedcdesys] rundll32.exe "yabawt.dll",s
mRun: [rqoljisys] rundll32.exe "yabawt.dll",s
mRun: [rqronosys] rundll32.exe "yabawt.dll",s
mRun: [jkhihhsys] rundll32.exe "yabawt.dll",s
mRun: [gebbccsys] rundll32.exe "yabawt.dll",s
mRun: [ursstssys] rundll32.exe "yabawt.dll",s
mRun: [urpppmsys] rundll32.exe "yabawt.dll",s
mRun: [rqpnmmsys] rundll32.exe "yabawt.dll",s
mRun: [iihhgfsys] rundll32.exe "yabawt.dll",s
mRun: [nnmkhhsys] rundll32.exe "yabawt.dll",s
mRun: [khgdccsys] rundll32.exe "yabawt.dll",s
mRun: [wvwxwtsys] rundll32.exe "yabawt.dll",s
mRun: [nnkjgfsys] rundll32.exe "yabawt.dll",s
mRun: [byvwtqsys] rundll32.exe "yabawt.dll",s
mRun: [opqoolsys] rundll32.exe "yabawt.dll",s
mRun: [wvtrpqsys] rundll32.exe "yabawt.dll",s
mRun: [khecbasys] rundll32.exe "yabawt.dll",s
mRun: [fcyxuusys] rundll32.exe "yabawt.dll",s
mRun: [effgeesys] rundll32.exe "yabawt.dll",s
mRun: [ssturosys] rundll32.exe "yabawt.dll",s
mRun: [iiihihsys] rundll32.exe "yabawt.dll",s
mRun: [iifeebsys] rundll32.exe "yabawt.dll",s
mRun: [tutqolsys] rundll32.exe "yabawt.dll",s
mRun: [rqomnmsys] rundll32.exe "yabawt.dll",s
mRun: [geecabsys] rundll32.exe "yabawt.dll",s
mRun: [pmnnmjsys] rundll32.exe "yabawt.dll",s
mRun: [ursqnlsys] rundll32.exe "yabawt.dll",s
mRun: [fccbyysys] rundll32.exe "yabawt.dll",s
mRun: [pmkhfgsys] rundll32.exe "yabawt.dll",s
mRun: [cbbyaasys] rundll32.exe "yabawt.dll",s
mRun: [vtrsqpsys] rundll32.exe "yabawt.dll",s
mRun: [vtuvuvsys] rundll32.exe "yabawt.dll",s
mRun: [bywwvssys] rundll32.exe "yabawt.dll",s
mRun: [ljkkhesys] rundll32.exe "yabawt.dll",s
mRun: [efddcasys] rundll32.exe "yabawt.dll",s
mRun: [nnmlllsys] rundll32.exe "yabawt.dll",s
mRun: [jkjkhisys] rundll32.exe "yabawt.dll",s
mRun: [urrrpnsys] rundll32.exe "yabawt.dll",s
mRun: [tuvstrsys] rundll32.exe "yabawt.dll",s
mRun: [nnkkkjsys] rundll32.exe "yabawt.dll",s
mRun: [byyabasys] rundll32.exe "yabawt.dll",s
mRun: [gedbbbsys] rundll32.exe "yabawt.dll",s
mRun: [wvtstusys] rundll32.exe "yabawt.dll",s
mRun: [iiifcasys] rundll32.exe "yabawt.dll",s
mRun: [fccyxvsys] rundll32.exe "yabawt.dll",s
mRun: [ljgfcdsys] rundll32.exe "yabawt.dll",s
mRun: [jkhhfesys] rundll32.exe "yabawt.dll",s
mRun: [jkkkjksys] rundll32.exe "yabawt.dll",s
mRun: [tutsposys] rundll32.exe "yabawt.dll",s
mRun: [rqooopsys] rundll32.exe "yabawt.dll",s
mRun: [mlmjggsys] rundll32.exe "yabawt.dll",s
mRun: [qonlkjsys] rundll32.exe "yabawt.dll",s
dRun: [qoppopsys] rundll32.exe "yabawt.dll",s
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\acroba~1.lnk - c:\program files\adobe\acrobat 6.0\distillr\acrotray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\dellne~1.lnk - c:\windows\installer\{0240bdfb-2995-4a3f-8c96-18d41282b716}\Icon0240BDFB3.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~2.lnk - c:\program files\common files\intuit\quickbooks\qbwebconnector\QBWebConnector.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} - hxxp://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://photo2.walgreens.com/WalgreensActivia.cab
DPF: {40F8967E-34A6-474A-837A-CEC1E7DAC54C} - hxxps://accounting.quickbooks.com/c9/v16.548/qboax9.cab
DPF: {474F00F5-3853-492C-AC3A-476512BBC336} - hxxp://picasaweb.google.com/s/v/55.16/uploader2.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
DPF: {58FC4C77-71C2-4972-A8CD-78691AD85158} - hxxp://www.worldwinner.com/games/v63/bjattack/bja.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {843EE768-3A97-455C-9076-741BA3AD7B62} - hxxps://accounting.quickbooks.com/c9/v20.131/qboax10.cab
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {8CE3BAE6-AB66-40B6-9019-41E5282FF1E2} - hxxps://accounting.quickbooks.com/c1/v12.318/qboax8.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} - hxxp://www.worldwinner.com/games/v57/wof/wof.cab
DPF: {C5C02C87-534E-4BCD-A007-54975CF8BBAF} - hxxps://achweb.carolinetools.com/COM/MOVEitUploadWizard3.4.2.ocx
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://tlr.webex.com/client/T26L/training/ieatgpc.cab
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
Handler: g7ps - {9EACF0FB-4FC7-436E-989B-3197142AD979} - c:\program files\common files\g7ps\shared files\g7psdll\G7PS.dll
Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - c:\program files\intuit\quickbooks 2008\HelpAsyncPluggableProtocol.dll
Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - c:\program files\intuit\quickbooks 2009\HelpAsyncPluggableProtocol.dll
Handler: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - c:\program files\intuit\quickbooks 2010\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - c:\windows\system32\mscoree.dll
Notify: igfxcui - igfxdev.dll
Notify: LBTWlgn - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
Hosts: 127.0.0.1 www.spywareinfo.com

============= SERVICES / DRIVERS ===============

R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2009-2-12 108392]
R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2009-2-12 108392]
R2 Symantec AntiVirus;Symantec Endpoint Protection;c:\program files\symantec\symantec endpoint protection\Rtvscan.exe [2009-4-22 1768376]
S1 SASDIFSV;SASDIFSV;c:\docume~1\peggy\locals~1\temp\superantispyware\SASDIFSV.SYS [2010-10-3 12872]
S1 SASKUTIL;SASKUTIL;\??\c:\docume~1\peggy\locals~1\temp\superantispyware\saskutil.sys --> c:\docume~1\peggy\locals~1\temp\superantispyware\SASKUTIL.SYS [?]
S2 psqlWGE;Pervasive PSQL Workgroup Engine;c:\program files\pervasive software\psql\bin\w3dbsmgr.exe [2007-9-5 455968]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2008-11-18 23888]
S3 DG;DG;c:\docume~1\peggy\locals~1\temp\DG.exe [2010-10-3 428928]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-9-30 102448]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-9-30 38224]
S3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20101003.002\NAVENG.SYS [2010-10-3 86064]
S3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20101003.002\NAVEX15.SYS [2010-10-3 1371184]
S3 Peachtree SmartPosting 2009;Peachtree SmartPosting 2009;c:\program files\sage software\peachtree\SmartPostingService2009.exe [2008-5-3 49152]
S4 QuickBooksDB17;QuickBooksDB17;c:\progra~1\intuit\quickb~3\qbdbmgrn.exe -hvquickbooksdb17 --> c:\progra~1\intuit\quickb~3\QBDBMgrN.exe -hvQuickBooksDB17 [?]
S4 QuickBooksDB20;QuickBooksDB20;c:\progra~1\intuit\quc2c1~1\qbdbmgrn.exe -hvquickbooksdb20 --> c:\progra~1\intuit\quc2c1~1\QBDBMgrN.exe -hvQuickBooksDB20 [?]

=============== Created Last 30 ================

2010-10-04 05:13:51 0 ----a-w- c:\documents and settings\administrator\defogger_reenable
2010-10-04 05:11:00 525824 ----a-w- C:\dds.scr
2010-10-04 05:10:48 50477 ----a-w- C:\Defogger.exe
2010-10-04 02:16:56 0 d-----w- c:\windows\ccleaner
2010-10-03 23:24:47 0 d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2010-09-30 15:30:05 5998 ----a-w- C:\RUN.reg
2010-09-30 14:36:23 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2010-09-30 14:36:23 60800 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-09-30 14:36:23 123952 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-09-30 14:36:23 10671 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2010-09-30 13:34:12 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-09-30 13:34:09 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-09-30 13:34:09 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-09-30 12:53:50 0 d-sha-r- C:\cmdcons
2010-09-30 04:10:18 0 d-----w- c:\windows\system32\appmgmt
2010-09-20 13:52:27 0 d-----w- c:\docume~1\alluse~1\applic~1\AMMYY
2010-09-20 13:16:23 301656 ----a-w- c:\windows\system32\BtCoreIf.dll
2010-09-19 20:07:25 0 d-----w- c:\docume~1\admini~1\applic~1\Malwarebytes
2010-09-19 20:05:37 3858414 ----a-r- C:\ComboFix.exe
2010-09-14 20:58:54 0 d-----w- c:\program files\Spybot - Search & Destroy
2010-09-14 20:58:54 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2010-09-14 20:23:42 0 d-----w- c:\program files\ESET
2010-09-14 20:08:41 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-09-13 20:01:04 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe
2010-09-13 18:22:46 0 d-----w- C:\asdf
2010-09-13 17:59:46 0 d-----w- C:\found.003
2010-09-13 17:51:36 0 d-----w- c:\windows\pss
2010-09-13 17:42:46 0 d-sh--w- c:\documents and settings\administrator\PrivacIE
2010-09-13 17:42:45 0 d-sh--w- c:\documents and settings\administrator\IECompatCache
2010-09-13 17:39:41 0 d-sh--w- c:\documents and settings\administrator\IETldCache
2010-09-13 13:12:21 0 d-----w- C:\found.002
2010-09-08 18:34:34 0 d-----w- C:\MDT

==================== Find3M ====================

2010-09-11 02:32:20 167936 ----a-w- c:\windows\system32\drivers\WpsHelper.sys
2010-08-17 13:17:06 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-17 13:17:06 58880 ------w- c:\windows\system32\dllcache\spoolsv.exe
2010-07-27 06:30:35 8462336 ------w- c:\windows\system32\dllcache\shell32.dll
2010-07-22 15:49:15 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-22 15:49:15 590848 ------w- c:\windows\system32\dllcache\rpcrt4.dll
2010-07-22 05:57:20 5120 ----a-w- c:\windows\system32\xpsp4res.dll

============= FINISH: 1:16:09.70 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:02:17 AM

Posted 11 October 2010 - 09:01 AM

Hi,

If help still needed post fresh dds.txt log. Post also c:\ComboFix.txt file contents if the file is present. You shouldn't run ComboFix without guiding!

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.


#3 Blade81

Blade81

    Bleepin' Rocker


  • Malware Response Team
  • 6,465 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Finland
  • Local time:02:17 AM

Posted 23 October 2010 - 04:19 AM

Due to inactivity, this thread will now be closed. Should you have the same or a new issue, please start a New Topic.

Microsoft Windows Insider MVP 2016-2017

Microsoft MVP Consumer Security 2008-2015
UNITE member since 2006
unite_blue.png

Provided malware removal related instructions are meant to be used in the correspondent user's case only. If you have similar symptoms create own topic instead of following instructions given to some other, please.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users