Top 10 virus alerts
Testimonials
Dear Exterminate It,
I just wanted to take a moment to say thank you.
Your response and the update has fixed my problem.
I have spent several weeks fiddling around trying to resolve it, and could not and my previous Anti-Virus program could find it but not fix it.
THANK YOU, THANK YOU, THANK YOU!!!
Sincerely yours,
David S. B.
Bountiful, Utah
David S. B.
Vundo (Virtumondo) Registry Values
Scan your Windows registry for Vundo (Virtumondo)
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSDRV=NetFilter.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, razenafula=Rundll32.exe "[%SYSTEM%]\sutuyape.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\pmnkKdBt.dll,#1
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Icon Text Manager=[%SYSTEM%]\Icon Text Manager.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, reader_s=[%SYSTEM%]\reader_s.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar, {12F02779-6D88-4958-8AD3-83C12D86ADC7}=00
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {ca4f0d8d-5f2b-4f16-838a-8d52249eab21}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {73f24b2f-4f7a-4bc2-a685-0333c49d1042}=
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F1E14CECD.exe=[%PROFILE_TEMP%]\_A00F1E14CECD.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F1E14C84F.exe=[%PROFILE_TEMP%]\_A00F1E14C84F.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMbbd1a796=Rundll32.exe "[%SYSTEM%]\zuwupima.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, b8e2940a=rundll32.exe "[%SYSTEM%]\wamejulu.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, waberifozo=Rundll32.exe "[%SYSTEM%]\tipigawi.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\vtUmNHYQ.dll,#1
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F3857BA9.exe=[%PROFILE_TEMP%]\_A00F3857BA9.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM37c9e8f3=Rundll32.exe "[%COMMON_APPDATA%]\jevasowa\jevasowa.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM37c9e8f3=Rundll32.exe "[%COMMON_APPDATA%]\jevasowa\jevasowa.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 34fadb6f=rundll32.exe "[%COMMON_APPDATA%]\godidusa\godidusa.dll",b
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, rayasarepa=Rundll32.exe "[%COMMON_APPDATA%]\yohajizi\yohajizi.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\hofofazo.dll [%PROFILE_TEMP%]\915015328mxx.dll [%SYSTEM%]\yunukino.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ruhagikupa=Rundll32.exe "[%SYSTEM%]\wipidahe.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, fezanimalo=Rundll32.exe "[%SYSTEM%]\jusudoze.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, RemoteControl=[%SYSTEM%]\rmctrl.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {DC6BE1D5-9B83-4C75-ACEB-900781D28611}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {6588B41B-D14A-4B61-BA0B-B6F70F054292}=
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F17129D.exe=[%PROFILE_TEMP%]\_A00F17129D.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F4EF0F.exe=[%PROFILE_TEMP%]\_A00F4EF0F.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F56F9A.exe=[%PROFILE_TEMP%]\_A00F56F9A.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F1AEC84.exe=[%PROFILE_TEMP%]\_A00F1AEC84.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F6E52E5A.exe=[%PROFILE_TEMP%]\_A00F6E52E5A.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F5C546BD.exe=[%PROFILE_TEMP%]\_A00F5C546BD.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F5884D0F.exe=[%PROFILE_TEMP%]\_A00F5884D0F.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F5703601.exe=[%PROFILE_TEMP%]\_A00F5703601.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F4585C86.exe=[%PROFILE_TEMP%]\_A00F4585C86.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F1C827D1.exe=[%PROFILE_TEMP%]\_A00F1C827D1.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F7B69DF.exe=[%PROFILE_TEMP%]\_A00F7B69DF.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F20D313.exe=[%PROFILE_TEMP%]\_A00F20D313.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00FAC5D0.exe=[%PROFILE_TEMP%]\_A00FAC5D0.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F576CD.exe=[%PROFILE_TEMP%]\_A00F576CD.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {52043e63-f814-41bb-a8b8-a35474c6c1bd}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM1f1f599f=Rundll32.exe "[%SYSTEM%]\javohiwo.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\piyiliwa.dll [%SYSTEM%]\wefolobo.dll [%SYSTEM%]\pefedamu.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM7f902aa4=Rundll32.exe "[%SYSTEM%]\pefedamu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, seloyomare=Rundll32.exe "[%SYSTEM%]\tajokigu.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, d86f29fc=rundll32.exe "[%SYSTEM%]\cfuuasfh.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BMdb5c1a60=Rundll32.exe "[%SYSTEM%]\bdawrmld.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\piyiliwa.dll [%SYSTEM%]\wefolobo.dll [%SYSTEM%]\dehokiju.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM7f902aa4=Rundll32.exe "[%SYSTEM%]\dehokiju.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 7ca31938=rundll32.exe "[%SYSTEM%]\dititeha.dll",b
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\konovozo.dll [%SYSTEM%]\gijiyeli.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM434de2e0=Rundll32.exe "[%SYSTEM%]\gijiyeli.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 407ed17c=rundll32.exe "[%SYSTEM%]\mekohige.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, keyebezehi=Rundll32.exe "[%SYSTEM%]\midevebi.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, CPM1f1f599f=Rundll32.exe "[%SYSTEM%]\javohiwo.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, CPM05f0f22f=Rundll32.exe "[%COMMON_APPDATA%]\yesukeje\yesukeje.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM05f0f22f=Rundll32.exe "[%COMMON_APPDATA%]\yiyaruja\yiyaruja.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, 06c3c1b3=rundll32.exe "[%COMMON_APPDATA%]\sokoyeji\sokoyeji.dll",b
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 06c3c1b3=rundll32.exe "[%COMMON_APPDATA%]\kujapebo\kujapebo.dll",b
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, mehadimifo=Rundll32.exe "[%COMMON_APPDATA%]\kopavawi\kopavawi.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mehadimifo=Rundll32.exe "[%COMMON_APPDATA%]\hawupopa\hawupopa.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, rimayipoti=Rundll32.exe "[%SYSTEM%]\fuweyofa.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, c0e2793f=rundll32.exe "[%SYSTEM%]\pplnjfyb.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM4f04ad69=Rundll32.exe "[%COMMON_APPDATA%]\lahozunu\lahozunu.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM4f04ad69=Rundll32.exe "[%COMMON_APPDATA%]\lahozunu\lahozunu.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 4c379ef5=rundll32.exe "[%COMMON_APPDATA%]\jarugede\jarugede.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pipoyopono=Rundll32.exe "[%COMMON_APPDATA%]\fuhiheje\fuhiheje.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pipoyopono=Rundll32.exe "[%COMMON_APPDATA%]\fuhiheje\fuhiheje.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMf7f15a3a=Rundll32.exe "[%SYSTEM%]\gevimasi.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\urqQjgeE.dll,#1
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 2ce705e2=rundll32.exe "[%PROFILE_TEMP%]\vmkohteg.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Manage Process=[%SYSTEM%]\mswgm.exe
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\piyiliwa.dll [%SYSTEM%]\wefolobo.dll [%SYSTEM%]\yidetaji.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 7ca31938=rundll32.exe "[%SYSTEM%]\geroziwu.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMffc372aa=Rundll32.exe "[%SYSTEM%]\dawenegi.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, fcf04136=rundll32.exe "[%SYSTEM%]\wukohiwe.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, vinedahupu=Rundll32.exe "[%SYSTEM%]\titehiya.dll",s
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F665E5C2.exe=[%PROFILE_TEMP%]\_A00F665E5C2.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\jkkICrOE.dll,#1
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM2bc7b08b=Rundll32.exe "[%SYSTEM%]\tenolabo.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 28f48317=rundll32.exe "[%SYSTEM%]\nahatona.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yonesusofo=Rundll32.exe "[%SYSTEM%]\hevolofo.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\yobijowu.dll [%SYSTEM%]\nizukipu.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM136c43fa=Rundll32.exe "[%SYSTEM%]\nizukipu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 105f7066=rundll32.exe "[%SYSTEM%]\lunazedo.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yudepatube=Rundll32.exe "[%SYSTEM%]\muyipigu.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mogiluhehe=Rundll32.exe "[%SYSTEM%]\gipidiwu.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {2aabd0c3-1b64-4de0-ae17-bbbe806197f2}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {02715e47-5a8e-495b-8f63-0d30470b8e72}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {dd4a65c7-61d7-445f-bcf1-5065f765eaf9}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {a8eeb996-62aa-4e48-995d-eaddcac47476}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {3ca60057-9277-49c0-8d64-280dbad9c3e1}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {c3f37eca-a8d9-4633-92c6-fe24c7d16aba}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kivuzobuye=Rundll32.exe "[%SYSTEM%]\gososeyo.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, hitubedubi=Rundll32.exe "[%SYSTEM%]\bobebeji.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\geBsspoo.dll,#1
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, d2c0a3a1=rundll32.exe "[%PROFILE_TEMP%]\ilmlodix.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Mhagoyuyevevam=rundll32.exe "[%WINDOWS%]\Mxuramoxobuzog.dat",e
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM57d74eae=Rundll32.exe "[%SYSTEM%]\medilile.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, zaramafute=Rundll32.exe "[%SYSTEM%]\nojepake.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run_Disabled, acc84978=rundll32.exe "[%SYSTEM%]\oucbweoc.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run_Hidden, CPM57044a3b=Rundll32.exe "[%SYSTEM%]\bikuhagu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run_Hidden, 543779a7=rundll32.exe "[%SYSTEM%]\lezaromo.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run_Hidden, yadukafuzu=Rundll32.exe "[%SYSTEM%]\mivekele.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, jiyotiwaju=Rundll32.exe "[%SYSTEM%]\putabiwo.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, dcacdd17=rundll32.exe "[%SYSTEM%]\ioghshut.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, BMdf9fee8b=Rundll32.exe "[%SYSTEM%]\tcbpcjmv.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=C [%PROGRAM_FILES%]\Manson\liser.dll [%SYSTEM%]\gewofawu.dll [%SYSTEM%]\gomujude.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM2f42ddca=Rundll32.exe "[%SYSTEM%]\gomujude.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 2c71ee56=rundll32.exe "[%SYSTEM%]\nisajoro.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wigawimafe=Rundll32.exe "[%SYSTEM%]\hizapego.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM6f7e40e1=Rundll32.exe "[%SYSTEM%]\feyehuri.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 6c4d737d=rundll32.exe "[%SYSTEM%]\fuvihiyo.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMc7037e3a=Rundll32.exe "[%SYSTEM%]\jepewosi.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hodapujari=Rundll32.exe "[%SYSTEM%]\kabifoti.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMa346245f=Rundll32.exe "[%COMMON_APPDATA%]\nanazine\nanazine.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, a07517c3=rundll32.exe "[%COMMON_APPDATA%]\gamibuyo\gamibuyo.dll",b
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sayutilago=Rundll32.exe "[%COMMON_APPDATA%]\fibidaku\fibidaku.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM031e4ca0=Rundll32.exe "[%SYSTEM%]\zerejuhu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 1ce57297=rundll32.exe "[%SYSTEM%]\gfrwvrbx.dll",b
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run_Hidden, A00F8FBEFFF.exe=[%PROFILE_TEMP%]\_A00F8FBEFFF.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run_Hidden, A00F147A4F.exe=[%PROFILE_TEMP%]\_A00F147A4F.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMf7483ba0=Rundll32.exe "[%SYSTEM%]\yabajuku.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, zipubakofa=Rundll32.exe "[%SYSTEM%]\fafaropu.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\zenonabi.dll [%SYSTEM%]\visoziyo.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMc7037e3a=Rundll32.exe "[%SYSTEM%]\visoziyo.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, c4304da6=rundll32.exe "[%SYSTEM%]\ruludoji.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hodapujari=Rundll32.exe "[%SYSTEM%]\luhuwuji.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run (Disabled by Starter), CPM53c654f9=Rundll32.exe "[%SYSTEM%]\solihivo.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM53c654f9=Rundll32.exe "[%SYSTEM%]\solihivo.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, RemoteControl=[%SYSTEM%]\rmctrl.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BM17452fc7=Rundll32.exe "[%SYSTEM%]\jwapjgbs.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 14761c5b=rundll32.exe "[%SYSTEM%]\bccdauvc.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {13f20e4f-f379-41ea-8f80-ccaae787362a}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {81ea3f36-357a-435a-8741-52c27ccc9f21}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {0b9928ca-2b38-43c8-be19-a4a6386de417}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {57df73c0-833c-48b7-9146-1e18930d57ff}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {f7b0f7b2-1b10-4240-b00b-354f3c04e3f5}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar, {74dd705d-6834-439c-a735-a6dbe2677452}=00
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {65bfa841-c5a1-41d6-ad7f-8797348852c1}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM4798d2e4=Rundll32.exe "[%SYSTEM%]\wulekumo.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hokajofini=Rundll32.exe "[%SYSTEM%]\vitikeyu.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {78ba8b42-aaa3-46af-90af-7f395a40c6e4}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BM7fefe868=Rundll32.exe "[%SYSTEM%]\ljhjdqgd.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, padiyuyihi=Rundll32.exe "[%SYSTEM%]\pefeveli.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, padiyuyihi=Rundll32.exe "[%SYSTEM%]\pefeveli.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMaf3c2a4e=Rundll32.exe "[%SYSTEM%]\kanatuda.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ac0f19d2=rundll32.exe "[%SYSTEM%]\dejedefe.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, dupadejaja=Rundll32.exe "[%SYSTEM%]\pozimadu.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {833e29a5-5208-472a-81e4-cb04c407924e}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM8bb0cb1c=Rundll32.exe "[%SYSTEM%]\sizugomu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 801208ab=rundll32.exe "[%SYSTEM%]\fagonifa.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, zijovasogi=Rundll32.exe "[%SYSTEM%]\tagusoka.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\vozaposo.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMb3f5badd=Rundll32.exe "[%SYSTEM%]\gufomafe.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sihiriyuja=Rundll32.exe "[%SYSTEM%]\volamele.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\awtqoOIB.dll,#1
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, b23e616a=rundll32.exe "[%PROFILE_TEMP%]\yrvmpavc.dll",b
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\ddcYpmlM.dll,c
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\rqRJAtrR.dll,#1
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\qoMcaXoL.dll,#1
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMaf081a75=Rundll32.exe "[%SYSTEM%]\yonevena.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ac3b29e9=rundll32.exe "[%SYSTEM%]\kawolumi.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, fejusakivu=Rundll32.exe "[%SYSTEM%]\gevejusu.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM53ef9e9d=Rundll32.exe "[%SYSTEM%]\zewobihu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 50dcad01=rundll32.exe "[%SYSTEM%]\zafufovi.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMe39ae14e=Rundll32.exe "[%SYSTEM%]\bimadela.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, e0a9d2d2=rundll32.exe "[%SYSTEM%]\zosamulo.dll",b
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\nuzeriko.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, serutewuha=Rundll32.exe "[%SYSTEM%]\mupojuwe.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\tuvSlmMg.dll,#1
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM5d735354=Rundll32.exe "[%COMMON_APPDATA%]\patadamo\patadamo.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 5e4060c8=rundll32.exe "[%COMMON_APPDATA%]\buguroru\buguroru.dll",b
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\ljJYRkKc.dll,c
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wilewafuzi=Rundll32.exe "[%COMMON_APPDATA%]\yawusazo\yawusazo.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM13bb63e6=Rundll32.exe "[%SYSTEM%]\fevahiva.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, selizifoje=Rundll32.exe "[%SYSTEM%]\tibarozo.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM3b6d21c3=Rundll32.exe "[%SYSTEM%]\zukuzibi.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kenerisedi=Rundll32.exe "[%SYSTEM%]\dobojobe.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM1bac6ae7=Rundll32.exe "[%SYSTEM%]\gitoribo.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 189f597b=rundll32.exe "[%SYSTEM%]\gugatemi.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, jawenasumo=Rundll32.exe "[%SYSTEM%]\pivojobe.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, svhost=[%SYSTEM%]\server.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {06E12C36-760F-4D92-8509-5E5DBF12C423}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {0e0a2ad5-1adc-4ec3-90fc-0fb793c9259e}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {235b90d6-cb93-40a6-8f1a-af422ada9637}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {d7f9df29-7a42-4910-9481-b8838cfdd266}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, rasefafeso=Rundll32.exe "[%SYSTEM%]\nelufuyu.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM60def14b=Rundll32.exe "[%SYSTEM%]\zozibemu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 63edc2d7=rundll32.exe "[%SYSTEM%]\kawoyake.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, vesazoleye=Rundll32.exe "[%SYSTEM%]\tutakoje.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMb733c4c5=Rundll32.exe "[%SYSTEM%]\bihofiye.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, b400f759=rundll32.exe "[%SYSTEM%]\biyuhepe.dll",b
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\fetokuze.dll [%PROGRAM_FILES%]\Manson\liser.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, CPM236978a0=Rundll32.exe "[%SYSTEM%]\gajukilu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, nohozoseko=Rundll32.exe "[%SYSTEM%]\wehebopa.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run (Disabled by AnVir), nohozoseko=Rundll32.exe "[%SYSTEM%]\wehebopa.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nohozoseko=Rundll32.exe "[%SYSTEM%]\wehebopa.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 3ab0ce7d=rundll32.exe "[%SYSTEM%]\plhpxxuh.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wademaloji=Rundll32.exe "[%SYSTEM%]\segivuva.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {d554a583-d4cf-4a6f-b07a-cb25f60fa743}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, userinit=[%APPDATA%]\twext.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {6cbe6300-759b-447a-b406-31b86293e390}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {31cdfcb9-37d6-4c1d-a31d-aa2dd56f637b}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {C5E84927-CFF0-4CA3-A068-02E7C01C1E7C}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {3e8779b2-78a4-4715-9301-5bcfa6e72fa9}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {fa16fe06-b462-470e-9653-79c54b1871ff}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {dd153fdb-e2fb-40d2-8e36-f21c36b51dad}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kepubohavo=Rundll32.exe "[%SYSTEM%]\kapekabo.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, vesujifoda=Rundll32.exe "[%SYSTEM%]\hiziyeli.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, servises=[%SYSTEM%]\servises.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, servises=[%SYSTEM%]\servises.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMf3075b31=Rundll32.exe "[%SYSTEM%]\litikusi.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, vihisagadi=Rundll32.exe "[%SYSTEM%]\bezayedo.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yevivumujo=Rundll32.exe "[%SYSTEM%]\hirihubi.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Aleho=rundll32.exe "[%WINDOWS%]\Ngewaguzeyawebew.dll",e
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\zojoludi.dll [%SYSTEM%]\segudedu.dll [%SYSTEM%]\mofebese.dll [%SYSTEM%]\kewowupa.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM8771845a=Rundll32.exe "[%SYSTEM%]\kewowupa.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 8442b7c6=rundll32.exe "[%SYSTEM%]\ludotoja.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nitusifutu=Rundll32.exe "[%SYSTEM%]\hekazezi.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM8771845a=Rundll32.exe "[%SYSTEM%]\segudedu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM8771845a=Rundll32.exe "[%SYSTEM%]\mofebese.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\zojoludi.dll [%SYSTEM%]\mofebese.dll [%SYSTEM%]\kewowupa.dll [%SYSTEM%]\segudedu.dll
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winetn32.rom,DnRRun
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\tuvSjKEV.dll,#1
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\hgGwWOFU.dll,c
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BM7b447aea=Rundll32.exe "[%PROFILE_TEMP%]\dpfdoppk.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\opnnonKA.dll,#1
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Xnujekafomohuxew=rundll32.exe "[%WINDOWS%]\Oretegigusobogis.dat",e
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, loyovekuka=Rundll32.exe "[%SYSTEM%]\mekawiba.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 8409b41b=rundll32.exe "[%SYSTEM%]\rotatopu.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\mlJDwVNe.dll,#1
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM374a48ee=Rundll32.exe "[%COMMON_APPDATA%]\hoguforu\hoguforu.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, jomakolune=Rundll32.exe "[%COMMON_APPDATA%]\rukabipe\rukabipe.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\ziresula.dll [%SYSTEM%]\haferabo.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMa72a1278=Rundll32.exe "[%SYSTEM%]\haferabo.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, a41921e4=rundll32.exe "[%SYSTEM%]\weziroze.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, brefudafugaho=rundll32.exe "[%WINDOWS%]\equbakezakoboxa.dll",e
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, zarapakuzi=Rundll32.exe "[%SYSTEM%]\hegubagu.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\ziresula.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMa72a1278=Rundll32.exe "[%SYSTEM%]\hiduhozo.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, a41921e4=rundll32.exe "[%SYSTEM%]\fiyakuzu.dll",b
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMb3d61a23=Rundll32.exe "[%COMMON_APPDATA%]\jiveteda\jiveteda.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, b0e529bf=rundll32.exe "[%COMMON_APPDATA%]\biyoriwo\biyoriwo.dll",b
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, welivaloki=Rundll32.exe "[%COMMON_APPDATA%]\gefejobu\gefejobu.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, fcc3267a=rundll32.exe "[%SYSTEM%]\vunfuuyw.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, A0380mon=[%SYSTEM%]\A0380mon.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, dowigutiye=Rundll32.exe "[%SYSTEM%]\zekagawi.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {420959a7-1b3f-49ee-848e-6de631a39223}=
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\dowumeho.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {2860c741-8f63-45da-b029-2b4b148ac499}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {a1ee34b2-b333-4a1b-949e-a02c0a666f9b}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM2ababcbd=Rundll32.exe "[%COMMON_APPDATA%]\mofohupu\mofohupu.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, rafefegure=Rundll32.exe "[%COMMON_APPDATA%]\diyohobe\diyohobe.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run, portmap.exe=[%SYSTEM%]\portmap.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMe39ae14e=Rundll32.exe "[%SYSTEM%]\juserolu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, e0a9d2d2=rundll32.exe "[%SYSTEM%]\bohapevi.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMcf244127=Rundll32.exe "[%SYSTEM%]\vewalimu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, lehuyiveni=Rundll32.exe "[%SYSTEM%]\jelulede.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM03333333=Rundll32.exe "[%SYSTEM%]\megejiwe.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMc71bab0c=Rundll32.exe "[%SYSTEM%]\megejiwe.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, c4289890=rundll32.exe "[%SYSTEM%]\ntqbvyyr.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yuwihidalo=Rundll32.exe "[%SYSTEM%]\pamesava.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, lubutodobe=Rundll32.exe "[%SYSTEM%]\wagopiva.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\gitisowe.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, teliwumuka=Rundll32.exe "[%SYSTEM%]\livoguyi.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\efcARllI.dll,#1
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=pdzmnb.dll [%SYSTEM%]\yuwehosu.dll [%SYSTEM%]\wovawuye.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yanohoduko=Rundll32.exe "[%COMMON_APPDATA%]\jisagade\jisagade.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yanohoduko=Rundll32.exe "[%COMMON_APPDATA%]\jisagade\jisagade.dll",s
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F1934C2.exe=[%PROFILE_TEMP%]\_A00F1934C2.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mijafoluse=Rundll32.exe "[%SYSTEM%]\ratofoze.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, c4e91822=rundll32.exe "[%SYSTEM%]\xhwejiie.dll",b
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00FBD0F6.exe=[%PROFILE_TEMP%]\_A00FBD0F6.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00FA2ECF.exe=[%PROFILE_TEMP%]\_A00FA2ECF.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, TridentWatchDog=twatdog.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices, Windows Update=ssms.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Windows Update=ssms.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {b09e0f0b-28fe-4a7e-90f6-6d09e4234852}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {1cf662bf-4afd-4778-8306-1f0eb8284ebb}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {a596175d-bbc7-476a-a152-fba652b64505}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Gwakafiqemaqawep=rundll32.exe "[%WINDOWS%]\Axuqapaximib.dat",e
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wobafavovi=Rundll32.exe "[%SYSTEM%]\yazeriza.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, b400f759=rundll32.exe "[%SYSTEM%]\zeveluhe.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM73542d5b=Rundll32.exe "[%SYSTEM%]\zareheli.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, jubukevejo=Rundll32.exe "[%SYSTEM%]\ninegozu.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMc39c25b2=Rundll32.exe "[%SYSTEM%]\lahuyano.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, c0af162e=rundll32.exe "[%SYSTEM%]\lafegana.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yafejegevo=Rundll32.exe "[%SYSTEM%]\yuwelete.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%PROGRAM_FILES%]\kasper~1\kasper~1.0\r3hook.dll [%PROGRAM_FILES%]\kasper~1\kasper~1.0\adialhk.dll [%SYSTEM%]\sofodowi.dll [%SYSTEM%]\kenahapu.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, rodovonuti=Rundll32.exe "[%SYSTEM%]\nitekufi.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\bubefane.dll [%SYSTEM%]\yiborada.dll [%SYSTEM%]\gizolama.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, CPM770c9418=Rundll32.exe "[%SYSTEM%]\yiborada.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM770c9418=Rundll32.exe "[%SYSTEM%]\yiborada.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 743fa784=rundll32.exe "[%SYSTEM%]\kulokuha.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, wobafavovi=Rundll32.exe "[%SYSTEM%]\yazeriza.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, f46e832e=rundll32.exe "[%SYSTEM%]\bafoline.dll",b
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=C [%SYSTEM_DRIVE%]\progra~1\Manson\liser.dll [%SYSTEM%]\rilikiho.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, tirolapaya=Rundll32.exe "[%SYSTEM%]\kapidabo.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\buloreke.dll [%PROGRAM_FILES%]\Manson\liser.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {57A52E74-004C-464B-96CC-4DFE5366EA02}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yayimofozo=Rundll32.exe "[%SYSTEM%]\tusavila.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {f4002052-ab29-4b33-8c8d-0e99084564ec}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {c3e15dfe-d990-4c3f-9be2-4cf4e3e007ce}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {ff64059d-4d2a-4d6b-aa0f-2ee4a2fe3856}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {dd3ec823-d3a1-48b3-a18a-a1958795a18a}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\ssqNGWqr.dll,#1
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\pmnmJDUN.dll,c
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, winupdtl=[%SYSTEM%]\winupdtl.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cdoosoft=[%SYSTEM%]\olhrwef.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 18a4cec6=rundll32.exe "[%SYSTEM%]\popefuha.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM5b596229=Rundll32.exe "[%SYSTEM%]\dakotari.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Microsoft Office Agent=[%SYSTEM%]\mds.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ozeruqosejefiqa=rundll32.exe "[%WINDOWS%]\ixaguquxuzaya.dll",e
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMb32dbaec=Rundll32.exe "[%SYSTEM%]\wojajugi.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, b01e8970=rundll32.exe "[%SYSTEM%]\weziyolo.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, muritadepe=Rundll32.exe "[%SYSTEM%]\janifedu.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, [%SYSTEM%]\kdblp.exe=[%SYSTEM%]\kdblp.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM312572a5=Rundll32.exe "[%SYSTEM%]\jususino.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gerenuwene=Rundll32.exe "[%SYSTEM%]\hawateme.dll",s
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F27F556.exe=[%PROFILE_TEMP%]\_A00F27F556.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Arukiruhakuca=rundll32.exe "[%LOCAL_APPDATA%]\wildutag.dll",e
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F20A8B7.exe=[%PROFILE_TEMP%]\_A00F20A8B7.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, bc22bbea=rundll32.exe "[%SYSTEM%]\wijdwgqv.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {6a6eae1b-4ad6-4035-974d-504d6dbaa9c3}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {877fb8c9-2ef3-4b96-b2b1-7ce2cb857fd0}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {e9bd0828-1fd9-410c-a50f-43ebe65d310f}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {86882ca4-be70-4bce-aea5-cf40eb8e0bc3}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nirozijeva=Rundll32.exe "[%SYSTEM%]\yafajawo.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\pazoyoli.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMdbcb0867=Rundll32.exe "[%SYSTEM%]\kogonubo.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wasugorela=Rundll32.exe "[%SYSTEM%]\tenagoki.dll",s
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F38EB8C6.exe=[%PROFILE_TEMP%]\_A00F38EB8C6.exe
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\mafisule.dll [%SYSTEM%]\dimuboja.dll,[%PROGRAM_FILES%]\Manson\liser.dll [%SYSTEM%]\yavafike.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMdb9a1bb5=Rundll32.exe "[%SYSTEM%]\yavafike.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, d8a92829=rundll32.exe "[%SYSTEM%]\zugowuva.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, jomedopari=Rundll32.exe "[%SYSTEM%]\depunuhe.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, fukudiguse=Rundll32.exe "[%SYSTEM%]\pabuzili.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, rubowizepi=Rundll32.exe "[%SYSTEM%]\vehuyafa.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM3f27b411=Rundll32.exe "[%SYSTEM%]\muribabi.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hahevozeho=Rundll32.exe "[%SYSTEM%]\dafudije.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\efcBrOif.dll,#1
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, WinSys2=[%SYSTEM%]\startup.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MsServer=msfun80.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar, {11a69ae4-fbed-4832-a2bf-45af82825583}=00
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {b3102264-d09d-4322-b625-503fbf18dd7e}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {fded8846-95b0-4005-9e39-9f1720b6815e}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {58e9ac24-5a2a-4908-9e3b-0633c0f8df30}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, a8cb4fec=rundll32.exe "[%SYSTEM%]\hivezuto.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 356f2517=rundll32.exe "[%SYSTEM%]\nusayuta.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, popoyumopu=Rundll32.exe "[%SYSTEM%]\gigazayu.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\nevoputo.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yuvovozuko=Rundll32.exe "[%SYSTEM%]\bewihafe.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM2f60708c=Rundll32.exe "[%SYSTEM%]\nurugapu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 2c534310=rundll32.exe "[%SYSTEM%]\notugaji.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wibasupiko=Rundll32.exe "[%SYSTEM%]\kulepive.dll",s
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00FE6175.exe=[%PROFILE_TEMP%]\_A00FE6175.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F37D4F.exe=[%PROFILE_TEMP%]\_A00F37D4F.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F1AF425.exe=[%PROFILE_TEMP%]\_A00F1AF425.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F66BC4B.exe=[%PROFILE_TEMP%]\_A00F66BC4B.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM71b87b01=Rundll32.exe "[%SYSTEM%]\kurisedu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, fujudiwilu=Rundll32.exe "[%SYSTEM%]\foyamugu.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM97df38b5=Rundll32.exe "[%SYSTEM%]\palifomu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 94ec0b29=rundll32.exe "[%SYSTEM%]\bohemuko.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hapeturiwa=Rundll32.exe "[%SYSTEM%]\vubabuku.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=abkoac.dll ,[%SYSTEM%]\dujujewo.dll
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\cbXOEtUN.dll,c
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMdf004c94=Rundll32.exe "[%SYSTEM%]\witeyaza.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, dc337f08=rundll32.exe "[%SYSTEM%]\vomobozi.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nugabufutu=Rundll32.exe "[%SYSTEM%]\yoyubina.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM871938f2=Rundll32.exe "[%SYSTEM%]\yegemiso.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 842a0b6e=rundll32.exe "[%SYSTEM%]\gikosiha.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pigezaloga=Rundll32.exe "[%SYSTEM%]\zihemiri.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=wbsys.dll [%SYSTEM%]\loyuvejo.dll [%SYSTEM%]\nilimuvo.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM313e2b3d=Rundll32.exe "[%SYSTEM%]\nilimuvo.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 320d18a1=rundll32.exe "[%SYSTEM%]\batiweja.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, rirawapola=Rundll32.exe "[%SYSTEM%]\fofuhiza.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM1ff11731=Rundll32.exe "[%SYSTEM%]\vabuzano.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 1cc224ad=rundll32.exe "[%SYSTEM%]\muwiropu.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nefomukita=Rundll32.exe "[%SYSTEM%]\kulagira.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BMff3d380f=Rundll32.exe "[%SYSTEM%]\cobkkjfg.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {75abcf92-9764-4dfa-a83f-5142c3905052}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, [%SYSTEM%]\cfrog.exe=[%SYSTEM%]\cfrog.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hizalewone=Rundll32.exe "[%SYSTEM%]\wepanibe.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMdb98a040=Rundll32.exe "[%SYSTEM%]\jogihuju.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, jipakolada=Rundll32.exe "[%SYSTEM%]\titodopu.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, laziwiduve=Rundll32.exe "[%SYSTEM%]\jukazudu.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMc391834c=Rundll32.exe "[%SYSTEM%]\sozulayu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, riyadahusu=Rundll32.exe "[%SYSTEM%]\dajufiwe.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\gadagore.dll [%SYSTEM%]\zofarimo.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run, CPM2fd51296=Rundll32.exe "[%SYSTEM%]\zofarimo.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run, kuwapijabi=Rundll32.exe "[%SYSTEM%]\kenahapu.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM437d4760=Rundll32.exe "[%SYSTEM%]\mafolibu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, =Rundll32.exe "[%SYSTEM%]\gafilumu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 404e74fc=rundll32.exe "[%SYSTEM%]\godidusa.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Hxesohayeridasib=rundll32.exe "[%WINDOWS%]\olabovisidubadi.dll",e
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pesedekaga=Rundll32.exe "[%SYSTEM%]\jobobuwi.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\mosowisi.dll [%SYSTEM%]\vuhiriye.dll [%SYSTEM%]\yuwegiju.dll [%SYSTEM%]\dewulale.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, febobegasu=Rundll32.exe "[%SYSTEM%]\toturobe.dll",s
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F40E35.exe=[%PROFILE_TEMP%]\_A00F40E35.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F6F01F.exe=[%PROFILE_TEMP%]\_A00F6F01F.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F30F53.exe=[%PROFILE_TEMP%]\_A00F30F53.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F3B547.exe=[%PROFILE_TEMP%]\_A00F3B547.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F92F61.exe=[%PROFILE_TEMP%]\_A00F92F61.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F2D8C2.exe=[%PROFILE_TEMP%]\_A00F2D8C2.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F365DF.exe=[%PROFILE_TEMP%]\_A00F365DF.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00FDDD60.exe=[%PROFILE_TEMP%]\_A00FDDD60.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F3AF8A.exe=[%PROFILE_TEMP%]\_A00F3AF8A.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F2FAB2.exe=[%PROFILE_TEMP%]\_A00F2FAB2.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F51B7E.exe=[%PROFILE_TEMP%]\_A00F51B7E.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F281E8.exe=[%PROFILE_TEMP%]\_A00F281E8.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMc1f6464a=Rundll32.exe "[%SYSTEM%]\yisusasi.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mowozemopa=Rundll32.exe "[%SYSTEM%]\pegileva.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Nsatumokabade=rundll32.exe "[%WINDOWS%]\Lzupewuc.dll",e
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Jfoxetohekafomo=rundll32.exe "[%WINDOWS%]\ubegugekajom.dll",e
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM1b9495ce=Rundll32.exe "[%SYSTEM%]\wufewoga.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 18a7a652=rundll32.exe "[%SYSTEM%]\gorumiba.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ralahodifu=Rundll32.exe "[%SYSTEM%]\wisepale.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Srojawaju=rundll32.exe "[%WINDOWS%]\usuciluc.dll",e
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, tamovediyo=Rundll32.exe "[%SYSTEM%]\gefuvura.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {7C8D1401-A58D-A81C-CD24-A5915C4517C7}=mnmhgsrv.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMa3de03c7=Rundll32.exe "[%SYSTEM%]\kitehevu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, a0ed305b=rundll32.exe "[%SYSTEM%]\yusayena.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pejisavoku=Rundll32.exe "[%SYSTEM%]\sugedaji.dll",s
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F3DD9F.exe=[%PROFILE_TEMP%]\_A00F3DD9F.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F1151E43B.exe=[%PROFILE_TEMP%]\_A00F1151E43B.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F1543CCBB.exe=[%PROFILE_TEMP%]\_A00F1543CCBB.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, WCXELMS=WCXELMS.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {a11c5aa1-0522-4e2c-8b55-61ec322a00bb}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {f50b3f5e-856e-4757-9bb1-b35d46ca7719}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {487C9905-26A8-42C8-8033-C58AD3D2AEC3}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {733e9132-53ca-4c97-9ac9-145c4502fa20}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {36953122-9f7c-4461-af35-e23242461fd7}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mssysfs=[%SYSTEM%]\EVA.EXE
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\khfEUnMG.dll,#1
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\bubefane.dll [%SYSTEM%]\rahobofo.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM770c9418=Rundll32.exe "[%SYSTEM%]\rahobofo.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 743fa784=rundll32.exe "[%SYSTEM%]\bafoline.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, 9cb80a20=rundll32.exe "[%SYSTEM%]\aaiepjmx.dll",b
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\makezimu.dll [%SYSTEM%]\sojohehu.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM0b0f3bd1=Rundll32.exe "[%SYSTEM%]\sojohehu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, tolepibohi=Rundll32.exe "[%SYSTEM%]\zuziberi.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {1F5FDA83-4379-4C6A-94AD-CC7BC688505A}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM07f29731=Rundll32.exe "[%SYSTEM%]\zudalure.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 04c1a4ad=rundll32.exe "[%SYSTEM%]\zudeyuwi.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, buvuvapagi=Rundll32.exe "[%SYSTEM%]\sapawoma.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\yileduyu.dll [%SYSTEM%]\jogihuju.dll
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\wayumabe.dll [%SYSTEM%]\wiyobive.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, puwotonata=Rundll32.exe "[%SYSTEM%]\hinikafo.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, c44ee25d=rundll32.exe "[%SYSTEM%]\dngoyumu.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {663656df-6bae-460c-a612-8133df519346}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {dd861218-a2ac-46ea-ad5a-6e97f48aca50}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {109be732-8f8c-49d4-a3f4-fedcac7f0a25}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Kvalutehobekeyoj=rundll32.exe "[%WINDOWS%]\Dxelutapimoxi.dll",e
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {4ec66e48-b863-4413-bc91-463d9cca093b}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Kpicucipisozo=rundll32.exe "[%WINDOWS%]\Uyumalepinub.dll",e
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {9ebf5c54-224c-48a2-bc86-a5eda9f8abf9}=
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00FADCE2.exe=[%PROFILE_TEMP%]\_A00FADCE2.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F91A5F80.exe=[%PROFILE_TEMP%]\_A00F91A5F80.exe
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\movanama.dll [%SYSTEM%]\dovazibo.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMcf5479d4=Rundll32.exe "[%SYSTEM%]\dovazibo.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cc674a48=rundll32.exe "[%SYSTEM%]\zikedama.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yayazesoha=Rundll32.exe "[%SYSTEM%]\butabefu.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM232e4d77=Rundll32.exe "[%SYSTEM%]\kapigagi.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 201d7eeb=rundll32.exe "[%SYSTEM%]\dahovibo.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kaloseyonu=Rundll32.exe "[%SYSTEM%]\litijaro.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\hokegemu.dll [%SYSTEM%]\yuwelete.dll [%SYSTEM%]\desoyahi.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMe753c265=Rundll32.exe "[%SYSTEM%]\desoyahi.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, e460f1f9=rundll32.exe "[%SYSTEM%]\remowoka.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pofepovado=Rundll32.exe "[%SYSTEM%]\hawivobi.dll",s
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F8EE9FF.exe=[%PROFILE_TEMP%]\_A00F8EE9FF.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F8B6A10.exe=[%PROFILE_TEMP%]\_A00F8B6A10.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F8830BF.exe=[%PROFILE_TEMP%]\_A00F8830BF.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F86BD78.exe=[%PROFILE_TEMP%]\_A00F86BD78.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F85F6CC.exe=[%PROFILE_TEMP%]\_A00F85F6CC.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F8519CA.exe=[%PROFILE_TEMP%]\_A00F8519CA.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F534540C.exe=[%PROFILE_TEMP%]\_A00F534540C.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00FAF461.exe=[%PROFILE_TEMP%]\_A00FAF461.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F63CA64F.exe=[%PROFILE_TEMP%]\_A00F63CA64F.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00FC5B22B.exe=[%PROFILE_TEMP%]\_A00FC5B22B.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00FE99BF4.exe=[%PROFILE_TEMP%]\_A00FE99BF4.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F15D72F.exe=[%PROFILE_TEMP%]\_A00F15D72F.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00FA5C87D.exe=[%PROFILE_TEMP%]\_A00FA5C87D.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM03c21fbc=Rundll32.exe "[%SYSTEM%]\runiwuji.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 00f12c20=rundll32.exe "[%SYSTEM%]\busebayu.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wukupahote=Rundll32.exe "[%SYSTEM%]\raduzuye.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, dc334506=rundll32.exe "[%SYSTEM%]\rlprpgit.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mozehobosi=Rundll32.exe "[%SYSTEM%]\reranavu.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, puvezuliku=Rundll32.exe "[%SYSTEM%]\kazerevi.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Vramosexasuxomo=rundll32.exe "[%WINDOWS%]\Hzidale.dat",e
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\rqrQkLET.dll,#1
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\jkklMgGx.dll,#1
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMed3205f3=Rundll32.exe "[%COMMON_APPDATA%]\sawupima\sawupima.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, bamatenufo=Rundll32.exe "[%COMMON_APPDATA%]\larifise\larifise.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM0f24d5b7=Rundll32.exe "[%SYSTEM%]\wowinule.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 0c17e62b=rundll32.exe "[%SYSTEM%]\rudahazi.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, livogegupo=Rundll32.exe "[%SYSTEM%]\vafedewe.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\bubefane.dll [%SYSTEM%]\lavupiho.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM770c9418=Rundll32.exe "[%SYSTEM%]\lavupiho.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 743fa784=rundll32.exe "[%SYSTEM%]\fetokuze.dll",b
Scan your system registry for FREE
