Vundo (Virtumondo) Registry Values

Scan your Windows registry for Vundo (Virtumondo)

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, RemoteControl=[%SYSTEM%]\rmctrl.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, susepafinu=Rundll32.exe "[%SYSTEM%]\yunukino.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, tatagarulo=Rundll32.exe "[%SYSTEM%]\lagesapu.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 21721747=rundll32.exe "[%SYSTEM%]\sjvlhrxa.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 308f4e7e=rundll32.exe "[%SYSTEM%]\yljratco.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\efcccAPf.dll,#1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, a037560e=rundll32.exe "[%PROFILE_TEMP%]\hyjwjkst.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\xxyyyVMe.dll,c
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 68c85976=rundll32.exe "[%SYSTEM%]\pmklltor.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM47830f1d=Rundll32.exe "[%SYSTEM%]\wevoyira.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 44b03c81=rundll32.exe "[%SYSTEM%]\marokeru.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, b8ea3d63=rundll32.exe "[%SYSTEM%]\ldhhxsrg.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 484d8714=rundll32.exe "[%PROFILE_TEMP%]\iyunlvwy.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, fc37824b=rundll32.exe "[%SYSTEM%]\sbcektyx.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 5c7f3ed5=rundll32.exe "[%SYSTEM%]\ygrjrayf.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMc393d26f=Rundll32.exe "[%SYSTEM%]\jitadeza.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, c0a0e1f3=rundll32.exe "[%SYSTEM%]\sewazoze.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run, Windows Printing Driver=WinSpooler.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AL8HLMS=AL8HLMS.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR6B5F.exe=[%SYSTEM%]\YUR6B5F.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR8F.exe=[%SYSTEM%]\YUR8F.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR90.exe=[%SYSTEM%]\YUR90.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR91.exe=[%SYSTEM%]\YUR91.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURBBFE.exe=[%SYSTEM%]\YURBBFE.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR6E9A.exe=[%SYSTEM%]\YUR6E9A.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR28D4.exe=[%SYSTEM%]\YUR28D4.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR28D4.exe=[%SYSTEM%]\YUR28D4.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURBD2.exe=[%SYSTEM%]\YURBD2.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, brastk=[%SYSTEM%]\brastk.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, karisubano=Rundll32.exe "[%SYSTEM%]\zuzogomi.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, zumilusaza=Rundll32.exe "[%SYSTEM%]\rotawugo.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, tawiremosa=Rundll32.exe "[%SYSTEM%]\rosilele.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, rupogigane=Rundll32.exe "[%SYSTEM%]\zesifimi.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMbbd7f68c=Rundll32.exe "[%SYSTEM%]\yozaludi.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, b8e4c510=rundll32.exe "[%SYSTEM%]\modopise.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM47830f1d=Rundll32.exe "[%SYSTEM%]\yizodonu.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 44b03c81=rundll32.exe "[%SYSTEM%]\wedaleza.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMb39e03c8=Rundll32.exe "[%SYSTEM%]\lilayeti.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, b0ad3054=rundll32.exe "[%SYSTEM%]\viberisa.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, bugakedojo=Rundll32.exe "[%SYSTEM%]\visutaye.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM235b41c4=Rundll32.exe "[%SYSTEM%]\rekahuba.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wevekibolu=Rundll32.exe "[%SYSTEM%]\revesele.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run-, 47960222=rundll32.exe "[%SYSTEM%]\eiiqubdi.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 08553972=rundll32.exe "[%SYSTEM%]\jsxnxaun.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM0b757cff=Rundll32.exe "[%SYSTEM%]\lazusoju.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 08464f63=rundll32.exe "[%SYSTEM%]\nijetiyi.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, duvalahuse=Rundll32.exe "[%SYSTEM%]\hebeferi.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 402836fe=rundll32.exe "[%SYSTEM%]\ukfplqbp.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 4838e7b1=rundll32.exe "[%SYSTEM%]\njmmjcei.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 1c3f0c26=rundll32.exe "[%SYSTEM%]\rligejxw.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM5ffe474f=Rundll32.exe "[%SYSTEM%]\pugaloji.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, limebinofo=Rundll32.exe "[%SYSTEM%]\tojogosu.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 0878296a=rundll32.exe "[%SYSTEM%]\aexppila.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM2b5d13c7=Rundll32.exe "[%SYSTEM%]\gopapodu.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ginisuzehi=Rundll32.exe "[%SYSTEM%]\maweyeri.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMd72982d5=Rundll32.exe "[%SYSTEM%]\jifetahi.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, d41ab149=rundll32.exe "[%SYSTEM%]\sikafupo.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hekekerife=Rundll32.exe "[%SYSTEM%]\wolizapa.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kanofapeyu=Rundll32.exe "[%SYSTEM%]\kiwasuge.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 76733dc0=rundll32.exe "[%SYSTEM%]\mnirnnxo.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR69C9.exe=[%SYSTEM%]\YUR69C9.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURBD2.exe=[%SYSTEM%]\YURBD2.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR6B5F.exe=[%SYSTEM%]\YUR6B5F.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR6E9A.exe=[%SYSTEM%]\YUR6E9A.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR89B8.exe=[%SYSTEM%]\YUR89B8.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR8F24.exe=[%SYSTEM%]\YUR8F24.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR76E3.exe=[%SYSTEM%]\YUR76E3.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR6C0A.exe=[%SYSTEM%]\YUR6C0A.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURBBFE.exe=[%SYSTEM%]\YURBBFE.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2B72.exe=[%SYSTEM%]\YUR2B72.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR270F.exe=[%SYSTEM%]\YUR270F.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2809.exe=[%SYSTEM%]\YUR2809.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURDB82.exe=[%SYSTEM%]\YURDB82.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD837.exe=[%SYSTEM%]\YURD837.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD49F.exe=[%SYSTEM%]\YURD49F.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD403.exe=[%SYSTEM%]\YURD403.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR69C9.exe=[%SYSTEM%]\YUR69C9.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR89B8.exe=[%SYSTEM%]\YUR89B8.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR8F24.exe=[%SYSTEM%]\YUR8F24.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR76E3.exe=[%SYSTEM%]\YUR76E3.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR6C0A.exe=[%SYSTEM%]\YUR6C0A.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2B72.exe=[%SYSTEM%]\YUR2B72.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR270F.exe=[%SYSTEM%]\YUR270F.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2809.exe=[%SYSTEM%]\YUR2809.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURDB82.exe=[%SYSTEM%]\YURDB82.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD837.exe=[%SYSTEM%]\YURD837.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD49F.exe=[%SYSTEM%]\YURD49F.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD403.exe=[%SYSTEM%]\YURD403.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 54b605b7=rundll32.exe "[%SYSTEM%]\ujooqwmw.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, f02d0577=rundll32.exe "[%SYSTEM%]\qdhwlkse.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, b8307aa2=rundll32.exe "[%SYSTEM%]\anxskvtu.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run, 26fdeaf1=rundll32.exe "[%SYSTEM%]\dtgydjbs.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 94cba4da=rundll32.exe "[%SYSTEM%]\dpfcgbwx.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, c8fed4c6=rundll32.exe "[%SYSTEM%]\xxjqnylq.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMb3aff783=Rundll32.exe "[%SYSTEM%]\ruvaluno.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mizajuhewo=Rundll32.exe "[%SYSTEM%]\kumiberu.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, a49d7a16=rundll32.exe "[%SYSTEM%]\iuwbbbvn.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMbbd7f68c=Rundll32.exe "[%SYSTEM%]\yigekote.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 1f6b10ad=rundll32.exe "[%SYSTEM%]\ltinmxve.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, bc8f1673=rundll32.exe "[%SYSTEM%]\jkdkmlrp.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BMbfbc25ef=Rundll32.exe "[%SYSTEM%]\kqddlyhn.dll",s
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BMbfbc25ef=Rundll32.exe "[%SYSTEM%]\kqddlyhn.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, d4c0c0cb=rundll32.exe "[%SYSTEM%]\tkkhkmfl.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, 1c0cebcf=rundll32.exe "[%SYSTEM%]\vosdlvfw.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, BM1f3fd853=Rundll32.exe "[%SYSTEM%]\lskiixyc.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM47830f1d=Rundll32.exe "[%SYSTEM%]\seleluke.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hunugakava=Rundll32.exe "[%SYSTEM%]\junapoma.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, d42e60ba=rundll32.exe "[%SYSTEM%]\sfhmvxbw.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 4de0f1cb=rundll32.exe "[%SYSTEM%]\nuuijxwl.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\byXNghHx.dll,#1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 44f026d7=rundll32.exe "[%PROFILE_TEMP%]\luwiwlyu.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\hggghExX.dll,c
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, e40b2373=rundll32.exe "[%SYSTEM%]\glrkrsri.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\pmnkhfCv.dll,#1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\mlJYqQHY.dll,c
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 1e6f1653=rundll32.exe "[%SYSTEM%]\rvqsummv.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, fcf042e8=rundll32.exe "[%PROFILE_TEMP%]\lxxrwtsm.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\iifdBSiJ.dll,c
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BMffc37174=Rundll32.exe "[%PROFILE_TEMP%]\njueeccb.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, bikudavute=Rundll32.exe "[%SYSTEM%]\detujedu.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ac0bbb4a=rundll32.exe "[%SYSTEM%]\ocanvfrn.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM4ffbee92=Rundll32.exe "[%SYSTEM%]\tuvumuge.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, jufidavofi=Rundll32.exe "[%SYSTEM%]\bujasojo.dll",s
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winhqc32.rom,aDXRun
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM53f592f1=Rundll32.exe "[%SYSTEM%]\nadojizu.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, memedubonu=Rundll32.exe "[%SYSTEM%]\namiviko.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1.exe=[%SYSTEM%]\YUR1.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1.exe=[%SYSTEM%]\YUR1.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2.exe=[%SYSTEM%]\YUR2.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2.exe=[%SYSTEM%]\YUR2.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR4.exe=[%SYSTEM%]\YUR4.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3.exe=[%SYSTEM%]\YUR3.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURA.exe=[%SYSTEM%]\YURA.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR9.exe=[%SYSTEM%]\YUR9.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR8.exe=[%SYSTEM%]\YUR8.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURA.exe=[%SYSTEM%]\YURA.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR9.exe=[%SYSTEM%]\YUR9.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR8.exe=[%SYSTEM%]\YUR8.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR4.exe=[%SYSTEM%]\YUR4.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3.exe=[%SYSTEM%]\YUR3.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR7.exe=[%SYSTEM%]\YUR7.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR7.exe=[%SYSTEM%]\YUR7.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, cmds=rundll32.exe [%PROFILE_TEMP%]\efcCstRK.dll,c
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, BM3e469284=Rundll32.exe "[%PROFILE_TEMP%]\hngunrwk.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1C9.exe=[%SYSTEM%]\YUR1C9.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1C9.exe=[%SYSTEM%]\YUR1C9.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1CA.exe=[%SYSTEM%]\YUR1CA.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1C8.exe=[%SYSTEM%]\YUR1C8.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1CA.exe=[%SYSTEM%]\YUR1CA.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1C8.exe=[%SYSTEM%]\YUR1C8.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1CB.exe=[%SYSTEM%]\YUR1CB.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1CB.exe=[%SYSTEM%]\YUR1CB.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, brastk=brastk.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 18feeb87=rundll32.exe "[%SYSTEM%]\cvduiwyu.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, 3d75a118=rundll32.exe "[%PROFILE_TEMP%]\irwmelno.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nihezutabu=Rundll32.exe "[%SYSTEM%]\foragote.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM47830f1d=Rundll32.exe "[%SYSTEM%]\pomanaku.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 5c1c3dba=rundll32.exe "[%SYSTEM%]\avnhchcg.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run, 7c69fa45=rundll32.exe "[%SYSTEM%]\hwgkyclo.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM0b757cff=Rundll32.exe "[%SYSTEM%]\lohulatu.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 08464f63=rundll32.exe "[%SYSTEM%]\ruhegozi.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, d4ddca5c=rundll32.exe "[%SYSTEM%]\xdbsueha.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, f0c0fa42=rundll32.exe "[%SYSTEM%]\wdxafurc.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 5c226c3a=rundll32.exe "[%SYSTEM%]\eubpokvv.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 4cc4e91c=rundll32.exe "[%SYSTEM%]\lqichufa.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 38178242=rundll32.exe "[%SYSTEM%]\olauwhkc.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, b425d67c=rundll32.exe "[%SYSTEM%]\svugexkm.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMaf33424a=Rundll32.exe "[%SYSTEM%]\jolujara.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ac0071d6=rundll32.exe "[%SYSTEM%]\bokosefu.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 3c706975=rundll32.exe "[%SYSTEM%]\ewfpxocw.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wuhurizagu=Rundll32.exe "[%SYSTEM%]\vomuganu.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 984f4bbb=rundll32.exe "[%SYSTEM%]\guwvcwkp.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\ljJDUkjG.dll,#1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\xXpMFxVp.dll,c
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, b8ac458f=rundll32.exe "[%SYSTEM%]\wpxybcaw.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMbbd7f68c=Rundll32.exe "[%SYSTEM%]\nukatojo.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMbbd7f68c=Rundll32.exe "[%SYSTEM%]\mokojela.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 184ddc3a=rundll32.exe "[%SYSTEM%]\cgdiigcx.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\iifeeEur.dll,c
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM0b757cff=Rundll32.exe "[%SYSTEM%]\hizapego.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 08464f63=rundll32.exe "[%SYSTEM%]\nadojizu.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 320d18a1=rundll32.exe "[%SYSTEM%]\hwgpmtcj.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 0091356d=rundll32.exe "[%SYSTEM%]\jeacfwsw.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 1c6f1250=rundll32.exe "[%SYSTEM%]\rletyvvf.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 48510ec0=rundll32.exe "[%SYSTEM%]\twiqtviv.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, f88c87a0=rundll32.exe "[%SYSTEM%]\akdgyfvd.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM03b2c314=Rundll32.exe "[%SYSTEM%]\bitonuta.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 0081f088=rundll32.exe "[%SYSTEM%]\lotoyeyo.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wolijazipo=Rundll32.exe "[%SYSTEM%]\zedisubo.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, d4335e90=rundll32.exe "[%SYSTEM%]\mqrqkicv.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run, c8508ae7=rundll32.exe "[%SYSTEM%]\ohlidfnf.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM7f5671e3=Rundll32.exe "[%SYSTEM%]\gimujuri.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 7c65427f=rundll32.exe "[%SYSTEM%]\senifetu.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, fetipapuse=Rundll32.exe "[%SYSTEM%]\fofuhiza.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, A0380mon=[%SYSTEM%]\A0380mon.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, LMSAL1K=LMSAL1K.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BM4fbeef05=Rundll32.exe "[%SYSTEM%]\ycvgewgv.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE4.exe=[%SYSTEM%]\VIE4.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE3.exe=[%SYSTEM%]\VIE3.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE2.exe=[%SYSTEM%]\VIE2.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE1.exe=[%SYSTEM%]\VIE1.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE4.exe=[%SYSTEM%]\VIE4.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE3.exe=[%SYSTEM%]\VIE3.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE2.exe=[%SYSTEM%]\VIE2.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE1.exe=[%SYSTEM%]\VIE1.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR50.exe=[%SYSTEM%]\YUR50.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR4E.exe=[%SYSTEM%]\YUR4E.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURC.exe=[%SYSTEM%]\YURC.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR5.exe=[%SYSTEM%]\YUR5.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR5.exe=[%SYSTEM%]\YUR5.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURC.exe=[%SYSTEM%]\YURC.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR49.exe=[%SYSTEM%]\YUR49.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR49.exe=[%SYSTEM%]\YUR49.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD.exe=[%SYSTEM%]\YURD.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR4C.exe=[%SYSTEM%]\YUR4C.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD.exe=[%SYSTEM%]\YURD.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR4C.exe=[%SYSTEM%]\YUR4C.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE13E.exe=[%SYSTEM%]\VIE13E.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR4A.exe=[%SYSTEM%]\YUR4A.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR4A.exe=[%SYSTEM%]\YUR4A.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR6038.exe=[%SYSTEM%]\YUR6038.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, rs32net=[%SYSTEM%]\rs32net.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR50.exe=[%SYSTEM%]\YUR50.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR4E.exe=[%SYSTEM%]\YUR4E.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run, 2b1b13ad=rundll32.exe "[%SYSTEM%]\dcdtxurl.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 34165f2a=rundll32.exe "[%SYSTEM%]\tuwuaijp.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-Disabled, MSServer=rundll32.exe [%SYSTEM%]\byXRjifG.dll,#1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 00eea7f7=rundll32.exe "[%SYSTEM%]\lkrqslki.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 7808c345=rundll32.exe "[%SYSTEM%]\nbeudjen.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winjug32.rom,HpjRun
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 7a146a86=rundll32.exe "[%SYSTEM%]\bxrchxik.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\wvUlJDWQ.dll,#1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\kHAtqoNE.dll,#1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, aa9097a1=rundll32.exe "[%PROFILE_TEMP%]\xqvhsuqn.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\eFWQkiiJ.dll,c
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, vmdetdhc.exe=[%SYSTEM%]\vmdetdhc.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, a8c562da=rundll32.exe "[%SYSTEM%]\fpmuhdtf.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 3c30fc34=rundll32.exe "[%SYSTEM%]\okafkkhe.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\geBQHXOh.dll,#1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\iiFvwVno.dll,c
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 8c1923eb=rundll32.exe "[%SYSTEM%]\vxiniufl.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\xxyyvWNd.dll,#1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, c0e7b64b=rundll32.exe "[%SYSTEM%]\ldfpgerp.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 18a6277a=rundll32.exe "[%SYSTEM%]\bawctcaf.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 18a6277a=rundll32.exe "[%SYSTEM%]\diknckbd.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, f8ef9bfb=rundll32.exe "[%SYSTEM%]\xqeldxvv.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BMfbdca867=Rundll32.exe "[%SYSTEM%]\gmcvpdkp.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run, fce2798f=rundll32.exe "[%SYSTEM%]\rhmxbprj.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\qoMeFyvV.dll,#1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gukagaweli=Rundll32.exe "[%SYSTEM%]\jafiyuji.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMa30861d8=Rundll32.exe "[%SYSTEM%]\pevojazi.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, rotovedefe=Rundll32.exe "[%SYSTEM%]\zemevuno.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMaf33424a=Rundll32.exe "[%SYSTEM%]\zutagoje.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ac0071d6=rundll32.exe "[%SYSTEM%]\giyivino.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Wcavobabamisab=rundll32.exe "[%WINDOWS%]\Hbugu.dll",e
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM47830f1d=Rundll32.exe "[%SYSTEM%]\dayiwoya.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 44b03c81=rundll32.exe "[%SYSTEM%]\basogulu.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 4ce84a28=rundll32.exe "[%SYSTEM%]\ldaefvgt.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 54a58e5f=rundll32.exe "[%SYSTEM%]\elaygsti.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 702f7d06=rundll32.exe "[%SYSTEM%]\vkotukrr.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ccb30876=rundll32.exe "[%SYSTEM%]\ceysuboo.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 3c817901=rundll32.exe "[%SYSTEM%]\hknlgdpx.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 805bdf7c=rundll32.exe "[%SYSTEM%]\dfqwtiwq.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIEA6.exe=[%SYSTEM%]\VIEA6.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE144.exe=[%SYSTEM%]\VIE144.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE13F.exe=[%SYSTEM%]\VIE13F.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE13D.exe=[%SYSTEM%]\VIE13D.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE13C.exe=[%SYSTEM%]\VIE13C.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIEA6.exe=[%SYSTEM%]\VIEA6.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE144.exe=[%SYSTEM%]\VIE144.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE13F.exe=[%SYSTEM%]\VIE13F.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE13E.exe=[%SYSTEM%]\VIE13E.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE13D.exe=[%SYSTEM%]\VIE13D.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE13C.exe=[%SYSTEM%]\VIE13C.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMc379a106=Rundll32.exe "[%SYSTEM%]\jurumoku.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, c04a929a=rundll32.exe "[%SYSTEM%]\gitoribo.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mugeguyuni=Rundll32.exe "[%SYSTEM%]\jepewosi.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, c4f8703a=rundll32.exe "[%SYSTEM%]\auyxwmaa.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 402836fe=rundll32.exe "[%SYSTEM%]\vbrcaeua.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 0afd30ce=rundll32.exe "[%SYSTEM%]\pbnrsbru.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM17286fc8=Rundll32.exe "[%SYSTEM%]\lskwmvom.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 141b5c54=rundll32.exe "[%SYSTEM%]\rsqgtksw.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, siwuhihabu=Rundll32.exe "[%SYSTEM%]\pigopimu.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 000000af=rundll32.exe "[%SYSTEM%]\cjywybyy.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURA6C4.exe=[%SYSTEM%]\YURA6C4.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURA492.exe=[%SYSTEM%]\YURA492.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURA0AC.exe=[%SYSTEM%]\YURA0AC.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR9EF7.exe=[%SYSTEM%]\YUR9EF7.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR9137.exe=[%SYSTEM%]\YUR9137.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR423D.exe=[%SYSTEM%]\YUR423D.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR4114.exe=[%SYSTEM%]\YUR4114.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURA6C4.exe=[%SYSTEM%]\YURA6C4.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURA492.exe=[%SYSTEM%]\YURA492.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURA0AC.exe=[%SYSTEM%]\YURA0AC.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR9EF7.exe=[%SYSTEM%]\YUR9EF7.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, a414140a=rundll32.exe "[%SYSTEM%]\gjumxjgu.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMb7ffe0d8=Rundll32.exe "[%SYSTEM%]\jomimogo.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, b4ccd344=rundll32.exe "[%SYSTEM%]\kivereza.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, zufetavatu=Rundll32.exe "[%SYSTEM%]\jorukiyi.dll",s
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR9E22.exe=[%SYSTEM%]\YUR9E22.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURA2D3.exe=[%SYSTEM%]\YURA2D3.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gejizahire=Rundll32.exe "[%SYSTEM%]\denekilo.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 24e5477a=rundll32.exe "[%SYSTEM%]\bkavpfyt.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices, UpdateWin=[%SYSTEM%]\1041j.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, UpdateWin=[%SYSTEM%]\1041j.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices, UpdateWin=[%SYSTEM%]\1041j.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, UpdateWin=[%SYSTEM%]\1041j.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM672e4b7c=Rundll32.exe "[%SYSTEM%]\bogiwoka.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 641d78e0=rundll32.exe "[%SYSTEM%]\filulafo.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, tuvayeheyo=Rundll32.exe "[%SYSTEM%]\jelipeya.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 6c404e15=rundll32.exe "[%SYSTEM%]\anffuotb.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, b4ea1732=rundll32.exe "[%SYSTEM%]\oafjaxhc.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 907b2c64=rundll32.exe "[%SYSTEM%]\vbiwnbyy.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\yayaAtQH.dll,#1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\mljgGwwx.dll,c
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\hgGyyvvv.dll,#1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM776b169c=Rundll32.exe "[%SYSTEM%]\doguvuvo.dll",a
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Esta="[%PROGRAM_FILES%]\ASKS~1\javaw.exe" -vt ndrv
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM95b2a173=Rundll32.exe "[%SYSTEM%]\nebiteda.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gasitituye=Rundll32.exe "[%SYSTEM%]\jusirodo.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kalokakuha=Rundll32.exe "[%SYSTEM%]\gazafasi.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMb39b0eea=Rundll32.exe "[%SYSTEM%]\bonigezi.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, fovenokepe=Rundll32.exe "[%SYSTEM%]\selutanu.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 58eeb931=rundll32.exe "[%SYSTEM%]\qeajlcjb.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 94586550=rundll32.exe "[%SYSTEM%]\lugwgsia.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, dafakugema=Rundll32.exe "[%SYSTEM%]\kosuyapu.dll",s
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Hsoto=rundll32.exe "[%LOCAL_APPDATA%]\Ajukikehadeh.dll",e
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ac92afa2=rundll32.exe "[%SYSTEM%]\qphrosei.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ff478044=rundll32.exe "[%SYSTEM%]\dqlvryyu.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 803a6a04=rundll32.exe "[%SYSTEM%]\xhwbuagm.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 20d210bf=rundll32.exe "[%SYSTEM%]\mtdptkiw.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 2c30fadc=rundll32.exe "[%SYSTEM%]\wmfsjvpg.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\fcCUlMcB.dll,#1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\bYOFWopo.dll,c
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, b4bda793=rundll32.exe "[%SYSTEM%]\vquwyxni.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 2411e6d4=rundll32.exe "[%SYSTEM%]\yljnfjtr.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\ddCVMgee.dll,#1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\byXNDUNe.dll,c
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 58e7fee3=rundll32.exe "[%SYSTEM%]\vqbuihkb.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, a4d81621=rundll32.exe "[%SYSTEM%]\edpdscex.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, a4d81621=rundll32.exe "[%SYSTEM%]\xbemfpgr.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 6cd16f35=rundll32.exe "[%SYSTEM%]\yljcdwou.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 386bb9e2=rundll32.exe "[%SYSTEM%]\rxnflskv.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, dc0de508=rundll32.exe "[%SYSTEM%]\tntqtnif.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 646c29e9=rundll32.exe "[%SYSTEM%]\ubbfumdh.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gefolohapi=Rundll32.exe "[%SYSTEM%]\vivopiye.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kikizonule=Rundll32.exe "[%SYSTEM%]\rurisugo.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 24653493=rundll32.exe "[%SYSTEM%]\ltbuuvpp.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 24653493=rundll32.exe "[%SYSTEM%]\ksfvcuju.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 483cd214=rundll32.exe "[%SYSTEM%]\grqjlujj.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nabezirise=Rundll32.exe "[%SYSTEM%]\vabazaja.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 1cbb8b8b=rundll32.exe "[%SYSTEM%]\yluieaok.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, b09cc41f=rundll32.exe "[%SYSTEM%]\copxvjrn.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, d4335e90=rundll32.exe "[%SYSTEM%]\vuetbmsi.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 90030767=rundll32.exe "[%SYSTEM%]\mcqgklvv.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Njicuhijucivicid=rundll32.exe "[%WINDOWS%]\uxufimifetelag.dll",e
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Tmapaz=rundll32.exe "[%WINDOWS%]\Ebepo.dll",e
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gemufopobi=Rundll32.exe "[%SYSTEM%]\gumiviho.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\awttsTMc.dll,#1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\geBuSMcA.dll,#1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, fe23bc91=rundll32.exe "[%SYSTEM%]\lfxobcud.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, fe23bc91=rundll32.exe "[%SYSTEM%]\lfxobcud.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 70dbfcff=rundll32.exe "[%SYSTEM%]\jlqkiesv.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURA2D3.exe=[%SYSTEM%]\YURA2D3.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR9F1C.exe=[%SYSTEM%]\YUR9F1C.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR9E22.exe=[%SYSTEM%]\YUR9E22.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR9F1C.exe=[%SYSTEM%]\YUR9F1C.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BM3bcd196a=Rundll32.exe "[%SYSTEM%]\lotteodi.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR71C5.exe=[%SYSTEM%]\YUR71C5.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR8287.exe=[%SYSTEM%]\YUR8287.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB52B.exe=[%SYSTEM%]\YURB52B.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mozojudapu=Rundll32.exe "[%SYSTEM%]\kujejato.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Pxofadejuz=rundll32.exe "[%WINDOWS%]\uhafotoce.dll",e
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Hliraceh=rundll32.exe "[%WINDOWS%]\Jsivuva.dll",e
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\__c0066CA1.dat
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, f44a9382=rundll32.exe "[%SYSTEM%]\dgvmkldi.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BMf779a01e=Rundll32.exe "[%SYSTEM%]\bhtdkeyr.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 40197795=rundll32.exe "[%SYSTEM%]\hvenxqkq.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 4c606dbb=rundll32.exe "[%SYSTEM%]\bafbgwhi.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mogiluhehe=Rundll32.exe "[%SYSTEM%]\kumiberu.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\tuvUMeEW.dll,#1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ae55773d=rundll32.exe "[%SYSTEM%]\wagtsohn.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, b4bda793=rundll32.exe "[%SYSTEM%]\sisxmslb.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Volume Shadow Organizer=nvbsvc.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kagiruhono=Rundll32.exe "[%SYSTEM%]\vagivoho.dll",s
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\awtutqPJ.dll,#1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 1a423c60=rundll32.exe "[%PROFILE_TEMP%]\clccvqoi.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\yayvUoLd.dll,c
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 0274ebde=rundll32.exe "[%SYSTEM%]\nyhfftuf.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\tuvTLbca.dll,c
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR178D.exe=[%SYSTEM%]\YUR178D.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURCC56.exe=[%SYSTEM%]\YURCC56.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR32BE.exe=[%SYSTEM%]\YUR32BE.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR36B6.exe=[%SYSTEM%]\YUR36B6.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3196.exe=[%SYSTEM%]\YUR3196.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR36D2.exe=[%SYSTEM%]\YUR36D2.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR9E05.exe=[%SYSTEM%]\YUR9E05.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR178D.exe=[%SYSTEM%]\YUR178D.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR9219.exe=[%SYSTEM%]\YUR9219.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR94D8.exe=[%SYSTEM%]\YUR94D8.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR6BE4.exe=[%SYSTEM%]\YUR6BE4.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURCC56.exe=[%SYSTEM%]\YURCC56.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR4C42.exe=[%SYSTEM%]\YUR4C42.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR32BE.exe=[%SYSTEM%]\YUR32BE.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR36B6.exe=[%SYSTEM%]\YUR36B6.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3196.exe=[%SYSTEM%]\YUR3196.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\ssQIYQKB.dll,#1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\iifebYsQ.dll,#1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, c09ef80a=rundll32.exe "[%SYSTEM%]\fafdvhlj.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BM8b88a509=Rundll32.exe "[%SYSTEM%]\befmkuml.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, acdecbd6=rundll32.exe "[%SYSTEM%]\ipqouolf.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, f0eaf6f6=rundll32.exe "[%SYSTEM%]\ffsaqehc.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, d4335e90=rundll32.exe "[%SYSTEM%]\jugseolq.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 38fe2af6=rundll32.exe "[%SYSTEM%]\hwtqyeng.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 4c8c0986=rundll32.exe "[%SYSTEM%]\tbpialoa.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\nnnOiHAP.dll,#1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, BM5b95011f=Rundll32.exe "[%SYSTEM%]\fnaocwkj.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 48ca7b80=rundll32.exe "[%SYSTEM%]\wayerode.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, e87df1bb=rundll32.exe "[%SYSTEM%]\iwytavfo.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURDAD3.exe=[%SYSTEM%]\YURDAD3.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3938.exe=[%SYSTEM%]\YUR3938.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUREC9F.exe=[%SYSTEM%]\YUREC9F.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR729F.exe=[%SYSTEM%]\YUR729F.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR6EB9.exe=[%SYSTEM%]\YUR6EB9.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR5D42.exe=[%SYSTEM%]\YUR5D42.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR632B.exe=[%SYSTEM%]\YUR632B.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR6138.exe=[%SYSTEM%]\YUR6138.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR5C29.exe=[%SYSTEM%]\YUR5C29.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 104a7229=rundll32.exe "[%SYSTEM%]\jnjmvkwq.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 70dbfcff=rundll32.exe "[%SYSTEM%]\tksjvxyp.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 047cbd03=rundll32.exe "[%SYSTEM%]\srcinrkt.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 9c7bf945=rundll32.exe "[%SYSTEM%]\wwqxnxwc.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 58f90d51=rundll32.exe "[%SYSTEM%]\agwocrxr.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMc393d26f=Rundll32.exe "[%SYSTEM%]\tefimija.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, c0a0e1f3=rundll32.exe "[%SYSTEM%]\nedenodi.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 04902149=rundll32.exe "[%SYSTEM%]\vplumxbb.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, c810868e=rundll32.exe "[%SYSTEM%]\prpkpbcy.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Windows OS Function=[%SYSTEM%]\win32osf.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURFA93.exe=[%SYSTEM%]\YURFA93.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3E.exe=[%SYSTEM%]\YUR3E.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR933B.exe=[%SYSTEM%]\YUR933B.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD44E.exe=[%SYSTEM%]\YURD44E.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR99DE.exe=[%SYSTEM%]\YUR99DE.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURF1FB.exe=[%SYSTEM%]\YURF1FB.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURA8CC.exe=[%SYSTEM%]\YURA8CC.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2C2E.exe=[%SYSTEM%]\YUR2C2E.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD799.exe=[%SYSTEM%]\YURD799.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURA83F.exe=[%SYSTEM%]\YURA83F.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURAF22.exe=[%SYSTEM%]\YURAF22.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURA340.exe=[%SYSTEM%]\YURA340.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR188.exe=[%SYSTEM%]\YUR188.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR35A.exe=[%SYSTEM%]\YUR35A.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURF19E.exe=[%SYSTEM%]\YURF19E.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURA053.exe=[%SYSTEM%]\YURA053.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB385.exe=[%SYSTEM%]\YURB385.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD6BE.exe=[%SYSTEM%]\YURD6BE.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cc2b7c8b=rundll32.exe "[%SYSTEM%]\gvidubhv.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, dunakotiwo=Rundll32.exe "[%SYSTEM%]\pagapobo.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR35E.exe=[%SYSTEM%]\YUR35E.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR35C.exe=[%SYSTEM%]\YUR35C.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR35B.exe=[%SYSTEM%]\YUR35B.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 308c92c2=rundll32.exe "[%SYSTEM%]\aiaohrds.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 21721747=rundll32.exe "[%SYSTEM%]\nxkfobty.dll",b
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\__c00E7519.dat
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 28cebd95=rundll32.exe "[%SYSTEM%]\jhiuhhfc.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, dcdf04c1=rundll32.exe "[%SYSTEM%]\jtnbmwba.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunAdvanced Uninstaller, 4c3e95f1=rundll32.exe "[%SYSTEM%]\ehnecxhj.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\ddcaBsqn.dll,#1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, fe639eb6=rundll32.exe "[%PROFILE_TEMP%]\turjuxml.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\nnnmLcYq.dll,c
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BMfd50ad2a=Rundll32.exe "[%PROFILE_TEMP%]\hvrwyvji.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, e8091977=rundll32.exe "[%SYSTEM%]\peyumupo.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, d80925f7=rundll32.exe "[%SYSTEM%]\kaibsayq.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 9c3d860f=rundll32.exe "[%SYSTEM%]\ovtrdsmk.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 84dc1b83=rundll32.exe "[%SYSTEM%]\hhhocxms.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, c4328ef6=rundll32.exe "[%SYSTEM%]\jyajoorb.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\qoMdCrsR.dll,#1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 4ca0dfa8=rundll32.exe "[%SYSTEM%]\ruojjxkv.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run, CPM271b912c=Rundll32.exe "[%SYSTEM%]\guniyiyu.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run, 2428a2b0=rundll32.exe "[%SYSTEM%]\zokulabo.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run, nefuyiweha=Rundll32.exe "[%SYSTEM%]\zunohuwu.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMf3c0fe2a=Rundll32.exe "[%SYSTEM%]\zanowapu.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, suwiseyubi=Rundll32.exe "[%SYSTEM%]\dorebobo.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 2b691e5b=rundll32.exe "[%SYSTEM%]\kgapdpfk.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, e8faaad2=rundll32.exe "[%SYSTEM%]\oqupekff.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 184a7bc7=rundll32.exe "[%SYSTEM%]\unjroldv.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, dcd7599e=rundll32.exe "[%SYSTEM%]\dxjmsplj.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 063902ae=rundll32.exe "[%SYSTEM%]\wwqboobe.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 1a5c19dc=rundll32.exe "[%SYSTEM%]\milqtufa.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 308f4e7e=rundll32.exe "[%SYSTEM%]\invkrkxi.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 44cdaf4c=rundll32.exe "[%SYSTEM%]\blwndbkj.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BM47fe9cd0=Rundll32.exe "[%SYSTEM%]\xhcaunjo.dll",s
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, userinit=[%APPDATA%]\twext.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BMcf184f17=Rundll32.exe "[%SYSTEM%]\btsvthrd.dll",s
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, e48612f0=rundll32.exe "[%PROFILE_TEMP%]\gxoaeiyu.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 82633c27=rundll32.exe "[%SYSTEM%]\ailcllng.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM1756c8d5=Rundll32.exe "[%SYSTEM%]\duyesedi.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 1465fb49=rundll32.exe "[%SYSTEM%]\hibunevo.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, farihopuda=Rundll32.exe "[%SYSTEM%]\kusihino.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, e8236957=rundll32.exe "[%SYSTEM%]\uawydhic.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\ddCTnkhG.dll,c
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 21766322=rundll32.exe "[%SYSTEM%]\lpyvshpt.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 50278cbe=rundll32.exe "[%SYSTEM%]\cspjcagf.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 60b77a32=rundll32.exe "[%SYSTEM%]\wujjqhic.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run, 0461be90=rundll32.exe "[%SYSTEM%]\oikmcttr.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 9c05e471=rundll32.exe "[%SYSTEM%]\nmmunktg.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMc31cc4fa=Rundll32.exe "[%SYSTEM%]\binupasa.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, c02ff766=rundll32.exe "[%SYSTEM%]\lufapote.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kujimafema=Rundll32.exe "[%SYSTEM%]\ribayiro.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 48e57ade=rundll32.exe "[%SYSTEM%]\vkaqvidq.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR114F.exe=[%SYSTEM%]\YUR114F.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURF0E.exe=[%SYSTEM%]\YURF0E.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB27.exe=[%SYSTEM%]\YURB27.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURA0F.exe=[%SYSTEM%]\YURA0F.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB68.exe=[%SYSTEM%]\YURB68.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR7225.exe=[%SYSTEM%]\YUR7225.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR70AF.exe=[%SYSTEM%]\YUR70AF.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\yayvUOgh.dll,#1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\xxyYRiff.dll,#1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, d456a19a=rundll32.exe "[%PROFILE_TEMP%]\rohtssti.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\iiFxXRKe.dll,c
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR85E4.exe=[%SYSTEM%]\YUR85E4.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR75DD.exe=[%SYSTEM%]\YUR75DD.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR8B1F.exe=[%SYSTEM%]\YUR8B1F.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURFF35.exe=[%SYSTEM%]\YURFF35.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUREE82.exe=[%SYSTEM%]\YUREE82.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURA302.exe=[%SYSTEM%]\YURA302.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR9A2C.exe=[%SYSTEM%]\YUR9A2C.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD92E.exe=[%SYSTEM%]\YURD92E.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR99DF.exe=[%SYSTEM%]\YUR99DF.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR9D28.exe=[%SYSTEM%]\YUR9D28.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR9BE1.exe=[%SYSTEM%]\YUR9BE1.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB192.exe=[%SYSTEM%]\YURB192.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURAE09.exe=[%SYSTEM%]\YURAE09.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB50B.exe=[%SYSTEM%]\YURB50B.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURADAC.exe=[%SYSTEM%]\YURADAC.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 18ef655c=rundll32.exe "[%SYSTEM%]\dpiappcp.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 18ef655c=rundll32.exe "[%SYSTEM%]\qodycmyw.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR41C.exe=[%SYSTEM%]\YUR41C.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3D4.exe=[%SYSTEM%]\YUR3D4.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3D3.exe=[%SYSTEM%]\YUR3D3.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3D2.exe=[%SYSTEM%]\YUR3D2.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3D1.exe=[%SYSTEM%]\YUR3D1.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR41C.exe=[%SYSTEM%]\YUR41C.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3D4.exe=[%SYSTEM%]\YUR3D4.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3D3.exe=[%SYSTEM%]\YUR3D3.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3D2.exe=[%SYSTEM%]\YUR3D2.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3D1.exe=[%SYSTEM%]\YUR3D1.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMcf9593c4=Rundll32.exe "[%SYSTEM%]\pikunuri.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wewenofegi=Rundll32.exe "[%SYSTEM%]\dewukobe.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 06e45f94=rundll32.exe "[%SYSTEM%]\lwnhncfx.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run, 7fa86d8e=rundll32.exe "[%SYSTEM%]\iplgrrds.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, a00164b2=rundll32.exe "[%SYSTEM%]\goeoohau.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, e88b298a=rundll32.exe "[%SYSTEM%]\gjxvqypy.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 94dd0c00=rundll32.exe "[%SYSTEM%]\tbaxfxmy.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2E.exe=[%SYSTEM%]\YUR2E.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2F.exe=[%SYSTEM%]\YUR2F.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2E.exe=[%SYSTEM%]\YUR2E.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2F.exe=[%SYSTEM%]\YUR2F.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR30.exe=[%SYSTEM%]\YUR30.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR30.exe=[%SYSTEM%]\YUR30.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR71D.exe=[%SYSTEM%]\YUR71D.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR71D.exe=[%SYSTEM%]\YUR71D.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2D.exe=[%SYSTEM%]\YUR2D.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2D.exe=[%SYSTEM%]\YUR2D.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR191.exe=[%SYSTEM%]\YUR191.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR191.exe=[%SYSTEM%]\YUR191.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, brastk=[%SYSTEM%]\brastk.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, asdasdasdasdasd=RunDll32.exe "[%SYSTEM%]\llllllll.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 68c85976=rundll32.exe "[%SYSTEM%]\iadqhfjs.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 84d03bdb=rundll32.exe "[%SYSTEM%]\gytyviti.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 21721747=rundll32.exe "[%SYSTEM%]\vpqoxceo.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, bisifiporu=Rundll32.exe "[%SYSTEM%]\bolanefi.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\fcccbxuU.dll,#1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 843e6fdd=rundll32.exe "[%SYSTEM%]\fskltngn.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 44cdaf4c=rundll32.exe "[%SYSTEM%]\kfuvfjrb.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BM47fe9cd0=Rundll32.exe "[%SYSTEM%]\plykxlrv.dll",s
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winmhw32.rom,pVBRun
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMeb3a2aeb=Rundll32.exe "[%SYSTEM%]\holuruti.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMeb3a2aeb=Rundll32.exe "[%SYSTEM%]\tuhuguhi.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, dc655a79=rundll32.exe "[%SYSTEM%]\nmdnlxdh.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 0274ebde=rundll32.exe "[%SYSTEM%]\gccgxsdf.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 21721747=rundll32.exe "[%SYSTEM%]\gohwrpiw.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 21766322=rundll32.exe "[%SYSTEM%]\jmyjwkvs.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMff3a9486=Rundll32.exe "[%SYSTEM%]\ferazolu.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, merulozesu=Rundll32.exe "[%SYSTEM%]\ruyopaku.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, lelihufuyu=Rundll32.exe "[%SYSTEM%]\kimupabe.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM071a8194=Rundll32.exe "[%SYSTEM%]\garayudi.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 4ca0dfa8=rundll32.exe "[%SYSTEM%]\ypshkoac.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 320d18a1=rundll32.exe "[%SYSTEM%]\fwntsgoh.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\dDstTmMf.dll,#1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\awttSJBt.dll,c
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURFE08.exe=[%SYSTEM%]\YURFE08.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURFE08.exe=[%SYSTEM%]\YURFE08.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 20cfc636=rundll32.exe "[%SYSTEM%]\usmpdmyu.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SearchIndexer=rundll32.exe "[%SYSTEM%]\glkmkemc.dll",sitypnow
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 08ac6169=rundll32.exe "[%SYSTEM%]\nkcfchsv.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 82633c27=rundll32.exe "[%SYSTEM%]\dqvkepla.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 248cea77=rundll32.exe "[%SYSTEM%]\hrdshixh.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 643d8dd6=rundll32.exe "[%SYSTEM%]\cjccqply.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, penewagede=Rundll32.exe "[%SYSTEM%]\zelokore.dll",s
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run, WinUpdating=WinUpdating.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\fCRIccdC.dll,c
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 90eee558=rundll32.exe "[%SYSTEM%]\xbamuuom.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, a0e334a4=rundll32.exe "[%SYSTEM%]\iycmwung.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 8ce5068d=rundll32.exe "[%SYSTEM%]\wqiqvooh.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, f47b1f8d=rundll32.exe "[%SYSTEM%]\mechicrt.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMeb3a2aeb=Rundll32.exe "[%SYSTEM%]\molafabo.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, e8091977=rundll32.exe "[%SYSTEM%]\kijafigo.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM3fec768d=Rundll32.exe "[%SYSTEM%]\kirenalo.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 3cdf4511=rundll32.exe "[%SYSTEM%]\ruyopaku.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, karuhizopa=Rundll32.exe "[%SYSTEM%]\rakujotu.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 54420c27=rundll32.exe "[%SYSTEM%]\eiqtafgh.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 68c85976=rundll32.exe "[%SYSTEM%]\latudndq.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, dc6394ff=rundll32.exe "[%SYSTEM%]\xtjjupro.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 21721747=rundll32.exe "[%SYSTEM%]\tcpeyqyn.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 21766322=rundll32.exe "[%SYSTEM%]\sqrqqpci.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, __c002DC8C=rundll32.exe "[%PROFILE_TEMP%]\__c002DC8C.dat",B
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\qoMcbAQg.dll,#1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 33863c47=rundll32.exe "[%SYSTEM%]\wgfgfbjg.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM5f4951e4=Rundll32.exe "[%SYSTEM%]\bolanefi.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM47830f1d=Rundll32.exe "[%SYSTEM%]\kibubura.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, [%SYSTEM%]\kdbex.exe=[%SYSTEM%]\kdbex.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, MSServer=rundll32.exe [%SYSTEM%]\efcDVnMc.dll,#1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 7e06e08a=rundll32.exe "[%SYSTEM%]\ooomigoj.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, dc6d609b=rundll32.exe "[%SYSTEM%]\seenktxt.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM2711589d=Rundll32.exe "[%SYSTEM%]\wahewozi.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 24226b01=rundll32.exe "[%SYSTEM%]\medemovo.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, zepoduweyi=Rundll32.exe "[%SYSTEM%]\najibite.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 781b8292=rundll32.exe "[%SYSTEM%]\qrhohxba.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, d0936c10=rundll32.exe "[%PROFILE_TEMP%]\rcgipvjr.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 308f4e7e=rundll32.exe "[%SYSTEM%]\jylmpmkb.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, a49c13a6=rundll32.exe "[%SYSTEM%]\rnkfnhnl.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMeb3a2aeb=Rundll32.exe "[%SYSTEM%]\higesila.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, a40b13e5=rundll32.exe "[%SYSTEM%]\vphlibmc.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 04d75719=rundll32.exe "[%SYSTEM%]\jbcqtacj.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BM07e46485=Rundll32.exe "[%SYSTEM%]\hmqypyit.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, dc6394ff=rundll32.exe "[%SYSTEM%]\jimwhixg.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, f8965498=rundll32.exe "[%SYSTEM%]\plgoxcfe.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 48e57ade=rundll32.exe "[%SYSTEM%]\tvdemtbn.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices, WindowsRegKey update=winupdate.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, WindowsRegKey update=winupdate.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, WindowsRegKey update=winupdate.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BMd7568b54=Rundll32.exe "[%SYSTEM%]\cipmmhfy.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 64b7c684=rundll32.exe "[%SYSTEM%]\wvxecqal.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, b2b97438=rundll32.exe "[%SYSTEM%]\wvjdmavh.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 84d6fb7f=rundll32.exe "[%SYSTEM%]\kxacoouh.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM137996f2=Rundll32.exe "[%SYSTEM%]\resemuzu.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 104aa56e=rundll32.exe "[%SYSTEM%]\disogumi.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sejasesogu=Rundll32.exe "[%SYSTEM%]\pajuseyu.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, c0b0f35a=rundll32.exe "[%SYSTEM%]\jiqpgojb.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR9D7.exe=C:\Windows\system32\YUR9D7.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR9AE.exe=C:\Windows\system32\YUR9AE.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, e440816e=rundll32.exe "[%SYSTEM%]\ujcfnwbo.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 423b2b70=rundll32.exe "[%SYSTEM%]\rnpqdkhq.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 0495efa0=rundll32.exe "[%SYSTEM%]\oyrfxehr.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\qoMcyARk.dll,#1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 70a1fff1=rundll32.exe "[%PROFILE_TEMP%]\vgvibmgb.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\urqQgfCs.dll,c
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, igfxtray=[%SYSTEM%]\igfxtray.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Runonce=[%SYSTEM%]\runouce.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR445.exe=[%SYSTEM%]\YUR445.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR444.exe=[%SYSTEM%]\YUR444.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 308f4e7e=rundll32.exe "[%SYSTEM%]\meekwgjg.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, d8baa8f4=rundll32.exe "[%SYSTEM%]\esxhtbgv.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\rqRJBSLD.dll,#1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\urqRHbCu.dll,#1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 3cb24559=rundll32.exe "[%SYSTEM%]\nmlygpwb.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 4c606dbb=rundll32.exe "[%SYSTEM%]\rfoddoia.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMd3bda391=Rundll32.exe "[%SYSTEM%]\zotemiso.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, d08e900d=rundll32.exe "[%SYSTEM%]\puwisuro.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, buvowedido=Rundll32.exe "[%SYSTEM%]\zizatewa.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, d08e900d=rundll32.exe "[%SYSTEM%]\lejivaya.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Tair="[%PROGRAM_FILES%]\ICROSO~1.NET\ntvdm.exe" -vt yazb
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMeb3a2aeb=Rundll32.exe "[%SYSTEM%]\yugovuji.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, e8091977=rundll32.exe "[%SYSTEM%]\miyovawa.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMeb3a2aeb=Rundll32.exe "[%SYSTEM%]\gebuhobo.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, e8091977=rundll32.exe "[%SYSTEM%]\tawagifi.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 54420c27=rundll32.exe "[%SYSTEM%]\ntkvjfqb.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 586d2bdd=rundll32.exe "[%SYSTEM%]\ykhsapao.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 586d2bdd=rundll32.exe "[%SYSTEM%]\hsfpobee.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, LMSESTD=LMSESTD.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, faguyelaju=Rundll32.exe "[%SYSTEM%]\wepozara.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, e8a58973=rundll32.exe "[%SYSTEM%]\lrpxifcf.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 382c0974=rundll32.exe "[%SYSTEM%]\wsiatwyt.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hinutukije=Rundll32.exe "[%SYSTEM%]\nirotona.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 848a0cb8=rundll32.exe "[%SYSTEM%]\xoqhlnhf.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\byXRifdB.dll,#1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 8c2b26da=rundll32.exe "[%SYSTEM%]\hqbphivj.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM5f4951e4=Rundll32.exe "[%SYSTEM%]\vigalefe.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BM733906a2=Rundll32.exe "[%SYSTEM%]\witcuvru.dll",s
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\cbXPfETm.dll,c
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM47830f1d=Rundll32.exe "[%SYSTEM%]\zewadora.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 44b03c81=rundll32.exe "[%SYSTEM%]\geyofebi.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, a81b6e11=rundll32.exe "[%SYSTEM%]\ansfveta.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 4ce22e06=rundll32.exe "[%SYSTEM%]\hibqcsts.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 7f38607f=rundll32.exe "[%SYSTEM%]\tquhgtue.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 320d18a1=rundll32.exe "[%SYSTEM%]\ywvijnac.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 6cf4e1f6=rundll32.exe "[%SYSTEM%]\rrkvddeu.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM776b169c=Rundll32.exe "[%SYSTEM%]\zerefugu.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 74582500=rundll32.exe "[%SYSTEM%]\lisolazu.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM776b169c=Rundll32.exe "[%SYSTEM%]\takihiru.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM776b169c=Rundll32.exe "[%SYSTEM%]\yokanate.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 74582500=rundll32.exe "[%SYSTEM%]\hezigotu.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, 48ebdebd=rundll32.exe "[%SYSTEM%]\kugecvnm.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 946bc470=rundll32.exe "[%SYSTEM%]\ftptcotu.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hipumomiri=Rundll32.exe "[%SYSTEM%]\neweyoko.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 30682938=rundll32.exe "[%SYSTEM%]\fysuddkp.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, a43377a1=rundll32.exe "[%SYSTEM%]\mdwflkdk.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 0495efa0=rundll32.exe "[%SYSTEM%]\yywjvssg.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 000000af=rundll32.exe "[%SYSTEM%]\uvphelrw.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BM5398f650=Rundll32.exe "[%SYSTEM%]\bjtvfflj.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE1C.exe=[%SYSTEM%]\VIE1C.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE1C.exe=[%SYSTEM%]\VIE1C.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, a0122c3d=rundll32.exe "[%SYSTEM%]\rvghxjuy.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE5.exe=[%SYSTEM%]\VIE5.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE5.exe=[%SYSTEM%]\VIE5.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE1D.exe=[%SYSTEM%]\VIE1D.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR42.exe=[%SYSTEM%]\YUR42.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE1D.exe=[%SYSTEM%]\VIE1D.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR204.exe=[%SYSTEM%]\YUR204.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR40.exe=[%SYSTEM%]\YUR40.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR40.exe=[%SYSTEM%]\YUR40.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR360D.exe=[%SYSTEM%]\YUR360D.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR41.exe=[%SYSTEM%]\YUR41.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR41.exe=[%SYSTEM%]\YUR41.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURAD12.exe=[%SYSTEM%]\YURAD12.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURAD12.exe=[%SYSTEM%]\YURAD12.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2C4F.exe=[%SYSTEM%]\YUR2C4F.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR29C0.exe=[%SYSTEM%]\YUR29C0.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR253D.exe=[%SYSTEM%]\YUR253D.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1EA8.exe=[%SYSTEM%]\YUR1EA8.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR89F6.exe=[%SYSTEM%]\YUR89F6.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3928.exe=[%SYSTEM%]\YUR3928.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURCFA.exe=[%SYSTEM%]\YURCFA.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1FDE.exe=[%SYSTEM%]\YUR1FDE.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR19E9.exe=[%SYSTEM%]\YUR19E9.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR9BA5.exe=[%SYSTEM%]\YUR9BA5.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR9E34.exe=[%SYSTEM%]\YUR9E34.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR9CED.exe=[%SYSTEM%]\YUR9CED.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURA150.exe=[%SYSTEM%]\YURA150.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2C4F.exe=[%SYSTEM%]\YUR2C4F.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR29C0.exe=[%SYSTEM%]\YUR29C0.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR253D.exe=[%SYSTEM%]\YUR253D.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1EA8.exe=[%SYSTEM%]\YUR1EA8.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURAE.exe=[%SYSTEM%]\YURAE.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURAE.exe=[%SYSTEM%]\YURAE.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURAD.exe=[%SYSTEM%]\YURAD.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURAD.exe=[%SYSTEM%]\YURAD.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR43.exe=[%SYSTEM%]\YUR43.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR42.exe=[%SYSTEM%]\YUR42.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR43.exe=[%SYSTEM%]\YUR43.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR201.exe=[%SYSTEM%]\YUR201.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR202.exe=[%SYSTEM%]\YUR202.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR203.exe=[%SYSTEM%]\YUR203.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURAF.exe=[%SYSTEM%]\YURAF.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURAF.exe=[%SYSTEM%]\YURAF.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BM57347b8b=Rundll32.exe "[%SYSTEM%]\kkuycuwe.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 1835322d=rundll32.exe "[%SYSTEM%]\myoubtfb.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sebajomome=Rundll32.exe "[%SYSTEM%]\bafoline.dll",s
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winjgs32.rom,TVMRun
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 38730e12=rundll32.exe "[%SYSTEM%]\avedbipa.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, c04bfca9=rundll32.exe "[%SYSTEM%]\cndvibyh.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-Disabled, CPMabb48594=Rundll32.exe "[%SYSTEM%]\popukalu.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMabb48594=Rundll32.exe "[%SYSTEM%]\wisahiri.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, a887b608=rundll32.exe "[%SYSTEM%]\sukogude.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-Disabled, gohuresaki=Rundll32.exe "[%WINDOWS%]\polelure.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gohuresaki=Rundll32.exe "[%WINDOWS%]\polelure.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, BMeb83be85=Rundll32.exe "[%SYSTEM%]\aigiefos.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, e82e55d4=rundll32.exe "[%SYSTEM%]\iasquykg.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BM4302898b=Rundll32.exe "[%SYSTEM%]\gbwduiwr.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ec1ec0a1=rundll32.exe "[%SYSTEM%]\voevaicg.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, MSServer=rundll32.exe [%SYSTEM%]\ssqPfgEV.dll,#1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\ssqPfgEV.dll,#1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMeb3a2aeb=Rundll32.exe "[%SYSTEM%]\jihubazo.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, e8091977=rundll32.exe "[%SYSTEM%]\toyinoki.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winjmf32.rom,OBARun
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 21721747=rundll32.exe "[%SYSTEM%]\ghdculti.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, 78a865a9=rundll32.exe "[%SYSTEM%]\wumeabch.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, dc0a19e7=rundll32.exe "[%SYSTEM%]\hyblyadr.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 4de0f1cb=rundll32.exe "[%SYSTEM%]\xsbnxvae.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\byXRkhiJ.dll,#1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, xi22zpk6=[%SYSTEM%]\xi22zpk6.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, xi22zpk6=[%SYSTEM%]\xi22zpk6.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 34165f2a=rundll32.exe "[%SYSTEM%]\rbupgdim.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\geBqOiJa.dll,c
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, a4ca993c=rundll32.exe "[%SYSTEM%]\nsygsyso.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Scth="[%APPDATA%]\YSTEM3~1\javaw.exe" -vt yazb
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 14b25005=rundll32.exe "[%SYSTEM%]\vmpbdmap.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 4de0f1cb=rundll32.exe "[%SYSTEM%]\boymirqn.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE21.exe=[%SYSTEM%]\VIE21.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE21.exe=[%SYSTEM%]\VIE21.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\hGvVPjIC.dll,#1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 20921921=rundll32.exe "[%SYSTEM%]\uspqepxg.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, e8cc43cb=rundll32.exe "[%SYSTEM%]\snxaibqh.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMeb3a2aeb=Rundll32.exe "[%SYSTEM%]\binuvete.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, e8091977=rundll32.exe "[%SYSTEM%]\maligoha.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 54420c27=rundll32.exe "[%SYSTEM%]\yofinjvs.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 14d83331=rundll32.exe "[%SYSTEM%]\fbdpdpws.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, b8e53509=rundll32.exe "[%SYSTEM%]\jllpnxhc.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM47830f1d=Rundll32.exe "[%SYSTEM%]\nazoduse.dll",a
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM47830f1d=Rundll32.exe "[%SYSTEM%]\nazoduse.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 44b03c81=rundll32.exe "[%SYSTEM%]\fuwageza.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM9f48a507=Rundll32.exe "[%SYSTEM%]\hupojoyu.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 9c7b969b=rundll32.exe "[%SYSTEM%]\davafuhu.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Eaol="[%SYSTEM%]\FNTS~1\spool32.exe" -vt ndrv
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 48581bcf=rundll32.exe "[%SYSTEM%]\sokofosu.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, c0d2a04c=rundll32.exe "[%SYSTEM%]\mscvwikd.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, f467d738=rundll32.exe "[%SYSTEM%]\gylgskfa.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nozoyemewa=Rundll32.exe "[%SYSTEM%]\tafivefi.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB0.exe=[%SYSTEM%]\YURB0.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB0.exe=[%SYSTEM%]\YURB0.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, BM9f47c5a1=Rundll32.exe "[%SYSTEM%]\sgavstbf.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BM9f47c5a1=Rundll32.exe "[%SYSTEM%]\sgavstbf.dll",s
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Scth="[%APPDATA%]\YSTEM3~1\javaw.exe" -vt ndrv
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, f893ace5=rundll32.exe "[%SYSTEM%]\eafixcnc.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, b8932e4b=rundll32.exe "[%SYSTEM%]\uppopudg.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 4847b052=rundll32.exe "[%SYSTEM%]\imtmvvoo.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE9F.exe=[%SYSTEM%]\VIE9F.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE9F.exe=[%SYSTEM%]\VIE9F.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Cpl32ver=[%SYSTEM%]\Cpl32ver.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIEAC.exe=[%SYSTEM%]\VIEAC.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIEAB.exe=[%SYSTEM%]\VIEAB.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIEAC.exe=[%SYSTEM%]\VIEAC.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIEA2.exe=[%SYSTEM%]\VIEA2.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIEA2.exe=[%SYSTEM%]\VIEA2.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE96.exe=[%SYSTEM%]\VIE96.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE96.exe=[%SYSTEM%]\VIE96.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIEAB.exe=[%SYSTEM%]\VIEAB.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE87.exe=[%SYSTEM%]\VIE87.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE87.exe=[%SYSTEM%]\VIE87.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIEF1.exe=[%SYSTEM%]\VIEF1.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIEF1.exe=[%SYSTEM%]\VIEF1.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR6.exe=[%SYSTEM%]\YUR6.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR6.exe=[%SYSTEM%]\YUR6.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUREA14.exe=[%SYSTEM%]\YUREA14.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR18B.exe=[%SYSTEM%]\YUR18B.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR18C.exe=[%SYSTEM%]\YUR18C.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE84.exe=[%SYSTEM%]\VIE84.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wblogon=[%SYSTEM%]\algg.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE7C.exe=[%SYSTEM%]\VIE7C.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE7C.exe=[%SYSTEM%]\VIE7C.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE85.exe=[%SYSTEM%]\VIE85.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE85.exe=[%SYSTEM%]\VIE85.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE84.exe=[%SYSTEM%]\VIE84.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, f43b15ea=rundll32.exe "[%SYSTEM%]\lnjbfall.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 04e0fd8a=rundll32.exe "[%SYSTEM%]\tyknxbha.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 207a12db=rundll32.exe "[%SYSTEM%]\javycqcs.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, resozowope=Rundll32.exe "[%SYSTEM%]\torajigu.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 4c606dbb=rundll32.exe "[%SYSTEM%]\ikowemjp.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 002d7f3c=rundll32.exe "[%SYSTEM%]\dhwsoowl.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 002d7f3c=rundll32.exe "[%SYSTEM%]\ygxedwcf.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 34317c0b=rundll32.exe "[%SYSTEM%]\jsggdsdq.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 7c8aebb6=rundll32.exe "[%PROFILE_TEMP%]\erbhuqjg.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\mLEurOEu.dll,c
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\opnoomNf.dll,#1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\pmnoOFur.dll,#1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMeb3a2aeb=Rundll32.exe "[%SYSTEM%]\wenihubi.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE9E.exe=[%SYSTEM%]\VIE9E.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE8A.exe=[%SYSTEM%]\VIE8A.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE19D.exe=[%SYSTEM%]\VIE19D.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE19C.exe=[%SYSTEM%]\VIE19C.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE19B.exe=[%SYSTEM%]\VIE19B.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE19A.exe=[%SYSTEM%]\VIE19A.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE9E.exe=[%SYSTEM%]\VIE9E.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE8A.exe=[%SYSTEM%]\VIE8A.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE19D.exe=[%SYSTEM%]\VIE19D.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE19C.exe=[%SYSTEM%]\VIE19C.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE19B.exe=[%SYSTEM%]\VIE19B.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \VIE19A.exe=[%SYSTEM%]\VIE19A.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 3cdf0af6=rundll32.exe "[%SYSTEM%]\yimckwun.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 006c8eed=rundll32.exe "[%SYSTEM%]\hebowugi.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, rukeyopige=Rundll32.exe "[%SYSTEM%]\fasuzele.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 21766322=rundll32.exe "[%SYSTEM%]\meqxqedy.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BM313e2b3d=Rundll32.exe "[%SYSTEM%]\uklinsjm.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM4b8b6e53=Rundll32.exe "[%SYSTEM%]\wepejapu.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 48b85dcf=rundll32.exe "[%SYSTEM%]\tepidike.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, tetihudana=Rundll32.exe "[%SYSTEM%]\bukatake.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 085d88d1=rundll32.exe "[%SYSTEM%]\xpyvrxfh.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM9f48a507=Rundll32.exe "[%SYSTEM%]\remebeyi.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 9c7b969b=rundll32.exe "[%SYSTEM%]\tisuleto.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 6804114e=rundll32.exe "[%SYSTEM%]\kpcefnas.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, fc1d1599=rundll32.exe "[%SYSTEM%]\wnrjpcie.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURE85F.exe=[%SYSTEM%]\YURE85F.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURE459.exe=[%SYSTEM%]\YURE459.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURE2A4.exe=[%SYSTEM%]\YURE2A4.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, fe0ec3b7=rundll32.exe "[%PROFILE_TEMP%]\dgwymqgp.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\ddcCUlIB.dll,c
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\awtsPIcb.dll,#1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM776b169c=Rundll32.exe "[%SYSTEM%]\lohulatu.dll",a
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 74582500=rundll32.exe "[%SYSTEM%]\wekavube.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, d0e7c92f=rundll32.exe "[%SYSTEM%]\jtpdoenp.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, fce2b320=rundll32.exe "[%SYSTEM%]\mcptyjap.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yoyewumuli=Rundll32.exe "[%SYSTEM%]\wudepuve.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ec8eff52=rundll32.exe "[%SYSTEM%]\lopedeza.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, zudakotaso=Rundll32.exe "[%SYSTEM%]\gidohanu.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 65c4b349=rundll32.exe "[%SYSTEM%]\wiwijadu.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, putesakapi=Rundll32.exe "[%SYSTEM%]\gohifodi.dll",s
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Esrs="[%PROGRAM_FILES%]\ICROSO~1.NET\smss.exe" -vt yazb
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 0803f8b9=rundll32.exe "[%SYSTEM%]\qjypntnk.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, b88181d4=rundll32.exe "[%SYSTEM%]\phuewuny.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\yayaBRIA.dll,#1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, xizkdufw="[%LOCAL_APPDATA%]\xizkdufw.exe" xizkdufw
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, fojorosobu=Rundll32.exe "[%SYSTEM%]\vogapasa.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 84129acd=rundll32.exe "[%SYSTEM%]\leforoju.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, BM3e1146b6=Rundll32.exe "[%SYSTEM%]\coseftnh.dll",s
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR17.exe=[%SYSTEM%]\YUR17.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR16.exe=[%SYSTEM%]\YUR16.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR15.exe=[%SYSTEM%]\YUR15.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR14.exe=[%SYSTEM%]\YUR14.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR4C2.exe=[%SYSTEM%]\YUR4C2.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR4C2.exe=[%SYSTEM%]\YUR4C2.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURADC.exe=[%SYSTEM%]\YURADC.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2AB.exe=[%SYSTEM%]\YUR2AB.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR927.exe=[%SYSTEM%]\YUR927.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR927.exe=[%SYSTEM%]\YUR927.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2AA.exe=[%SYSTEM%]\YUR2AA.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2A9.exe=[%SYSTEM%]\YUR2A9.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR87EC.exe=[%SYSTEM%]\YUR87EC.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD37.exe=[%SYSTEM%]\YURD37.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR8A16.exe=[%SYSTEM%]\YUR8A16.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURADC.exe=[%SYSTEM%]\YURADC.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR5AC.exe=[%SYSTEM%]\YUR5AC.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR87EC.exe=[%SYSTEM%]\YUR87EC.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD37.exe=[%SYSTEM%]\YURD37.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR8A16.exe=[%SYSTEM%]\YUR8A16.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR5AC.exe=[%SYSTEM%]\YUR5AC.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, e409fb3f=rundll32.exe "[%SYSTEM%]\pbmqswue.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run, 320d18a1=rundll32.exe "[%SYSTEM%]\yhprebrc.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, dc9049bf=rundll32.exe "[%SYSTEM%]\voaujqoe.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ec5f6b56=rundll32.exe "[%SYSTEM%]\hcjckcrw.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, b888e04b=rundll32.exe "[%SYSTEM%]\zuyijuli.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yewakajahe=Rundll32.exe "[%SYSTEM%]\fawazife.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 5cc9cd71=rundll32.exe "[%SYSTEM%]\rbmdjffb.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, fcae5473=rundll32.exe "[%SYSTEM%]\zehubedu.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nalenonawa=Rundll32.exe "[%SYSTEM%]\sihiyadu.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 083fbb19=rundll32.exe "[%SYSTEM%]\hrniqwqs.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\yayaYrqN.dll,#1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2BB.exe=[%SYSTEM%]\YUR2BB.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2A8.exe=[%SYSTEM%]\YUR2A8.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, c84b1dcf=rundll32.exe "[%SYSTEM%]\fneavopp.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BMcb782e53=Rundll32.exe "[%SYSTEM%]\fmqyuwfx.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 44ef57ec=rundll32.exe "[%SYSTEM%]\imtgqfjh.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 31d0f1f3=rundll32.exe "[%SYSTEM%]\tarisprc.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, e0425126=rundll32.exe "[%SYSTEM%]\hkorqaln.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 40c9475e=rundll32.exe "[%SYSTEM%]\rtpudkph.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 40c9475e=rundll32.exe "[%SYSTEM%]\eyjfqmvf.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 9c11b3c9=rundll32.exe "[%SYSTEM%]\mukrfdor.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 9c11b3c9=rundll32.exe "[%SYSTEM%]\tudxjwdv.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 8492472d=rundll32.exe "[%SYSTEM%]\idfvcmrj.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 14112a7d=rundll32.exe "[%SYSTEM%]\wwnvmece.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 1052693e=rundll32.exe "[%SYSTEM%]\txxqkgnj.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, f08f3f0c=rundll32.exe "[%SYSTEM%]\fubuveva.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, zotidonufa=Rundll32.exe "[%SYSTEM%]\gomuliwe.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 1465f118=rundll32.exe "[%SYSTEM%]\jlocqchf.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 1465f118=rundll32.exe "[%SYSTEM%]\npjtgsqt.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURF40.exe=[%SYSTEM%]\YURF40.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURF3A.exe=[%SYSTEM%]\YURF3A.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURF39.exe=[%SYSTEM%]\YURF39.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURF38.exe=[%SYSTEM%]\YURF38.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURF37.exe=[%SYSTEM%]\YURF37.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 34d2ab3e=rundll32.exe "[%SYSTEM%]\kedojodu.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, zezirebito=Rundll32.exe "[%SYSTEM%]\sivitidu.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, e8faaad2=rundll32.exe "[%SYSTEM%]\vfidnehk.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Aosr="[%PERSONAL%]\FNTS~1\msdtc.exe" -vt yazb
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, f00b0a61=rundll32.exe "[%SYSTEM%]\vnknoupf.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 54a58e5f=rundll32.exe "[%SYSTEM%]\ytrcekou.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cc69a2ac=rundll32.exe "[%SYSTEM%]\uowxdqcs.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 58b52312=rundll32.exe "[%SYSTEM%]\ftaorhan.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 7c26f92a=rundll32.exe "[%SYSTEM%]\owppqwdh.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Tair="[%WINDOWS%]\YMBOLS~1\ping.exe" -vt yazb
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, b4244e27=rundll32.exe "[%SYSTEM%]\hogvtuqx.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, puyavazeji=Rundll32.exe "[%SYSTEM%]\suhireje.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, f0e739a0=rundll32.exe "[%SYSTEM%]\rofqlqxl.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 84129acd=rundll32.exe "[%SYSTEM%]\firogafi.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gesulevuba=Rundll32.exe "[%SYSTEM%]\zirifaye.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kunevimeno=Rundll32.exe "[%SYSTEM%]\gobewowi.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, f415da3d=rundll32.exe "[%SYSTEM%]\jmlsdmpj.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 982352d9=rundll32.exe "[%PROFILE_TEMP%]\qndolndh.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\awtQgGvs.dll,c
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\urQgFxUk.dll,#1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\fccaYRIB.dll,#1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, bc5aa0b2=rundll32.exe "[%SYSTEM%]\xscfyfbp.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, fc11af52=rundll32.exe "[%SYSTEM%]\krlikeji.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 80ec1fd8=rundll32.exe "[%SYSTEM%]\ugtdtcws.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run, 4cd1405d=rundll32.exe "[%SYSTEM%]\wkcufrse.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 70e7c2e8=rundll32.exe "[%SYSTEM%]\jxsbsvej.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, b4b9e7fb=rundll32.exe "[%SYSTEM%]\gadvcfkf.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, c4515194=rundll32.exe "[%SYSTEM%]\scciexxc.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 08f9541f=rundll32.exe "[%SYSTEM%]\ufaasdqj.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, b409de5d=rundll32.exe "[%SYSTEM%]\kfplkevj.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 44567d01=rundll32.exe "[%SYSTEM%]\wtgpvsab.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BM431c3c0a=Rundll32.exe "[%SYSTEM%]\kwkhrhcy.dll",s
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\__c007F53C.dat
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 84a42689=rundll32.exe "[%SYSTEM%]\erhyksxq.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, d07268fd=rundll32.exe "[%SYSTEM%]\gvfbllgs.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 4c606dbb=rundll32.exe "[%SYSTEM%]\jdfeoexe.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, f0b2231e=rundll32.exe "[%SYSTEM%]\jitubiyi.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, povenenomu=Rundll32.exe "[%SYSTEM%]\nutuhunu.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, e0d512fa=rundll32.exe "[%SYSTEM%]\zefugabe.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, delajomoji=Rundll32.exe "[%SYSTEM%]\lugibifi.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 58f66f85=rundll32.exe "[%SYSTEM%]\felazako.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, d489b796=rundll32.exe "[%SYSTEM%]\oqadafxr.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 904760ac=rundll32.exe "[%SYSTEM%]\wlvymudo.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 5c01cfc2=rundll32.exe "[%SYSTEM%]\qimtjvtq.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Uaol="[%PROGRAM_FILES_COMMON%]\YMBOLS~1\services.exe" -vt yazb
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 1c407d58=rundll32.exe "[%SYSTEM%]\ydypandm.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, a0fb588a=rundll32.exe "[%SYSTEM%]\sjxwwqox.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 166d0793=rundll32.exe "[%SYSTEM%]\haaphohw.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\tuvUMdBU.dll,#1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BM155e340f=Rundll32.exe "[%SYSTEM%]\rdvjdtrf.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run, 18a016c9=rundll32.exe "[%SYSTEM%]\cxuucbds.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 20766e43=rundll32.exe "[%SYSTEM%]\upihjsgm.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run, e0d545c9=rundll32.exe "[%SYSTEM%]\qonyhrth.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 24eee6d8=rundll32.exe "[%SYSTEM%]\tysodiha.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 44cdaf4c=rundll32.exe "[%SYSTEM%]\wnkllcbp.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BM47fe9cd0=Rundll32.exe "[%SYSTEM%]\xptimyau.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 43a2ad84=rundll32.exe "[%SYSTEM%]\wbgmsuoe.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 4c606dbb=rundll32.exe "[%SYSTEM%]\rirpqsrn.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\opnlIywT.dll,#1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, b8a3cf0b=rundll32.exe "[%SYSTEM%]\wguegxfe.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 64a996e4=rundll32.exe "[%SYSTEM%]\soorjtvf.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BM679aa578=Rundll32.exe "[%SYSTEM%]\wcbemnnt.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, c0f6f319=rundll32.exe "[%SYSTEM%]\jdvgwauh.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, boriwetuve=Rundll32.exe "[%SYSTEM%]\savobaro.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 3820d004=rundll32.exe "[%SYSTEM%]\rqtvltmj.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 9cda1c8f=rundll32.exe "[%SYSTEM%]\iyuqqbmg.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunAdvanced Uninstaller, 4c3e797a=rundll32.exe "[%SYSTEM%]\ijevqwmp.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 34550551=rundll32.exe "[%SYSTEM%]\bypspjut.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 2c24e32d=rundll32.exe "[%SYSTEM%]\otukialn.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%SYSTEM_DRIVE%]\Temp\wvUoLBSm.dll,c
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\nnnLcddE.dll,#1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM_DRIVE%]\Temp\urQiIcYQ.dll,#1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 0037d35d=rundll32.exe "[%SYSTEM%]\usonruei.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 74aed5e4=rundll32.exe "[%SYSTEM%]\ccrsirft.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, f0ac9eec=rundll32.exe "[%SYSTEM%]\lynlsgdb.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 80dffeba=rundll32.exe "[%SYSTEM%]\cgjpsums.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 0037d35d=rundll32.exe "[%SYSTEM%]\gfvobcar.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, e0a80270=rundll32.exe "[%SYSTEM%]\evcttbqh.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 8c8e20ab=rundll32.exe "[%SYSTEM%]\miccuupw.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 2016be9e=rundll32.exe "[%SYSTEM%]\gwlknbna.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\cbXRLbYs.dll,c
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\pmnnNhhE.dll,#1
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Aida="[%PROGRAM_FILES%]\SSTEM~1\taskmgr.exe" -vt yazb
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kunudefiyi=Rundll32.exe "[%SYSTEM%]\dihefomi.dll",s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 6cf4e1f6=rundll32.exe "[%SYSTEM%]\shlnlrer.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 6cf4e1f6=rundll32.exe "[%SYSTEM%]\jwcgajyn.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, fce2b320=rundll32.exe "[%SYSTEM%]\lmkpuaot.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, e81409d8=rundll32.exe "[%SYSTEM%]\nayhclya.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 6c798d75=rundll32.exe "[%SYSTEM%]\mivaqgyn.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 9878f506=rundll32.exe "[%SYSTEM%]\fkoycnor.dll",b
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, a00164b2=rundll32.exe "[%SYSTEM%]\ckprnqma.dll",b
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR6DBF.exe=[%SYSTEM%]\YUR6DBF.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR6009.exe=[%SYSTEM%]\YUR6009.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1C.exe=[%SYSTEM%]\YUR1C.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB51B.exe=[%SYSTEM%]\YURB51B.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR64DA.exe=[%SYSTEM%]\YUR64DA.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURA311.exe=[%SYSTEM%]\YURA311.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1D.exe=[%SYSTEM%]\YUR1D.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR5E74.exe=[%SYSTEM%]\YUR5E74.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3004.exe=[%SYSTEM%]\YUR3004.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR310E.exe=[%SYSTEM%]\YUR310E.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1E.exe=[%SYSTEM%]\YUR1E.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURAF80.exe=[%SYSTEM%]\YURAF80.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURA7E2.exe=[%SYSTEM%]\YURA7E2.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURA5C0.exe=[%SYSTEM%]\YURA5C0.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURA13D.exe=[%SYSTEM%]\YURA13D.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURE58D.exe=[%SYSTEM%]\YURE58D.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR9C0.exe=[%SYSTEM%]\YUR9C0.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR10B2.exe=[%SYSTEM%]\YUR10B2.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURAD00.exe=[%SYSTEM%]\YURAD00.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD49C.exe=[%SYSTEM%]\YURD49C.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR15C1.exe=[%SYSTEM%]\YUR15C1.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURBF19.exe=[%SYSTEM%]\YURBF19.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR9E7F.exe=[%SYSTEM%]\YUR9E7F.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3A8.exe=[%SYSTEM%]\YUR3A8.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR15F0.exe=[%SYSTEM%]\YUR15F0.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR8999.exe=[%SYSTEM%]\YUR8999.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR8EA7.exe=[%SYSTEM%]\YUR8EA7.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR8EA7.exe=[%SYSTEM%]\YUR8EA7.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR8999.exe=[%SYSTEM%]\YUR8999.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR7CEC.exe=[%SYSTEM%]\YUR7CEC.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3DDA.exe=[%SYSTEM%]\YUR3DDA.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR44BC.exe=[%SYSTEM%]\YUR44BC.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR93D5.exe=[%SYSTEM%]\YUR93D5.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURFF92.exe=[%SYSTEM%]\YURFF92.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR9EED.exe=[%SYSTEM%]\YUR9EED.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR9CBB.exe=[%SYSTEM%]\YUR9CBB.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURCD8B.exe=[%SYSTEM%]\YURCD8B.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR7242.exe=[%SYSTEM%]\YUR7242.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR9923.exe=[%SYSTEM%]\YUR9923.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR4A1.exe=[%SYSTEM%]\YUR4A1.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURE90.exe=[%SYSTEM%]\YURE90.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR95C9.exe=[%SYSTEM%]\YUR95C9.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURA794.exe=[%SYSTEM%]\YURA794.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR147.exe=[%SYSTEM%]\YUR147.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB402.exe=[%SYSTEM%]\YURB402.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR4B13.exe=[%SYSTEM%]\YUR4B13.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR35EE.exe=[%SYSTEM%]\YUR35EE.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR38FA.exe=[%SYSTEM%]\YUR38FA.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR8A73.exe=[%SYSTEM%]\YUR8A73.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR7944.exe=[%SYSTEM%]\YUR7944.exe
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Window