Top 10 Alerts
Latest 10 Malware Files
Testimonials
You guys are freakin' awesome, love the program, love the personalized service, and my pc loves it too :D
Justin S.
Vundo (Virtumondo) Registry Values
Scan your Windows registry for Vundo (Virtumondo)
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, GoogleData=rundll32.exe "[%LOCAL_APPDATA%]\Google\GoogleData\Googledata.dll",DllRegisterServer
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, GoogleData=rundll32.exe "[%LOCAL_APPDATA%]\Google\GoogleData\Googledata.dll",DllRegisterServer
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Rfoqadisay=rundll32.exe "[%LOCAL_APPDATA%]\iqovohiyesupaho.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Rfoqadisay=rundll32.exe "[%LOCAL_APPDATA%]\iqovohiyesupaho.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winrso32.rom,iFYcMqbt
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ApplicationHistoryData=rundll32.exe "[%LOCAL_APPDATA%]\ApplicationHistory\ApplicationHistoryData\ApplicationHistorydata.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ThunderbirdData=rundll32.exe "[%LOCAL_APPDATA%]\Thunderbird\ThunderbirdData\Thunderbirddata.dll",DllRegisterServer
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ApplicationHistoryData=rundll32.exe "[%LOCAL_APPDATA%]\ApplicationHistory\ApplicationHistoryData\ApplicationHistorydata.dll",DllRegisterServer
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ThunderbirdData=rundll32.exe "[%LOCAL_APPDATA%]\Thunderbird\ThunderbirdData\Thunderbirddata.dll",DllRegisterServer
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ApplicationHistoryData=rundll32.exe "[%LOCAL_APPDATA%]\ApplicationHistory\ApplicationHistoryData\ApplicationHistorydata.dll",DllRegisterServer
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ThunderbirdData=rundll32.exe "[%LOCAL_APPDATA%]\Thunderbird\ThunderbirdData\Thunderbirddata.dll",DllRegisterServer
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mafekuvomi=Rundll32.exe "[%SYSTEM%]\lunapigi.dll",s
- HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mafekuvomi=Rundll32.exe "[%SYSTEM%]\lunapigi.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Tsuvoye=rundll32.exe "[%LOCAL_APPDATA%]\aqakukasegadav.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwes32.rom,MLilFU
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, metavevitu=Rundll32.exe "[%SYSTEM%]\kalepopo.dll",s
- HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, metavevitu=Rundll32.exe "[%SYSTEM%]\kalepopo.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, GoogleVerifierPolicy=rundll32.exe "[%COMMON_APPDATA%]\GoogleVerifierPolicy.dll",DllRegisterServer
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {3dfe3d95-3680-4e9e-844e-a6aa800b58e5}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, binerikit={3dfe3d95-3680-4e9e-844e-a6aa800b58e5}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {ac775dde-9e8d-4c8e-8954-882b3d22d577}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, zadejufar={ac775dde-9e8d-4c8e-8954-882b3d22d577}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {183807b8-bc07-48a2-8dad-abc96fa6c7a8}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winzve32.rom,clpWGR
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\efcARjJC.dll,c
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe windjg32.rom,vtuBjaDnQQvb
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Fjuve=rundll32.exe "[%WINDOWS%]\anixixoyenevud.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {91223de9-f8e6-4ffd-8889-be6784c18696}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ywile=rundll32.exe "[%LOCAL_APPDATA%]\eyuhexopak.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winxuv32.rom,dbUAUQ
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {bd6d3576-9e54-4760-ba09-a917d135750e}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winipx32.rom,SSKxLG
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winhxc32.rom,uuLDTgHlX
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ynolihax=rundll32.exe "[%LOCAL_APPDATA%]\iwepowije.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {3CCDF8CE-C339-4DD6-AD4F-CA7230C7E2F2}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\jkkICvVo.dll,#1
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, romuvayipi=Rundll32.exe "[%SYSTEM%]\dirasawu.dll",s
- HKEY_USERS\S-1-5-21-3754821460-248018840-3167915498-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, romuvayipi=Rundll32.exe "[%SYSTEM%]\dirasawu.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winxhv32.rom,ElrQTB
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winpbz32.rom,LQxwbHdsDcL
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Dteluco=rundll32.exe "[%WINDOWS%]\oduzegosulize.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Update=rundll32.exe "[%APPDATA%]\Creative\Creative\vhtqyfeya.dll",DllRegisterServer
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Xsutarezatecuxi=rundll32.exe "[%WINDOWS%]\ayizebufisawanul.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwcu32.rom,COuRJnhGHyw
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, delosoneme=Rundll32.exe "[%SYSTEM%]\gijamore.dll",s
- HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, delosoneme=Rundll32.exe "[%SYSTEM%]\gijamore.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM1b3b2cbc=Rundll32.exe "[%SYSTEM%]\fozehuka.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 18081f20=rundll32.exe "[%SYSTEM%]\hosezora.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Gmuyoz=rundll32.exe "[%WINDOWS%]\atadudibot.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar, {12F02779-6D88-4958-8AD3-83C12D86ADC7}=00
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {75abcf92-9764-4dfa-a83f-5142c3905052}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AppleVerifierNotifier=rundll32.exe "[%COMMON_APPDATA%]\AppleVerifierNotifier.dll",DllRegisterServer
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Lviviquwej=rundll32.exe "[%LOCAL_APPDATA%]\ilezidohugilidu.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Olarawoyu=rundll32.exe "[%LOCAL_APPDATA%]\alitetab.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winkmh32.rom,PMjsOEKA
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 13251753=rundll32.exe "[%SYSTEM%]\vaumdtkq.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BM101624cf=Rundll32.exe "[%SYSTEM%]\tfxyuqoo.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winojm32.rom,EsfkEH
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {bd3c6f7c-6c8d-48f6-ac52-5e4071aeb257}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ayekepoquqo=rundll32.exe "[%LOCAL_APPDATA%]\obesogol.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AppleNotifierProfile=rundll32.exe "[%COMMON_APPDATA%]\AppleNotifierProfile.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winkui32.rom,RUXgEuDuzS
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, DirectxTrayVerifier=rundll32.exe "[%COMMON_APPDATA%]\DirectxTrayVerifier.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winina32.rom,UIklSNDR
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winggf32.rom,ganUfYOrs
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ljifcbsys=rundll32.exe "[%PROFILE_TEMP%]\hgdbcb.dll",DllRegisterServer
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, khgdaasys=rundll32.exe "[%PROFILE_TEMP%]\hgdbcb.dll",DllRegisterServer
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, khgdaasys=rundll32.exe "[%PROFILE_TEMP%]\hgdbcb.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winycx32.rom,UGAuaZTg
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winoma32.rom,USpWcxtnhTBr
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 8adc617b=rundll32.exe "[%PROFILE_TEMP%]\yysghrwu.dll",b
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\qomLccaw.dll,c
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, DirectxTrayManager=rundll32.exe "[%COMMON_APPDATA%]\DirectxTrayManager.dll",DllRegisterServer
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {007c0568-5eeb-45a1-be86-10aa7beab6bb}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winlrf32.rom,FOOhPLmv
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Hjowopevog=rundll32.exe "[%WINDOWS%]\aribubovidogosix.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Hwihubeqovuzi=rundll32.exe "[%LOCAL_APPDATA%]\uhecimafeyut.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Alanewejoguxabo=rundll32.exe "[%LOCAL_APPDATA%]\mste32.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Vgumadoqene=rundll32.exe "[%LOCAL_APPDATA%]\imekiten.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Vgumadoqene=rundll32.exe "[%LOCAL_APPDATA%]\imekiten.dll",Startup
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\pojabese.dll [%SYSTEM%]\yoletepu.dll
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, bihayojima=Rundll32.exe "[%SYSTEM%]\pozimadu.dll",s
- HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, bihayojima=Rundll32.exe "[%SYSTEM%]\pozimadu.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {a6c54318-5ac7-477d-b0a7-49af5189300c}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Hsajizire=rundll32.exe "[%WINDOWS%]\ahuyayiyohuyaga.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, WindowsServiceManager=rundll32.exe "[%COMMON_APPDATA%]\WindowsServiceManager.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winsdk32.rom,RSGpzLARh
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kojomawona=Rundll32.exe "[%SYSTEM%]\yifiroso.dll",s
- HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kojomawona=Rundll32.exe "[%SYSTEM%]\yifiroso.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {ed120d76-bf31-412c-a99b-783c6676e128}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {6a6eae1b-4ad6-4035-974d-504d6dbaa9c3}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {299b5fac-2168-4a5d-a67d-aa4c8f8055da}=
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F56315E.exe=[%PROFILE_TEMP%]\_A00F56315E.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winvbr32.rom,RArmPiBoO
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\yayxvwuu.dll,#1
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winlfo32.rom,NznPPBPqyf
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winrjr32.rom,dJupNdEhxA
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {9b904910-78a4-489d-a825-5111b883a5b2}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AppleData=rundll32.exe "[%LOCAL_APPDATA%]\Apple Computer\AppleData\Appledata.DLL",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AppleVerifierOnline=rundll32.exe "[%COMMON_APPDATA%]\AppleVerifierOnline.dll",DllRegisterServer
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Tmaxovoxanetix=rundll32.exe "[%WINDOWS%]\ofopuqazef.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, urroposys=rundll32.exe "fccbby.dll",s
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, bywwvvsys=rundll32.exe "fccbby.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, bywwvvsys=rundll32.exe "fccbby.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, JavaManagerUpdate=rundll32.exe "[%COMMON_APPDATA%]\JavaManagerUpdate.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, KeyboardOnlineNotifier=rundll32.exe "[%COMMON_APPDATA%]\KeyboardOnlineNotifier.dll",DllRegisterServer
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ulokelijo=rundll32.exe "[%WINDOWS%]\uxizazohecewewec.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Sbuzoqanejobec=rundll32.exe "[%WINDOWS%]\uyusogik.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Fbumusiwojiyerez=rundll32.exe "[%WINDOWS%]\dasdsi.dll",Startup
- HKEY_USERS\S-1-5-21-102147630-3795618141-3721044537-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Fbumusiwojiyerez=rundll32.exe "[%WINDOWS%]\dasdsi.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, 000000af=rundll32.exe "[%SYSTEM%]\lcydshjg.dll",b
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, JavaServiceProfile=rundll32.exe "[%COMMON_APPDATA%]\JavaServiceProfile.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwrv32.rom,CeiGTeZwNqVF
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winnor32.rom,SfwlPvHqKfs
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winxtq32.rom,feNKQf
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winbfc32.rom,ahnQBJsU
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {fb40d31a-b1f8-47ea-bc54-d27ddb475978}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Rfurulec=rundll32.exe "[%WINDOWS%]\ohiyacik.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Jqemeduzubo=rundll32.exe "[%LOCAL_APPDATA%]\ewihipenoxok.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Izetodobuvoge=rundll32.exe "[%LOCAL_APPDATA%]\mstz32.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {bf0ca4fc-6378-4062-b546-3cde8a28b1e0}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, MSSMSGS=rundll32.exe winckn32.rom,OBaLscTEt
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Pximamerih=rundll32.exe "[%LOCAL_APPDATA%]\acuhaxiq.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, DirectxManagerUpdate=rundll32.exe "[%COMMON_APPDATA%]\DirectxManagerUpdate.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winssh32.rom,JoXipqhrsRcr
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, DirectxTrayProfile=rundll32.exe "[%COMMON_APPDATA%]\DirectxTrayProfile.dll",DllRegisterServer
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, c4848e79=rundll32.exe "[%SYSTEM%]\pwdhwyev.dll",b
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Dsiyamavesazu=rundll32.exe "[%LOCAL_APPDATA%]\CDFRPrim.dll",Startup
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MicrosoftData=rundll32.exe "[%SYSTEM_DRIVE%]\Users\kbarnes\AppData\Local\Microsoft Help\MicrosoftData\Microsoftdata.DLL",DllRegisterServer
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MicrosoftData=rundll32.exe "[%SYSTEM_DRIVE%]\Users\kbarnes\AppData\Local\Microsoft Help\MicrosoftData\Microsoftdata.DLL",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wintas32.rom,wHpzBVthZueD
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AppleBackupOnline=rundll32.exe "[%COMMON_APPDATA%]\AppleBackupOnline.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winifz32.rom,vOfozT
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Shihibuxidet=rundll32.exe "[%LOCAL_APPDATA%]\okayovoxanetix.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MicrosoftData=rundll32.exe "[%LOCAL_APPDATA%]\Microsoft Games\MicrosoftData\Microsoftdata.DLL",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ApplePolicyBackup=rundll32.exe "[%COMMON_APPDATA%]\ApplePolicyBackup.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwrv32.rom,BpwJoV
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winqdd32.rom,EHxbZkN
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, DisplayBackupOnline=rundll32.exe "[%COMMON_APPDATA%]\DisplayBackupOnline.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winvsh32.rom,WoybiCxbUvd
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Nvabuma=rundll32.exe "[%LOCAL_APPDATA%]\itecoxicak.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MouseNotifierBackup=rundll32.exe "[%COMMON_APPDATA%]\MouseNotifierBackup.dll",DllRegisterServer
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {487C9905-26A8-42C8-8033-C58AD3D2AEC3}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winqre32.rom,JFIWsBifuFV
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Hrokorecew=rundll32.exe "[%LOCAL_APPDATA%]\ugatoyaqogunewuc.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Mqeqamosarevegub=rundll32.exe "[%LOCAL_APPDATA%]\osohejon.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wintvo32.rom,bCSpuu
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ESETData=rundll32.exe "[%LOCAL_APPDATA%]\ESET\ESETData\ESETdata.DLL",DllRegisterServer
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ESETData=rundll32.exe "[%LOCAL_APPDATA%]\ESET\ESETData\ESETdata.DLL",DllRegisterServer
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mogiluhehe=Rundll32.exe "vafiduzu.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mogiluhehe=Rundll32.exe "vafiduzu.dll",s
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AdobeData=rundll32.exe "[%LOCAL_APPDATA%]\Adobe\AdobeData\Adobedata.dll",DllRegisterServer
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AdobeData=rundll32.exe "[%LOCAL_APPDATA%]\Adobe\AdobeData\Adobedata.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwss32.rom,WTGoYhEvoX
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winojq32.rom,ElYlaBm
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Rgivibuxer=rundll32.exe "[%WINDOWS%]\ababohidozotu.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, vurodurey=Rundll32.exe "[%SYSTEM%]\jobavito.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwuq32.rom,pmKGyFqXet
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Acipulu=rundll32.exe "[%WINDOWS%]\ahuzodul.dll",Startup
- HKEY_USERS\S-1-5-21-3524676778-1629685829-75031530-501\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Acipulu=rundll32.exe "[%WINDOWS%]\ahuzodul.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, DisplayOnlineProfile=rundll32.exe "[%COMMON_APPDATA%]\DisplayOnlineProfile.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hgfcbxaudio=rundll32.exe "[%PROFILE_TEMP%]\effdcy.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, KeyboardManagerPolicy=rundll32.exe "[%COMMON_APPDATA%]\KeyboardManagerPolicy.dll",DllRegisterServer
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, PowerDVDData=rundll32.exe "[%LOCAL_APPDATA%]\PowerDVD DX\PowerDVDData\PowerDVDdata.dll",DllRegisterServer
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, PowerDVDData=rundll32.exe "[%LOCAL_APPDATA%]\PowerDVD DX\PowerDVDData\PowerDVDdata.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winkhn32.rom,pndYCzEFkwJB
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winuiw32.rom,dFWMUltqU
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Cpotunicapaqe=rundll32.exe "[%WINDOWS%]\ocelekoconisi.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Hqadicuvuh=rundll32.exe "[%WINDOWS%]\evenaqafoto.dll",Startup
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, niliberavo=Rundll32.exe "[%SYSTEM%]\toturobe.dll",s
- HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, niliberavo=Rundll32.exe "[%SYSTEM%]\toturobe.dll",s
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AlwaysNeatData=rundll32.exe "[%LOCAL_APPDATA%]\AlwaysNeat\AlwaysNeatData\AlwaysNeatdata.dll",DllRegisterServer
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AlwaysNeatData=rundll32.exe "[%LOCAL_APPDATA%]\AlwaysNeat\AlwaysNeatData\AlwaysNeatdata.dll",DllRegisterServer
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wabazujuk=Rundll32.exe "[%SYSTEM%]\buyaneju.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, howulaniru=Rundll32.exe "nizedage.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {0c2372d6-de70-4599-83d8-2f7eca2b2983}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, liworusod={0c2372d6-de70-4599-83d8-2f7eca2b2983}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {ae4e3ba6-f3ce-49d4-a859-93b11ee09aa8}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, tazilonah={ae4e3ba6-f3ce-49d4-a859-93b11ee09aa8}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {5a1d7561-e0fa-4b1a-9bd9-2b515c09fc4a}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, zubonukas={5a1d7561-e0fa-4b1a-9bd9-2b515c09fc4a}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {744a2f9f-b02d-471e-9870-d6c510e01361}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, kijokebil={744a2f9f-b02d-471e-9870-d6c510e01361}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winmyb32.rom,JJTnqmZ
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winxqa32.rom,lFWYGIawEpv
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {e9383002-fc55-4330-b9c9-67e03bc5c840}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MouseOnlineNotifier=rundll32.exe "[%COMMON_APPDATA%]\MouseOnlineNotifier.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe windco32.rom,hOtrLdvZJ
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, WindowsProfileUpdate=rundll32.exe "[%COMMON_APPDATA%]\WindowsProfileUpdate.dll",DllRegisterServer
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, WindowsProfileUpdate=rundll32.exe "[%COMMON_APPDATA%]\WindowsProfileUpdate.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, JavaTrayOnline=rundll32.exe "[%COMMON_APPDATA%]\JavaTrayOnline.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, IntelVerifierOnline=rundll32.exe "[%COMMON_APPDATA%]\IntelVerifierOnline.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, PCHealthData=rundll32.exe "[%LOCAL_APPDATA%]\PCHealth\PCHealthData\PCHealthdata.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, DownloadedData=rundll32.exe "[%LOCAL_APPDATA%]\Downloaded Installations\DownloadedData\Downloadeddata.dll",DllRegisterServer
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wasebujivi=Rundll32.exe "[%SYSTEM%]\mobesagi.dll",s
- HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wasebujivi=Rundll32.exe "[%SYSTEM%]\mobesagi.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Norton=rundll32.exe "[%LOCAL_APPDATA%]\Temp\TempUpdate\Tempupdt32.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winllf32.rom,nsuRgoWsG
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winqhx32.rom,iqwZoma
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Tnikuhifu=rundll32.exe "[%WINDOWS%]\ikecatofo.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winkep32.rom,mkLfMov
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CAPCOMData=rundll32.exe "[%LOCAL_APPDATA%]\CAPCOM\CAPCOMData\CAPCOMdata.DLL",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, GooglePolicyService=rundll32.exe "[%COMMON_APPDATA%]\GooglePolicyService.dll",DllRegisterServer
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {97f7302a-147c-4435-901c-184375993be6}=
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\seruyone.dll,[%SYSTEM%]\vipuliji.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Uyotuhe=rundll32.exe "[%WINDOWS%]\opoxacumiru.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, KeyboardManagerManager="rundll32.exe" "[%COMMON_APPDATA%]\KeyboardManagerManager.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winhwz32.rom,JZZpHZR
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AppsData=rundll32.exe "[%LOCAL_APPDATA%]\Apps\AppsData\Appsdata.DLL",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wineez32.rom,WeGOXEi
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MouseProfileManager=rundll32.exe "[%COMMON_APPDATA%]\MouseProfileManager.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, JavaOnlinePolicy=rundll32.exe "[%COMMON_APPDATA%]\JavaOnlinePolicy.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Hewlett-PackardData=rundll32.exe "[%LOCAL_APPDATA%]\Hewlett-Packard\Hewlett-PackardData\Hewlett-Packarddata.DLL",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AlienData=rundll32.exe "[%LOCAL_APPDATA%]\Alien Skin\AlienData\Aliendata.DLL",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, DisplayBackupBackup=rundll32.exe "[%COMMON_APPDATA%]\DisplayBackupBackup.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winugx32.rom,hHAeDl
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe windly32.rom,HJThQRbjjpw
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, {93156864-4CC9-430E-95D3-E728C9E82443}Data=rundll32.exe "[%LOCAL_APPDATA%]\{93156864-4CC9-430E-95D3-E728C9E82443}\{93156864-4CC9-430E-95D3-E728C9E82443}Data\{93156864-4CC9-430E-95D3-E728C9E82443}data.DLL",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MouseServiceProfile=rundll32.exe "[%COMMON_APPDATA%]\MouseServiceProfile.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, DisplayVerifierVerifier=rundll32.exe "[%COMMON_APPDATA%]\DisplayVerifierVerifier.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, DiagnosticsData=rundll32.exe "[%LOCAL_APPDATA%]\Diagnostics\DiagnosticsData\Diagnosticsdata.DLL",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, PokerStarsData=rundll32.exe "[%LOCAL_APPDATA%]\PokerStars\PokerStarsData\PokerStarsdata.DLL",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, DirectxBackupUpdate=rundll32.exe "[%COMMON_APPDATA%]\DirectxBackupUpdate.dll",DllRegisterServer
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pmnllidrv=rundll32.exe "wvturs.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pmnllidrv=rundll32.exe "wvturs.dll",s
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, opomnosys=rundll32.exe "mlifdd.dll",DllRegisterServer
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, opomnosys=rundll32.exe "mlifdd.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MirillisData=rundll32.exe "[%LOCAL_APPDATA%]\Mirillis\MirillisData\Mirillisdata.DLL",DllRegisterServer
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, vijalizofi=Rundll32.exe "[%SYSTEM%]\todorulo.dll",s
- HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, vijalizofi=Rundll32.exe "[%SYSTEM%]\todorulo.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, IntelTrayBackup=rundll32.exe "[%COMMON_APPDATA%]\IntelTrayBackup.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winnbw32.rom,EVbDXIXFVGIE
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, GoogleTrayBackup=rundll32.exe "[%COMMON_APPDATA%]\GoogleTrayBackup.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, KeyboardOnlineService=rundll32.exe "[%COMMON_APPDATA%]\KeyboardOnlineService.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winbhl32.rom,IXpFBjW
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winpan32.rom,yTgRPeLF
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ChromiumData=rundll32.exe "[%LOCAL_APPDATA%]\Chromium\ChromiumData\Chromiumdata.DLL",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AdobeData=rundll32.exe "[%LOCAL_APPDATA%]\Adobe\AdobeData\Adobedata.DLL",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, WindowsPolicyBackup=rundll32.exe "[%COMMON_APPDATA%]\WindowsPolicyBackup.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MicrosoftData=rundll32.exe "[%LOCAL_APPDATA%]\Microsoft\MicrosoftData\Microsoftdata.dll",DllRegisterServer
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MicrosoftData=rundll32.exe "[%LOCAL_APPDATA%]\Microsoft\MicrosoftData\Microsoftdata.dll",DllRegisterServer
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MicrosoftData=rundll32.exe "[%LOCAL_APPDATA%]\Microsoft\MicrosoftData\Microsoftdata.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, JavaManagerOnline=rundll32.exe "[%COMMON_APPDATA%]\JavaManagerOnline.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, IntelServiceProfile=rundll32.exe "[%COMMON_APPDATA%]\IntelServiceProfile.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, GraboidData=rundll32.exe "[%LOCAL_APPDATA%]\Graboid\GraboidData\Graboiddata.DLL",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winqcc32.rom,mumDNVsG
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winpbm32.rom,vpKopOwro
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, JavaNotifierUpdate=rundll32.exe "[%COMMON_APPDATA%]\JavaNotifierUpdate.dll",DllRegisterServer
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AppleData=rundll32.exe "[%LOCAL_APPDATA%]\Apple Computer\AppleData\Appledata.DLL",DllRegisterServer
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AppleData=rundll32.exe "[%LOCAL_APPDATA%]\Apple Computer\AppleData\Appledata.DLL",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winfnw32.rom,BnhDDdvMn
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, WindowsNotifierManager=rundll32.exe "[%COMMON_APPDATA%]\WindowsNotifierManager.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ATIData=rundll32.exe "[%LOCAL_APPDATA%]\ATI\ATIData\ATIdata.DLL",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MicrosoftProfilePolicy=rundll32.exe "[%COMMON_APPDATA%]\MicrosoftProfilePolicy.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AppleData=rundll32.exe "[%LOCAL_APPDATA%]\Apple\AppleData\Appledata.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MouseVerifierPolicy=rundll32.exe "[%COMMON_APPDATA%]\MouseVerifierPolicy.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Yzunakobilob=rundll32.exe "[%WINDOWS%]\mfadp71.dll",Startup
- HKEY_USERS\S-1-5-21-3576196792-201331441-2595127562-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Yzunakobilob=rundll32.exe "[%WINDOWS%]\mfadp71.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MouseProfileUpdate=rundll32.exe "[%COMMON_APPDATA%]\MouseProfileUpdate.dll",DllRegisterServer
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\fagometo.dll
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MozillaData=rundll32.exe "[%LOCAL_APPDATA%]\Mozilla\MozillaData\Mozilladata.DLL",DllRegisterServer
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MozillaData=rundll32.exe "[%LOCAL_APPDATA%]\Mozilla\MozillaData\Mozilladata.DLL",DllRegisterServer
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MozillaData=rundll32.exe "[%LOCAL_APPDATA%]\Mozilla\MozillaData\Mozilladata.DLL",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winsgn32.rom,qAlRXdStD
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winmws32.rom,QQkSmwcVEz
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Jbinu=rundll32.exe "[%LOCAL_APPDATA%]\wsqe32.dll",Startup
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hogupitero=Rundll32.exe "[%SYSTEM%]\zinefowo.dll",s
- HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hogupitero=Rundll32.exe "[%SYSTEM%]\zinefowo.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwpr32.rom,yGcafNKCR
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wingzj32.rom,yXmCpCijS
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AppleManagerPolicy=rundll32.exe "[%COMMON_APPDATA%]\AppleManagerPolicy.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, DisplayBackupService=rundll32.exe "[%COMMON_APPDATA%]\DisplayBackupService.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AIMData=rundll32.exe "[%LOCAL_APPDATA%]\AIM\AIMData\AIMdata.dll",DllRegisterServer
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AIMData=rundll32.exe "[%LOCAL_APPDATA%]\AIM\AIMData\AIMdata.dll",DllRegisterServer
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AIMData=rundll32.exe "[%LOCAL_APPDATA%]\AIM\AIMData\AIMdata.dll",DllRegisterServer
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, bywvuusys=rundll32.exe "efddcy.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, bywvuusys=rundll32.exe "efddcy.dll",s
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, tuwofomope=Rundll32.exe "[%SYSTEM%]\japidahu.dll",s
- HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, tuwofomope=Rundll32.exe "[%SYSTEM%]\japidahu.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM5b0080ad=Rundll32.exe "[%SYSTEM%]\davotudo.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 5833b331=rundll32.exe "[%SYSTEM%]\rahuziti.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, tetayaremi=Rundll32.exe "[%SYSTEM%]\begimepo.dll",s
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, tetayaremi=Rundll32.exe "[%SYSTEM%]\begimepo.dll",s
- HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, tetayaremi=Rundll32.exe "[%SYSTEM%]\begimepo.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, KeyboardProfileManager=rundll32.exe "[%COMMON_APPDATA%]\KeyboardProfileManager.dll",DllRegisterServer
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {f4002052-ab29-4b33-8c8d-0e99084564ec}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winbfc32.rom,gfDuUiHUj
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, tuttrqsys=rundll32.exe "dddabb.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, bywtutaudio=rundll32.exe "tutuut.dll",s
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mlmkhgsys=rundll32.exe "dddabb.dll",s
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pmlkljsys=rundll32.exe "xxxvwu.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mlmkhgsys=rundll32.exe "dddabb.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pmlkljsys=rundll32.exe "xxxvwu.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MicrosoftUpdateUpdate=rundll32.exe "[%COMMON_APPDATA%]\MicrosoftUpdateUpdate.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, KeyboardTrayNotifier="rundll32.exe" "[%COMMON_APPDATA%]\KeyboardTrayNotifier.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ctovidequb=rundll32.exe "[%LOCAL_APPDATA%]\utitucej.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Wnaba=rundll32.exe "[%WINDOWS%]\ifulutejefifinoh.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Wtatexo=rundll32.exe "[%WINDOWS%]\mc32rntm.dll",Startup
- HKEY_USERS\S-1-5-21-89959435-1463879939-270321066-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Wtatexo=rundll32.exe "[%WINDOWS%]\mc32rntm.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winuhy32.rom,TgWYFgGQs
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, KeyboardTrayNotifier=rundll32.exe "[%COMMON_APPDATA%]\KeyboardTrayNotifier.dll",DllRegisterServer
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Sdacaq=rundll32.exe "[%WINDOWS%]\izocivir.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, reyayipag=Rundll32.exe "[%SYSTEM%]\giyesewu.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {40d3b2d6-7daa-4aa0-bbbe-f531c36f849e}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, nujunudid={40d3b2d6-7daa-4aa0-bbbe-f531c36f849e}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, KeyboardUpdateBackup=rundll32.exe "[%COMMON_APPDATA%]\KeyboardUpdateBackup.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Akibodowuraf=rundll32.exe "[%WINDOWS%]\wistis25.dll",Startup
- HKEY_USERS\S-1-5-21-3370877026-254659933-4046316696-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Akibodowuraf=rundll32.exe "[%WINDOWS%]\wistis25.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, {07B697F8-6AA4-410D-A9C6-3C3D22D69D91}Data=rundll32.exe "[%LOCAL_APPDATA%]\{07B697F8-6AA4-410D-A9C6-3C3D22D69D91}\{07B697F8-6AA4-410D-A9C6-3C3D22D69D91}Data\{07B697F8-6AA4-410D-A9C6-3C3D22D69D91}data.DLL",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, DisplayProfileManager=rundll32.exe "[%COMMON_APPDATA%]\DisplayProfileManager.dll",DllRegisterServer
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 74cbd913=rundll32.exe "[%SYSTEM%]\gtjhblvp.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BM77f8ea8f=Rundll32.exe "[%SYSTEM%]\akplhcbd.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, KeyboardServiceTray=rundll32.exe "[%COMMON_APPDATA%]\KeyboardServiceTray.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ConexantData=rundll32.exe "[%LOCAL_APPDATA%]\Conexant\ConexantData\Conexantdata.DLL",DllRegisterServer
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {c108ae59-c97f-4517-8b74-5590be3c2a82}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {fffb03ad-a461-4b99-9a23-d3b127d7c995}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, DirectxProfilePolicy=rundll32.exe "[%COMMON_APPDATA%]\DirectxProfilePolicy.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MicrosoftServiceTray=rundll32.exe "[%COMMON_APPDATA%]\MicrosoftServiceTray.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ALI213Data=rundll32.exe "[%LOCAL_APPDATA%]\ALI213\ALI213Data\ALI213data.dll",DllRegisterServer
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ALI213Data=rundll32.exe "[%LOCAL_APPDATA%]\ALI213\ALI213Data\ALI213data.dll",DllRegisterServer
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ALI213Data=rundll32.exe "[%LOCAL_APPDATA%]\ALI213\ALI213Data\ALI213data.dll",DllRegisterServer
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, podunegefe=Rundll32.exe "[%SYSTEM%]\dolaribe.dll",s
- HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, podunegefe=Rundll32.exe "[%SYSTEM%]\dolaribe.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Jdegelufiwuzozaw=rundll32.exe "[%LOCAL_APPDATA%]\axicoxicak.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winkcz32.rom,uZvYNE
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Nkoza=rundll32.exe "[%LOCAL_APPDATA%]\utplatpi.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, WindowsNotifierUpdate=rundll32.exe "[%COMMON_APPDATA%]\WindowsNotifierUpdate.dll",DllRegisterServer
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Yqejar=rundll32.exe "[%WINDOWS%]\ajupagid.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AppleVerifierService=rundll32.exe "[%COMMON_APPDATA%]\AppleVerifierService.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS="rundll32.exe" winhsx32.rom,KGzPmIaas
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winiwq32.rom,wEjYrjm
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winxkg32.rom,nzcnZk
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winzfx32.rom,TxpbjyJ
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ctuxe=rundll32.exe "[%WINDOWS%]\anuyomeb.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Cdemimelumo=rundll32.exe "[%WINDOWS%]\didpioc.dll",Startup
- HKEY_USERS\S-1-5-21-117609710-261903793-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Cdemimelumo=rundll32.exe "[%WINDOWS%]\didpioc.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winjdi32.rom,utuLOyEH
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winbtn32.rom,tgzRtjlyIe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MouseNotifierNotifier=rundll32.exe "[%COMMON_APPDATA%]\MouseNotifierNotifier.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winlnw32.rom,OGCWDqnzxDcV
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winsjl32.rom,rPxsSD
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMbb6d32d7=Rundll32.exe "[%SYSTEM%]\votojoye.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, b85e014b=rundll32.exe "[%SYSTEM%]\tazofehu.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gatoyukaru=Rundll32.exe "[%SYSTEM%]\yagerumu.dll",s
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gatoyukaru=Rundll32.exe "[%SYSTEM%]\yagerumu.dll",s
- HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gatoyukaru=Rundll32.exe "[%SYSTEM%]\yagerumu.dll",s
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F9D572.exe=[%PROFILE_TEMP%]\_A00F9D572.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winzzt32.rom,yxjDMNC
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wineii32.rom,nXZChynN
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winyoo32.rom,JuQqOXGb
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, JavaBackupPolicy=rundll32.exe "[%COMMON_APPDATA%]\JavaBackupPolicy.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwuq32.rom,aSaebMWh
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {b6e95516-27c0-443d-9ba9-abd8c12bae16}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wincui32.rom,ZvPfDkuhtzD
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, DisplayNotifierManager=rundll32.exe "[%COMMON_APPDATA%]\DisplayNotifierManager.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winpqf32.rom,lgMLyLOLv
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Wdapi=rundll32.exe "[%LOCAL_APPDATA%]\icahahurozec.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Etuzowijehu=rundll32.exe "[%LOCAL_APPDATA%]\KBDMAJ.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {8e1bfc0e-8ad2-424d-ac8a-06038481516e}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winfnw32.rom,TxpbjyJ
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\cbXRLBSJ.dll,#1
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\kunuzavi.dll
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Drevo=rundll32.exe "[%LOCAL_APPDATA%]\ecujuxuges.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {a260787b-911c-49a1-ae73-ec76a3cec27e}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winbpu32.rom,kBvLSleOQ
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe windnp32.rom,kBvLSleOQ
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winigi32.rom,xGZiQKkd
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe windwl32.rom,fEQRnzNn
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winvhw32.rom,otJDPjbOnYFp
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\lepefihi.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, Npahixaxeteted=rundll32.exe "[%WINDOWS%]\edazeqeq.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {4a041f13-a111-12a3-b0cf-f99818aa68a4}=zxmsawin.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {40940f85-f015-14f1-a05f-f69858ac6d04}=zptlbsys.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {3319a1f1-9410-9654-3201-345ffa349133}=zywmcime.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {328df602-9541-a985-210a-984a698c6f23}=ptjhchlp.dll
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, holalewawe=Rundll32.exe "[%SYSTEM%]\bezayedo.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AppleBackupVerifier=rundll32.exe "[%COMMON_APPDATA%]\AppleBackupVerifier.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, IntelVerifierTray=rundll32.exe "[%COMMON_APPDATA%]\IntelVerifierTray.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ConduitData=rundll32.exe "[%LOCAL_APPDATA%]\Conduit\ConduitData\Conduitdata.DLL",DllRegisterServer
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ConduitData=rundll32.exe "[%LOCAL_APPDATA%]\Conduit\ConduitData\Conduitdata.DLL",DllRegisterServer
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ConduitData=rundll32.exe "[%LOCAL_APPDATA%]\Conduit\ConduitData\Conduitdata.DLL",DllRegisterServer
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {c4f31a60-d2c7-4b22-ace9-ae33c94d7316}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winugy32.rom,YtwomiST
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MouseProfileProfile=rundll32.exe "[%COMMON_APPDATA%]\MouseProfileProfile.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AatrixData=rundll32.exe "[%LOCAL_APPDATA%]\Aatrix Software\AatrixData\Aatrixdata.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, MSSMSGS=rundll32.exe winvkl32.rom,TgXhisMZuy
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, opqpolsys=rundll32.exe "nnooml.dll",s
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nnmnnlsys=rundll32.exe "nnooml.dll",s
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ljijiisys=rundll32.exe "opollj.dll",s
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pmnlkisys=rundll32.exe "ddddeb.dll",s
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, byyxwxsys=rundll32.exe "iifddb.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nnmnnlsys=rundll32.exe "nnooml.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ljijiisys=rundll32.exe "opollj.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pmnlkisys=rundll32.exe "ddddeb.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, byyxwxsys=rundll32.exe "iifddb.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winebv32.rom,UTuDuUCr
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Mwuficuzu=rundll32.exe "[%WINDOWS%]\osuzeqeq.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {f0ba0854-9d72-4958-9c33-6f4b4f6fe805}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winlik32.rom,CVnFxAuEyu
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, JavaBackupOnline=rundll32.exe "[%COMMON_APPDATA%]\JavaBackupOnline.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Crimibofaxa=rundll32.exe "[%LOCAL_APPDATA%]\emekobil.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Hzufo=rundll32.exe "[%LOCAL_APPDATA%]\ekoxelayotevok.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winssh32.rom,ckHydeeyYh
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wincbe32.rom,gPpZFhjtAOhY
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Emolafecuf=rundll32.exe "[%WINDOWS%]\ejafesujoxumu.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, KeyboardTrayTray=rundll32.exe "[%COMMON_APPDATA%]\KeyboardTrayTray.dll",DllRegisterServer
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gajuvahiri=Rundll32.exe "[%SYSTEM%]\nolomipu.dll",s
- HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gajuvahiri=Rundll32.exe "[%SYSTEM%]\nolomipu.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winbln32.rom,GkCRAdxtcCw
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MicrosoftManagerOnline=rundll32.exe "[%COMMON_APPDATA%]\MicrosoftManagerOnline.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winqyu32.rom,ckHTOSEOdjRt
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hedemorah=Rundll32.exe "[%SYSTEM%]\rozeveze.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Azaziquwejulatiw=rundll32.exe "[%LOCAL_APPDATA%]\ibiholuhuziqizo.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winmgy32.rom,NzFhMnF
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winxhs32.rom,UjIuqDXnHBk
- HKEY_USERS\S-1-5-21-222085943-1485656132-3896622948-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Mtimupapoxu=rundll32.exe "[%WINDOWS%]\iouonkbr.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, lawisudoze=Rundll32.exe "hujepaka.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {d1e67da5-cce4-4fd0-89c2-062ac412bfc9}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, konuvolow={d1e67da5-cce4-4fd0-89c2-062ac412bfc9}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {07e59255-b8d4-46ae-b7c9-f2a4cd905285}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, pihotafon={07e59255-b8d4-46ae-b7c9-f2a4cd905285}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {d9ffeb06-173c-4406-8264-38cf4b97a61d}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, hezabaded={d9ffeb06-173c-4406-8264-38cf4b97a61d}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {a49013a7-1b49-4169-8268-02e6c05e1c6c}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, donimavib={a49013a7-1b49-4169-8268-02e6c05e1c6c}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {4ac28aba-7a87-4d19-b432-3d54c0fdf1c9}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, bemokeyug={4ac28aba-7a87-4d19-b432-3d54c0fdf1c9}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {8f919eef-adc3-4aee-8807-948703635fc0}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, hibitufig={8f919eef-adc3-4aee-8807-948703635fc0}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {f52a0df4-ad36-4133-90c4-e8174e282aec}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, junonoven={f52a0df4-ad36-4133-90c4-e8174e282aec}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {475ee81f-ab3d-4f85-8bf7-a543d8dd41e2}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, juheyuvef={475ee81f-ab3d-4f85-8bf7-a543d8dd41e2}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {ed74d302-8bb8-4e23-a99d-48e6375ee8c4}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, sowajakis={ed74d302-8bb8-4e23-a99d-48e6375ee8c4}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {c2bc0271-964c-4f8e-a7fd-d28729f02d3a}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, zimasanun={c2bc0271-964c-4f8e-a7fd-d28729f02d3a}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {14092dbd-9291-47e8-bd19-87bb04fa15c3}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, yuvetobuh={14092dbd-9291-47e8-bd19-87bb04fa15c3}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {90c7b1cc-12f2-4508-8fe4-7d17d8760268}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, yakufival={90c7b1cc-12f2-4508-8fe4-7d17d8760268}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {4e80fe97-a96d-4e73-8f3f-70b6a9a52cd8}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, kazuvuyeg={4e80fe97-a96d-4e73-8f3f-70b6a9a52cd8}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {c7499200-3340-44fd-a7a7-0547e2574283}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, tegugeyif={c7499200-3340-44fd-a7a7-0547e2574283}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {9f423916-8d95-4223-aabf-c9cccd3022d9}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, gulekatit={9f423916-8d95-4223-aabf-c9cccd3022d9}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {241afe4b-3e47-4fc1-8a3d-deeef671d5ad}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, dafulozit={241afe4b-3e47-4fc1-8a3d-deeef671d5ad}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {98c75180-4b0e-4d9a-9373-66c114ffd1de}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, zumosezuw={98c75180-4b0e-4d9a-9373-66c114ffd1de}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {5bc33684-cf40-4e7b-b19a-a895fc53d232}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, hinowuyeg={5bc33684-cf40-4e7b-b19a-a895fc53d232}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {7b1bdd21-96f9-429f-9516-fc27cfc1b1dc}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, jigafevot={7b1bdd21-96f9-429f-9516-fc27cfc1b1dc}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {95c01508-346f-4a72-bfc1-d9f6a569ca89}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, peduyegam={95c01508-346f-4a72-bfc1-d9f6a569ca89}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {75408f08-9db5-4795-b243-3b1c4aa5c1a0}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, pofipinur={75408f08-9db5-4795-b243-3b1c4aa5c1a0}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {74f13262-6f4b-4118-9276-118f90001184}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, guvawaney={74f13262-6f4b-4118-9276-118f90001184}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {d9044241-738e-4eda-bac9-699e0f1f3619}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, misewekef={d9044241-738e-4eda-bac9-699e0f1f3619}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {7cbe1eca-f59b-4b0e-b1d9-84b7d6c28051}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, zigukokig={7cbe1eca-f59b-4b0e-b1d9-84b7d6c28051}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {514cdd17-61cd-4271-b9a1-98292b42eff8}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, jolozoken={514cdd17-61cd-4271-b9a1-98292b42eff8}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {207c7990-1851-4659-aa77-ad8a969ad79c}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, fabiwirab={207c7990-1851-4659-aa77-ad8a969ad79c}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {f8fffbef-3f6f-4657-a376-df413e9f1fbc}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, sujeteyud={f8fffbef-3f6f-4657-a376-df413e9f1fbc}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {91683a15-dce4-42bc-aaa0-42f05a5489e2}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, telarahup={91683a15-dce4-42bc-aaa0-42f05a5489e2}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {06c03db9-a529-4954-be09-72f3c3c91f09}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, pesikigom={06c03db9-a529-4954-be09-72f3c3c91f09}
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, lawisudoze=Rundll32.exe "hujepaka.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, lawisudoze=Rundll32.exe "hujepaka.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MouseUpdateNotifier=rundll32.exe "[%COMMON_APPDATA%]\MouseUpdateNotifier.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, GoogleManagerTray=rundll32.exe "[%COMMON_APPDATA%]\GoogleManagerTray.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winurk32.rom,feNKQf
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wingoy32.rom,dxyvsOlXATtS
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, GoogleData=rundll32.exe "[%LOCAL_APPDATA%]\Google\GoogleData\Googledata.DLL",DllRegisterServer
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Fjabukinemerokon=rundll32.exe "[%WINDOWS%]\ateqiqejejo.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Udiyik=rundll32.exe "[%WINDOWS%]\ouies32.dll",Startup
- HKEY_USERS\S-1-5-21-2932023578-1518623008-3492543899-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Udiyik=rundll32.exe "[%WINDOWS%]\ouies32.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winvvc32.rom,uuQqtnSBDk
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winbgo32.rom,kyOEbVUNL
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wingas32.rom,rfZqhWns
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, DirectxOnlinePolicy=rundll32.exe "[%COMMON_APPDATA%]\DirectxOnlinePolicy.dll",DllRegisterServer
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hafudehuf=Rundll32.exe "[%SYSTEM%]\yibavisu.dll",a
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00FA576AAA.exe=[%PROFILE_TEMP%]\_A00FA576AAA.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00FA5675FF.exe=[%PROFILE_TEMP%]\_A00FA5675FF.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00FA5631B0.exe=[%PROFILE_TEMP%]\_A00FA5631B0.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winugx32.rom,OGHotJYzXAds
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Kvorimogoy=rundll32.exe "[%LOCAL_APPDATA%]\instri.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, KeyboardBackupVerifier=rundll32.exe "[%COMMON_APPDATA%]\KeyboardBackupVerifier.dll",DllRegisterServer
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {bcc73622-f72d-4277-803c-d65565a0947f}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Vponedugu=rundll32.exe "[%LOCAL_APPDATA%]\axofajel.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winhcj32.rom,mdxlwcHxTPQT
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, WindowsOnlineUpdate=rundll32.exe "[%COMMON_APPDATA%]\WindowsOnlineUpdate.dll",DllRegisterServer
Scan your system registry for FREE
CURIOLAB S.M.B.A., Amagertorv 15, 2, 1160 Copenhagen K, Denmark, +45.36965533