Top 10 virus alerts
Latest 10 malware files
Testimonials
You guys are freakin' awesome, love the program, love the personalized service, and my pc loves it too :D
Justin S.
Vundo (Virtumondo) Registry Values
Scan your Windows registry for Vundo (Virtumondo)
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wasiyadis=Rundll32.exe "[%SYSTEM%]\rezizafo.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {c79b7fff-c638-41b1-a721-ade7c4b22e10}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, ruhaboped={c79b7fff-c638-41b1-a721-ade7c4b22e10}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {75e57392-ff2b-4fa9-a2c1-70ef8c425a75}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, wabelavok={75e57392-ff2b-4fa9-a2c1-70ef8c425a75}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Msubese=rundll32.exe "[%WINDOWS%]\aputivolubu.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yigotatis=Rundll32.exe "[%SYSTEM%]\joweyiba.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {20f9e49f-ee98-4393-9148-9846f45c120c}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, yesehirov={20f9e49f-ee98-4393-9148-9846f45c120c}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, riferizik=Rundll32.exe "[%SYSTEM%]\pajohebu.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {5c27a5bd-458d-449d-9d6c-ef38c63fdcc5}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, vugoreguk={5c27a5bd-458d-449d-9d6c-ef38c63fdcc5}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, tatehuyen=Rundll32.exe "[%SYSTEM%]\gigiweme.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {bfd239b4-e34c-4200-b10e-2345b67590fe}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, jogazuzak={bfd239b4-e34c-4200-b10e-2345b67590fe}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Dkodixipab=rundll32.exe "[%WINDOWS%]\adipakuk.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, votugedope=Rundll32.exe "[%SYSTEM%]\pihimuha.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, rijemezav=Rundll32.exe "[%SYSTEM%]\pubufuhu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, doyosulana=Rundll32.exe "fuwoduke.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {6a4b1324-d758-442d-8464-2521a9783092}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, goluzefus={6a4b1324-d758-442d-8464-2521a9783092}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, zafofovom=Rundll32.exe "[%SYSTEM%]\sodubudu.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {e3707fe8-2aa7-4c95-94f8-7dde3a52aa07}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, bepikutuf={e3707fe8-2aa7-4c95-94f8-7dde3a52aa07}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, RemoteControl=[%SYSTEM%]\rmctrl.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {f9df827a-8fa7-48a3-b268-ca4db563ea40}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, werojeyew=Rundll32.exe "[%SYSTEM%]\bepesata.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {5b070eea-74c2-4b14-a004-02a723d9c743}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, fuzabefad={5b070eea-74c2-4b14-a004-02a723d9c743}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {f56aedc0-c79f-4283-9e40-3d4955ae7f89}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, yodevugiz={f56aedc0-c79f-4283-9e40-3d4955ae7f89}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hogeneviz=Rundll32.exe "[%SYSTEM%]\woyobizi.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {7ad5806f-2b34-4393-8d53-9406f9012db9}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, pufokuwuj={7ad5806f-2b34-4393-8d53-9406f9012db9}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, newuzihad=Rundll32.exe "[%SYSTEM%]\paloyihi.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {ed49b6ea-bd36-483d-8134-b25e4d698a91}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, tovifuhuh={ed49b6ea-bd36-483d-8134-b25e4d698a91}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, huyalolupo=Rundll32.exe "[%SYSTEM%]\miwafelo.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, lahisabat=Rundll32.exe "[%SYSTEM%]\mivohilu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mehayetoy=Rundll32.exe "[%SYSTEM%]\busivapo.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {47f60eae-7ba6-470b-9169-80f1a15fe546}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, povevipob={47f60eae-7ba6-470b-9169-80f1a15fe546}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mehayetoy=Rundll32.exe "[%SYSTEM%]\tebudati.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {15f87a05-f80b-4d1f-b88d-abd2b9cf8544}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, zedenipul={15f87a05-f80b-4d1f-b88d-abd2b9cf8544}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nuruselib=Rundll32.exe "[%SYSTEM%]\zetayuno.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {143f8eb7-5180-40df-b7c3-9984fe7bfa96}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, parimazuh={143f8eb7-5180-40df-b7c3-9984fe7bfa96}
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F1837BCD.exe=[%PROFILE_TEMP%]\_A00F1837BCD.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winkml32.rom,mfInHW
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, depolelok=Rundll32.exe "[%SYSTEM%]\kewukeba.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hamifeyuy=Rundll32.exe "[%SYSTEM%]\mijejabe.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {37e58aad-0519-4325-844c-f1893bccc0c7}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, sofegozew={37e58aad-0519-4325-844c-f1893bccc0c7}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wivovewej=Rundll32.exe "[%COMMON_APPDATA%]\kafufigu\kafufigu.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wivovewej=Rundll32.exe "[%COMMON_APPDATA%]\kafufigu\kafufigu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kemiposoz=Rundll32.exe "[%SYSTEM%]\sanivoru.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kemiposoz=Rundll32.exe "[%SYSTEM%]\sanivoru.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kemiposoz=Rundll32.exe "[%SYSTEM%]\sesavadu.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {faf58da1-b92f-48a1-bbeb-3236e15d938d}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, vogituvoy={faf58da1-b92f-48a1-bbeb-3236e15d938d}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {9f94c6d3-6ea0-4df7-837a-d1aaca0305e9}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, fafehaduh={9f94c6d3-6ea0-4df7-837a-d1aaca0305e9}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, zodupisab=Rundll32.exe "[%SYSTEM%]\remebeyi.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {974b4d3b-29be-45cc-875f-54e66eebf9db}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, webalejev={974b4d3b-29be-45cc-875f-54e66eebf9db}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ccetic=rundll32.exe "[%WINDOWS%]\irobiweyifegizut.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sorukohota=Rundll32.exe "vofimove.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Hpozetahefozuj=rundll32.exe "[%WINDOWS%]\ulunawozavu.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\tuvWopmM.dll,#1
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, d6f0c991=rundll32.exe "[%PROFILE_TEMP%]\auqplrmq.dll",b
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\ssqQjKaW.dll,c
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wopinitev=Rundll32.exe "[%SYSTEM%]\pivojobe.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {fac935e8-0b04-4b95-b1b6-1caabd7ecd88}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, hatelimim={fac935e8-0b04-4b95-b1b6-1caabd7ecd88}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, zafofovom=Rundll32.exe "[%SYSTEM%]\wovidale.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {364e3d25-55f1-409a-9860-d88608ea0776}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, milevaput={364e3d25-55f1-409a-9860-d88608ea0776}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, lopivasam=Rundll32.exe "[%SYSTEM%]\dokanisu.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {cfc61729-27f7-4772-a200-7595a736e640}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, vivepusun={cfc61729-27f7-4772-a200-7595a736e640}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, werojeyew=Rundll32.exe "[%SYSTEM%]\dezifamu.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {55959844-a604-4d54-beb3-9ea71e069f23}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, zurofevab={55959844-a604-4d54-beb3-9ea71e069f23}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, werojeyew=Rundll32.exe "[%SYSTEM%]\kuwibipa.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {8b9201a4-579e-4fba-a987-100026c50644}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, wesuyivos={8b9201a4-579e-4fba-a987-100026c50644}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, loyabitit=Rundll32.exe "[%SYSTEM%]\hinuhilu.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {295cc927-826c-46ec-966a-23d4607e0a29}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, kopoladom={295cc927-826c-46ec-966a-23d4607e0a29}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Icuse=rundll32.exe "[%LOCAL_APPDATA%]\otijovapu.dll",e
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mabuyubida=Rundll32.exe "[%SYSTEM%]\torelire.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gojakahuh=Rundll32.exe "[%SYSTEM%]\kisojaze.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {ba8d6669-e310-486c-a621-86263b10e2ec}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, forugitit={ba8d6669-e310-486c-a621-86263b10e2ec}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hofalovup=Rundll32.exe "[%SYSTEM%]\maremapa.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {d94a639a-c370-49a5-9f30-880bcc69e203}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, kajegubaf={d94a639a-c370-49a5-9f30-880bcc69e203}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM775c9cba=Rundll32.exe "[%SYSTEM%]\heyehupi.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, fudofomohe=Rundll32.exe "[%SYSTEM%]\jakegetu.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MS Juan=rundll32 "[%PROFILE_TEMP%]\dhxpfk.dll",run
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yewubekepu=Rundll32.exe "[%SYSTEM%]\volizita.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yewubekepu=Rundll32.exe "[%SYSTEM%]\volizita.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winina32.rom,KxqBLj
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rem rundll32.exe winsqx32.rom,gmlwcqkoEE
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Rcejayid=rundll32.exe "[%WINDOWS%]\axuqibuzixuqo.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, lobajepum=Rundll32.exe "[%SYSTEM%]\wevigala.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {acc93aeb-1572-4e3e-8e80-d8621efce25a}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, gikebosek={acc93aeb-1572-4e3e-8e80-d8621efce25a}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {beb6a03c-406c-4f96-b691-f5e9179de935}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, gohijowuj={beb6a03c-406c-4f96-b691-f5e9179de935}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {7d8d8ad2-31fe-42dd-af4b-52b09ad323c5}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, yohilevuz={7d8d8ad2-31fe-42dd-af4b-52b09ad323c5}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {99dfd05e-7e55-41d1-9d18-8e439f43a551}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, neviyiyup={99dfd05e-7e55-41d1-9d18-8e439f43a551}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, serisejeh=Rundll32.exe "[%SYSTEM%]\sawuzowu.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {f977c685-b3d0-48c3-a59f-a08bc1598857}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, wowofobot={f977c685-b3d0-48c3-a59f-a08bc1598857}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {b3102264-d09d-4322-b625-503fbf18dd7e}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {99C158B9-FA74-4E49-971E-708F37B235D7}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sapuniyaw=Rundll32.exe "[%SYSTEM%]\lujetifi.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {dc5171de-79d0-4ae9-b2c6-2a32454879c1}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, dozonemum={dc5171de-79d0-4ae9-b2c6-2a32454879c1}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, lopivasam=Rundll32.exe "[%SYSTEM%]\kivigoru.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {3a715e9e-6f51-4724-858d-40197a99e28e}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, lidazovip={3a715e9e-6f51-4724-858d-40197a99e28e}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, refukidif=Rundll32.exe "[%SYSTEM%]\lupasuso.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {fba2d888-4ab8-48b0-afd3-c774075578b9}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, maborekef={fba2d888-4ab8-48b0-afd3-c774075578b9}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Lgebuhelico=rundll32.exe "[%WINDOWS%]\aninomozolo.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, werojeyew=Rundll32.exe "[%SYSTEM%]\tanovivo.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {3cf7e2e6-4a6a-4e94-9a52-b83049af601c}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, yuhuzonut={3cf7e2e6-4a6a-4e94-9a52-b83049af601c}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {5c098890-efc4-4ec9-b1e5-b4b930e6f984}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, firuwakaw={5c098890-efc4-4ec9-b1e5-b4b930e6f984}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, piyivanem=Rundll32.exe "[%SYSTEM%]\ziluyuda.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {005e58e0-40af-43ae-a7d3-0e94280d74ae}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, boyezevop={005e58e0-40af-43ae-a7d3-0e94280d74ae}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, piyivanem=Rundll32.exe "[%SYSTEM%]\migirega.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {897a5273-9a09-44df-9be9-a8b3fb9178d2}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, reruniguz={897a5273-9a09-44df-9be9-a8b3fb9178d2}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Uruzeni=rundll32.exe "[%WINDOWS%]\utagerud.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wedogijim=Rundll32.exe "[%SYSTEM%]\nifolije.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {e4169e9b-da28-4c7f-b61c-416aa0c76b3a}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, desimiruj={e4169e9b-da28-4c7f-b61c-416aa0c76b3a}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pariwugaz=Rundll32.exe "[%SYSTEM%]\ketedoti.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {dc409f7d-51e0-484a-980c-67791ac79d4b}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, hisibonez={dc409f7d-51e0-484a-980c-67791ac79d4b}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, revehajij=Rundll32.exe "[%SYSTEM%]\zitekeho.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {6754de80-2e18-44a5-bbd6-3c44995b7746}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, tusudajeh={6754de80-2e18-44a5-bbd6-3c44995b7746}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BM7370c590=Rundll32.exe "[%SYSTEM%]\gmgcpcpi.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, jobuvavot=Rundll32.exe "[%SYSTEM%]\duhavevo.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {afab2d44-190d-4b5b-93e1-c1043f91a1ef}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, kimomiheg={afab2d44-190d-4b5b-93e1-c1043f91a1ef}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Krilaxozabocu=rundll32.exe "[%WINDOWS%]\ocabevaxitig.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Kxalivep=rundll32.exe "[%WINDOWS%]\eqiyiqamabimon.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Nwipesuzuze=rundll32.exe "[%WINDOWS%]\ijawuzoz.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, serisejeh=Rundll32.exe "[%SYSTEM%]\medilile.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {a4fbad0c-abf8-4ae8-b8f4-1b00f2718560}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, rokugokos={a4fbad0c-abf8-4ae8-b8f4-1b00f2718560}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, serisejeh=Rundll32.exe "[%SYSTEM%]\duredidi.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {8c9310be-299e-4de8-94e6-58d3499b51b0}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, nazamubol={8c9310be-299e-4de8-94e6-58d3499b51b0}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {8c9310be-299e-4de8-94e6-58d3499b51b0}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, sesifikud={8c9310be-299e-4de8-94e6-58d3499b51b0}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR8C.exe=[%SYSTEM%]\YUR8C.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB51B.exe=[%SYSTEM%]\YURB51B.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURE52F.exe=[%SYSTEM%]\YURE52F.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURC9D.exe=[%SYSTEM%]\YURC9D.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB46.exe=[%SYSTEM%]\YURB46.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURED4A.exe=[%SYSTEM%]\YURED4A.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURAED4.exe=[%SYSTEM%]\YURAED4.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURF008.exe=[%SYSTEM%]\YURF008.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURFE4B.exe=[%SYSTEM%]\YURFE4B.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURE82C.exe=[%SYSTEM%]\YURE82C.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURE2DF.exe=[%SYSTEM%]\YURE2DF.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURBA1A.exe=[%SYSTEM%]\YURBA1A.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURCA.exe=[%SYSTEM%]\YURCA.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR88FD.exe=[%SYSTEM%]\YUR88FD.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1332.exe=[%SYSTEM%]\YUR1332.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURF70A.exe=[%SYSTEM%]\YURF70A.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURAD8.exe=[%SYSTEM%]\YURAD8.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR9EED.exe=[%SYSTEM%]\YUR9EED.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR9674.exe=[%SYSTEM%]\YUR9674.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB17.exe=[%SYSTEM%]\YURB17.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR109.exe=[%SYSTEM%]\YUR109.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR78E.exe=[%SYSTEM%]\YUR78E.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURCBC6.exe=[%SYSTEM%]\YURCBC6.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD3E1.exe=[%SYSTEM%]\YURD3E1.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURCF01.exe=[%SYSTEM%]\YURCF01.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURC4C4.exe=[%SYSTEM%]\YURC4C4.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURA208.exe=[%SYSTEM%]\YURA208.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURE945.exe=[%SYSTEM%]\YURE945.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURDB6.exe=[%SYSTEM%]\YURDB6.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURF852.exe=[%SYSTEM%]\YURF852.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR398.exe=[%SYSTEM%]\YUR398.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR8DFC.exe=[%SYSTEM%]\YUR8DFC.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR711.exe=[%SYSTEM%]\YUR711.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3C15.exe=[%SYSTEM%]\YUR3C15.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD854.exe=[%SYSTEM%]\YURD854.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURBCE8.exe=[%SYSTEM%]\YURBCE8.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURAD4E.exe=[%SYSTEM%]\YURAD4E.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR25F6.exe=[%SYSTEM%]\YUR25F6.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURCC33.exe=[%SYSTEM%]\YURCC33.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURC495.exe=[%SYSTEM%]\YURC495.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR52E.exe=[%SYSTEM%]\YUR52E.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR89C7.exe=[%SYSTEM%]\YUR89C7.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURAFFD.exe=[%SYSTEM%]\YURAFFD.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1563.exe=[%SYSTEM%]\YUR1563.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB94.exe=[%SYSTEM%]\YURB94.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR118.exe=[%SYSTEM%]\YUR118.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3590.exe=[%SYSTEM%]\YUR3590.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB47F.exe=[%SYSTEM%]\YURB47F.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB624.exe=[%SYSTEM%]\YURB624.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB1F0.exe=[%SYSTEM%]\YURB1F0.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR17D3.exe=[%SYSTEM%]\YUR17D3.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD6ED.exe=[%SYSTEM%]\YURD6ED.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB605.exe=[%SYSTEM%]\YURB605.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURACC2.exe=[%SYSTEM%]\YURACC2.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR928E.exe=[%SYSTEM%]\YUR928E.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUREE15.exe=[%SYSTEM%]\YUREE15.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURFAD2.exe=[%SYSTEM%]\YURFAD2.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR424.exe=[%SYSTEM%]\YUR424.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURF778.exe=[%SYSTEM%]\YURF778.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB3A5.exe=[%SYSTEM%]\YURB3A5.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURC206.exe=[%SYSTEM%]\YURC206.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURF768.exe=[%SYSTEM%]\YURF768.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURBD55.exe=[%SYSTEM%]\YURBD55.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR5926.exe=[%SYSTEM%]\YUR5926.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR9DD4.exe=[%SYSTEM%]\YUR9DD4.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURE677.exe=[%SYSTEM%]\YURE677.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB70E.exe=[%SYSTEM%]\YURB70E.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB099.exe=[%SYSTEM%]\YURB099.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, DllRunning=rundll32.exe "[%SYSTEM%]\nghrgrpk.dll",setvm
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Gnesidonok=rundll32.exe "[%WINDOWS%]\utequlic.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2422.exe=[%SYSTEM%]\YUR2422.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1489.exe=[%SYSTEM%]\YUR1489.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR68A1.exe=[%SYSTEM%]\YUR68A1.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR5466.exe=[%SYSTEM%]\YUR5466.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR5408.exe=[%SYSTEM%]\YUR5408.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURDA6.exe=[%SYSTEM%]\YURDA6.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR8D6.exe=[%SYSTEM%]\YUR8D6.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURFC38.exe=[%SYSTEM%]\YURFC38.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR666.exe=[%SYSTEM%]\YUR666.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD291.exe=[%SYSTEM%]\YURD291.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURCE4D.exe=[%SYSTEM%]\YURCE4D.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURBE56.exe=[%SYSTEM%]\YURBE56.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURBDF9.exe=[%SYSTEM%]\YURBDF9.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR8AFF.exe=[%SYSTEM%]\YUR8AFF.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR8D6F.exe=[%SYSTEM%]\YUR8D6F.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR5FDD.exe=[%SYSTEM%]\YUR5FDD.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR5EF3.exe=[%SYSTEM%]\YUR5EF3.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR5ED4.exe=[%SYSTEM%]\YUR5ED4.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR5EB5.exe=[%SYSTEM%]\YUR5EB5.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR18C1.exe=[%SYSTEM%]\YUR18C1.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR15D5.exe=[%SYSTEM%]\YUR15D5.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD2D.exe=[%SYSTEM%]\YURD2D.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR985.exe=[%SYSTEM%]\YUR985.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR4B1.exe=[%SYSTEM%]\YUR4B1.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR21A3.exe=[%SYSTEM%]\YUR21A3.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURFE7A.exe=[%SYSTEM%]\YURFE7A.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURFD51.exe=[%SYSTEM%]\YURFD51.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB930.exe=[%SYSTEM%]\YURB930.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB7C9.exe=[%SYSTEM%]\YURB7C9.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURE281.exe=[%SYSTEM%]\YURE281.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURDCB7.exe=[%SYSTEM%]\YURDCB7.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURDB9E.exe=[%SYSTEM%]\YURDB9E.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURC35D.exe=[%SYSTEM%]\YURC35D.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD538.exe=[%SYSTEM%]\YURD538.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURF797.exe=[%SYSTEM%]\YURF797.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURF6EB.exe=[%SYSTEM%]\YURF6EB.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR6F2.exe=[%SYSTEM%]\YUR6F2.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3265.exe=[%SYSTEM%]\YUR3265.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1EF4.exe=[%SYSTEM%]\YUR1EF4.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURAE8.exe=[%SYSTEM%]\YURAE8.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURF20B.exe=[%SYSTEM%]\YURF20B.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURF1EC.exe=[%SYSTEM%]\YURF1EC.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURFCF4.exe=[%SYSTEM%]\YURFCF4.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2470.exe=[%SYSTEM%]\YUR2470.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1FCF.exe=[%SYSTEM%]\YUR1FCF.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR82A.exe=[%SYSTEM%]\YUR82A.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURFF64.exe=[%SYSTEM%]\YURFF64.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, jigebeheh=Rundll32.exe "[%SYSTEM%]\lilofati.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {0cfc5955-918c-43d2-8378-8df9aa7cc7c1}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, dasafasut={0cfc5955-918c-43d2-8378-8df9aa7cc7c1}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sapuniyaw=Rundll32.exe "[%SYSTEM%]\kebajupa.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, zulufazoya=Rundll32.exe "vikodope.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {f170e7bf-0074-4af2-8ef6-97cc2805375a}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, fufaweduy={f170e7bf-0074-4af2-8ef6-97cc2805375a}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, werojeyew=Rundll32.exe "[%SYSTEM%]\nehamubu.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {4865bdc3-33fe-4656-a5a6-e958ae0e259a}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, getidomoh={4865bdc3-33fe-4656-a5a6-e958ae0e259a}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, piyivanem=Rundll32.exe "[%SYSTEM%]\gehufidu.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {5ee93263-617c-4e97-9771-3d67318e2439}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, yadonizag={5ee93263-617c-4e97-9771-3d67318e2439}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, suworelis=Rundll32.exe "[%SYSTEM%]\latadeti.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {8332941e-f1de-444f-a303-970d853629e4}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, jidogibem={8332941e-f1de-444f-a303-970d853629e4}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, bemubolan=Rundll32.exe "[%SYSTEM%]\tilohega.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {42005038-018b-48f9-b4fa-cbdefca0dc04}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, komuledek={42005038-018b-48f9-b4fa-cbdefca0dc04}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Aqavebev=rundll32.exe "[%WINDOWS%]\uvilixib.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pudorepas=Rundll32.exe "[%SYSTEM%]\mivimoru.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {b5db765e-4f0f-426f-bcbb-946f56847879}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, tuhinekaf={b5db765e-4f0f-426f-bcbb-946f56847879}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, bodetotor=Rundll32.exe "[%SYSTEM%]\bugagoku.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {11241072-58bb-40ce-9171-0b2bdfb22e97}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {94bc3d1d-22e9-4744-8ed1-3e08a3b74078}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wedogijim=Rundll32.exe "[%SYSTEM%]\gudaruma.dll",a
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gamadelere=Rundll32.exe "[%SYSTEM%]\raferafo.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gamadelere=Rundll32.exe "[%SYSTEM%]\raferafo.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Htamupekamosa=rundll32.exe "[%WINDOWS%]\acayudikug.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 30a8db89=rundll32.exe "[%SYSTEM%]\xtaebafp.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, rirawapola=Rundll32.exe "[%SYSTEM%]\noyutumi.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ihana=rundll32.exe "[%WINDOWS%]\exagiceyiqamabim.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, werojeyew=Rundll32.exe "[%SYSTEM%]\tikitizo.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, degejibaf=Rundll32.exe "[%SYSTEM%]\nizefipu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nebahevek=Rundll32.exe "[%SYSTEM%]\nizefipu.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {13cfa7a8-a2e1-4983-a749-17da327dea93}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, mezofewoz={13cfa7a8-a2e1-4983-a749-17da327dea93}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ferufuvap=Rundll32.exe "[%SYSTEM%]\zifobubo.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {b4270ca4-7bc4-45b4-8805-594d88582a6f}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, posabobas={b4270ca4-7bc4-45b4-8805-594d88582a6f}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mowekokub=Rundll32.exe "[%SYSTEM%]\finetesu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wehofahuze=Rundll32.exe "hezigotu.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {d8202111-f8d0-4ee4-a548-51bd0ccd47e0}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, vakizatur={d8202111-f8d0-4ee4-a548-51bd0ccd47e0}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, luwijiyaw=Rundll32.exe "[%SYSTEM%]\jemukuwo.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {3318b32f-5533-4729-968f-d5d89d01f027}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, barazogor={3318b32f-5533-4729-968f-d5d89d01f027}
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F64401.exe=[%PROFILE_TEMP%]\_A00F64401.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Mguxugug=rundll32.exe "[%WINDOWS%]\anafewoqan.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, dagakohik=Rundll32.exe "[%SYSTEM%]\pifeyuru.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {9ffee8a7-5997-42fe-9410-91ae08fbbe89}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, rufosunef={9ffee8a7-5997-42fe-9410-91ae08fbbe89}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, jobuvavot=Rundll32.exe "[%SYSTEM%]\nivunaso.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {c970bb38-c0d9-4eb2-83a2-1cb06a20f174}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, hisoludof={c970bb38-c0d9-4eb2-83a2-1cb06a20f174}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, dahudadav=Rundll32.exe "[%COMMON_APPDATA%]\hafasego\hafasego.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {03656842-f3ec-4cf8-bdf1-1dfaf7e11fd0}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, nevodojer={03656842-f3ec-4cf8-bdf1-1dfaf7e11fd0}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs= nwzolt.dll [%SYSTEM%]\fabisike.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, lamoyeheyi=Rundll32.exe "[%SYSTEM%]\buyoyena.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run, Windows Printing Driver=WinSpooler.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run, WinUpdating=WinUpdating.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {01c4561f-8c45-4f0d-94d8-2fa90a19e87a}=
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, padiyuyihi=Rundll32.exe "[%SYSTEM%]\wakepule.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, padiyuyihi=Rundll32.exe "[%SYSTEM%]\wakepule.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, vudotupej=Rundll32.exe "[%SYSTEM%]\pigokado.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pofonedoro=Rundll32.exe "gomegana.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Kmite=rundll32.exe "[%WINDOWS%]\esanoduse.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kazozedub=Rundll32.exe "[%SYSTEM%]\tibarozo.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {13d8db4c-4950-4959-8850-3b6a5568ee16}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, silimukig={13d8db4c-4950-4959-8850-3b6a5568ee16}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, niheduyuk=Rundll32.exe "[%SYSTEM%]\fenobeko.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Whupupey=rundll32.exe "[%WINDOWS%]\apefideluj.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yigukanoy=Rundll32.exe "[%SYSTEM%]\fegezika.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {3a3c3e2b-6e57-4d95-b890-95ad7348e12f}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, dovavojor={3a3c3e2b-6e57-4d95-b890-95ad7348e12f}
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F120B0358.exe=[%PROFILE_TEMP%]\_A00F120B0358.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, lirekusik=Rundll32.exe "[%SYSTEM%]\yoyamama.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {54cdae74-e501-4baf-a373-2fa11411bfa5}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, safobosen={54cdae74-e501-4baf-a373-2fa11411bfa5}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, werojeyew=Rundll32.exe "[%SYSTEM%]\siguzuwi.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {e8987a9c-4068-4007-a3a9-7516700d6263}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, sujolelan={e8987a9c-4068-4007-a3a9-7516700d6263}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, werojeyew=Rundll32.exe "[%SYSTEM%]\yezamase.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {556cb4a7-0f5b-4901-8896-3004911c8986}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, wihuyapah={556cb4a7-0f5b-4901-8896-3004911c8986}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {98eb3324-1a08-4a43-8b11-57bcba757a20}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, yasakotod={98eb3324-1a08-4a43-8b11-57bcba757a20}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, niligakeb=Rundll32.exe "[%SYSTEM%]\yubihimo.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {8fe25aa1-3df7-4948-8770-fccf27737568}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, nigugazuf={8fe25aa1-3df7-4948-8770-fccf27737568}
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, jibejidimi=Rundll32.exe "[%SYSTEM%]\fizelugo.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, jibejidimi=Rundll32.exe "[%SYSTEM%]\fizelugo.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Wkihidur=rundll32.exe "[%WINDOWS%]\axeroroh.dll",Startup
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F977CB3.exe=[%PROFILE_TEMP%]\_A00F977CB3.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Aguyiduce=rundll32.exe "[%WINDOWS%]\emuviqemejizu.dll",e
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Lnuvadodexadape=rundll32.exe "[%WINDOWS%]\Syoguraqil.dll",e
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {9b904910-78a4-489d-a825-5111b883a5b2}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, haripuguya=Rundll32.exe "vuyepuka.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {f38d448a-f274-4c34-b13b-a3e505e95209}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ofamo=rundll32.exe "[%WINDOWS%]\Sgolulas.dll",e
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Phivifobawutile=rundll32.exe "[%WINDOWS%]\atafezipahalaf.dll",e
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winllf32.rom,VgaVmDqcp
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Cguraqegayuxox=rundll32.exe "[%WINDOWS%]\obayatup.dll",Startup
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nobotuniko=Rundll32.exe "[%SYSTEM%]\fawuruvo.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nobotuniko=Rundll32.exe "[%SYSTEM%]\fawuruvo.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Pzuvayotevo=rundll32.exe "[%WINDOWS%]\izudumuhifopawu.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, befotafef=Rundll32.exe "[%SYSTEM%]\zukenezo.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {1e01682c-ebf4-42a5-a3ed-6fa0f582cf04}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, fotosafaw={1e01682c-ebf4-42a5-a3ed-6fa0f582cf04}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, werojeyew=Rundll32.exe "[%SYSTEM%]\sonudodu.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {d62d1c6b-a453-4144-b99b-c95b7bd44ce9}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, wewafitus={d62d1c6b-a453-4144-b99b-c95b7bd44ce9}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, werojeyew=Rundll32.exe "[%SYSTEM%]\diveredi.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {7ea29f52-5ba4-44c5-b9fb-8aeb7c435de9}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, himaluwoz={7ea29f52-5ba4-44c5-b9fb-8aeb7c435de9}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM93f63577=Rundll32.exe "[%SYSTEM%]\fimijole.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, velunipim=Rundll32.exe "[%SYSTEM%]\nokamido.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {bd926442-af2e-4ce3-98e9-ac4a29e096c2}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, nisofijef={bd926442-af2e-4ce3-98e9-ac4a29e096c2}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ganovavor=Rundll32.exe "[%SYSTEM%]\rudajeki.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ixovufaz=rundll32.exe "[%WINDOWS%]\ecilihocimafeyut.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, suworelis=Rundll32.exe "[%SYSTEM%]\layuvedi.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {698ba404-f930-4030-b245-f00150c8dd3a}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, nonezuzub={698ba404-f930-4030-b245-f00150c8dd3a}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, rodogavut=Rundll32.exe "[%SYSTEM%]\sidenohe.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {3005e0bb-fd2c-44f1-a969-b1b577df6578}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, lakomozod={3005e0bb-fd2c-44f1-a969-b1b577df6578}
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F2DA58.exe=[%PROFILE_TEMP%]\_A00F2DA58.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, vetawugiwa="Rundll32.exe" "[%SYSTEM%]\jujujoju.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {1d0b1b2f-4d44-48dc-ae5a-f4bbbae2a83f}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {A051B1FF-8D7E-418B-AABE-4FF82F4280A2}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, riwilaguf=Rundll32.exe "[%SYSTEM%]\jitujahu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, bonujopusa=Rundll32.exe "pofegohu.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sujulelepu=Rundll32.exe "dogejuhu.dll",s
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00FBD4EFE5.exe=[%PROFILE_TEMP%]\_A00FBD4EFE5.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {5A041F13-A111-12A4-B0CF-F99818AA68A5}=ar12A40099dll.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run, Nvuvohehucu=rundll32.exe "[%WINDOWS%]\ofikanugazixo.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winiwq32.rom,BNEnUsrKaPZ
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yumelibini=Rundll32.exe "[%SYSTEM%]\nuzepema.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yumelibini=Rundll32.exe "[%SYSTEM%]\nuzepema.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Cbosarive=rundll32.exe "[%WINDOWS%]\irobejuk.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Xlatub=rundll32.exe "[%WINDOWS%]\abixopaken.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Dxuji=rundll32.exe "[%WINDOWS%]\azijasuq.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pumumejov=Rundll32.exe "[%SYSTEM%]\toruyuhu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pumumejov=Rundll32.exe "[%SYSTEM%]\vimoveta.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {38be963d-df73-40f9-bf11-c85866e791d2}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, wiwokawem={38be963d-df73-40f9-bf11-c85866e791d2}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {9a01f3c2-8eb7-4a4a-b66a-00447b613998}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, danejijab={9a01f3c2-8eb7-4a4a-b66a-00447b613998}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {4341cc91-2c87-4337-be2c-85ae6e61b8df}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, retutifun={4341cc91-2c87-4337-be2c-85ae6e61b8df}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pizigipag=Rundll32.exe "[%SYSTEM%]\tajopava.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {d1bc393c-a988-42ed-8f7b-cd22bdd113e1}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, dogivezad={d1bc393c-a988-42ed-8f7b-cd22bdd113e1}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, lirekusik=Rundll32.exe "[%SYSTEM%]\tuludave.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {94270951-2c87-455c-bd4c-c05c27b02c31}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, jagayodom={94270951-2c87-455c-bd4c-c05c27b02c31}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, werojeyew=Rundll32.exe "[%SYSTEM%]\gajukilu.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {41555521-60b9-4c7c-b66c-722078016cfb}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, bufisuzen={41555521-60b9-4c7c-b66c-722078016cfb}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, werojeyew=Rundll32.exe "[%SYSTEM%]\muzurimo.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {e56089d5-899e-4caf-9c4e-e7c7e611e4f6}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, nojidiwil={e56089d5-899e-4caf-9c4e-e7c7e611e4f6}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Xqozomebufeb=rundll32.exe "[%WINDOWS%]\elepefoqesoda.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, suteduhiw=Rundll32.exe "[%SYSTEM%]\guporobe.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {5b14e97e-2571-4852-be1b-571894704e3b}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, kisorinot={5b14e97e-2571-4852-be1b-571894704e3b}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Bcefo=rundll32.exe "[%WINDOWS%]\equcaben.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hufepidep=Rundll32.exe "[%SYSTEM%]\dadutiwo.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {765a4d07-72a8-4072-bdcd-5e7a4d6defd0}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, modamesop={765a4d07-72a8-4072-bdcd-5e7a4d6defd0}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {d630c04d-d7da-4f5c-bde6-245122de519a}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, parigodit={d630c04d-d7da-4f5c-bde6-245122de519a}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {9eaf4f94-ef76-431f-9289-9d778bfb66cb}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, popugupub={9eaf4f94-ef76-431f-9289-9d778bfb66cb}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Lgeso=rundll32.exe "[%SYSTEM%]\config\systemprofile\AppData\Local\rouiti.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, zirisekol=Rundll32.exe "[%SYSTEM%]\regizogu.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {50f2927f-bdcd-495b-98c0-0af430bb8464}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, lujipuweg={50f2927f-bdcd-495b-98c0-0af430bb8464}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\qoMcyVMe.dll,#1
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Kfajeruj=rundll32.exe "[%WINDOWS%]\utabinurifucipis.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, filikobiz=Rundll32.exe "[%SYSTEM%]\nuwuzeku.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {21d8ca71-2f5a-4022-ba98-3f1f6f484ff6}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, guwojenug={21d8ca71-2f5a-4022-ba98-3f1f6f484ff6}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, migaguliy=Rundll32.exe "[%SYSTEM%]\yasatuji.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Hyolubonera=rundll32.exe "[%WINDOWS%]\uvuzececisuwaqiq.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nozejuwup=Rundll32.exe "[%SYSTEM%]\sewanedi.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, taresavoba=Rundll32.exe "bilefola.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sokigiyuk=Rundll32.exe "[%SYSTEM%]\saliyono.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hapiwolari=Rundll32.exe "nasanuko.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, riferizik=Rundll32.exe "[%SYSTEM%]\gokehama.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Htuziyawe=rundll32.exe "[%WINDOWS%]\epeleluf.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nuhotovog=Rundll32.exe "[%SYSTEM%]\lewadiye.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Nxuwapowi=rundll32.exe "[%WINDOWS%]\ajuxofipujilil.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {fc99bb0b-3a73-4304-a32a-851b72cc9f06}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {db80ff64-932a-4c4b-a502-66d1f2e9b0be}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {6aa3809c-6261-456f-8fca-43fe39adc5e9}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run, tepikisiy=Rundll32.exe "[%SYSTEM%]\zuvutaru.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {3554e1ee-2d9f-4315-a7b7-f9fb8933eb8f}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, kiporozed={3554e1ee-2d9f-4315-a7b7-f9fb8933eb8f}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, werigiwaz=Rundll32.exe "[%SYSTEM%]\higudivo.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {d27c8240-1a1a-40da-9bd3-556ccafbbb54}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, zobafozih={d27c8240-1a1a-40da-9bd3-556ccafbbb54}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hugokebuf=Rundll32.exe "[%SYSTEM%]\nawowami.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {08abb407-6c30-4940-a87c-2f45adfa34ad}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, mowivamum={08abb407-6c30-4940-a87c-2f45adfa34ad}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, werojeyew=Rundll32.exe "[%SYSTEM%]\hovolile.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, bolitobif=Rundll32.exe "[%SYSTEM%]\jisaleyu.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {403908f4-2663-434e-b63d-9b7d2dcf3351}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, tavanasag={403908f4-2663-434e-b63d-9b7d2dcf3351}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, vayubejob=Rundll32.exe "[%SYSTEM%]\nazehogi.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {c74dd340-9bdf-4ca9-87a5-71b60eb91acd}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, sipezikez={c74dd340-9bdf-4ca9-87a5-71b60eb91acd}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\cbXNeDur.dll,#1
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, rokuviyan=Rundll32.exe "[%SYSTEM%]\nehozipa.dll",a
Scan your system registry for FREE
Comments
