Top 10 Alerts
Latest 10 Malware Files
Testimonials
You guys are freakin' awesome, love the program, love the personalized service, and my pc loves it too :D
Justin S.
Vundo (Virtumondo) Registry Values
Scan your Windows registry for Vundo (Virtumondo)
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F1E974C.exe=[%PROFILE_TEMP%]\_A00F1E974C.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F222209.exe=[%PROFILE_TEMP%]\_A00F222209.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00FAA5E4.exe=[%PROFILE_TEMP%]\_A00FAA5E4.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F47982.exe=[%PROFILE_TEMP%]\_A00F47982.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F619A5.exe=[%PROFILE_TEMP%]\_A00F619A5.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F733FE.exe=[%PROFILE_TEMP%]\_A00F733FE.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00FD6504.exe=[%PROFILE_TEMP%]\_A00FD6504.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F190546.exe=[%PROFILE_TEMP%]\_A00F190546.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F41B54.exe=[%PROFILE_TEMP%]\_A00F41B54.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00FD8751.exe=[%PROFILE_TEMP%]\_A00FD8751.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F76F42.exe=[%PROFILE_TEMP%]\_A00F76F42.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F92D8C.exe=[%PROFILE_TEMP%]\_A00F92D8C.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00FBA746.exe=[%PROFILE_TEMP%]\_A00FBA746.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F7AFD5.exe=[%PROFILE_TEMP%]\_A00F7AFD5.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F7E55C.exe=[%PROFILE_TEMP%]\_A00F7E55C.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F14E984.exe=[%PROFILE_TEMP%]\_A00F14E984.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F54E08.exe=[%PROFILE_TEMP%]\_A00F54E08.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F4A082.exe=[%PROFILE_TEMP%]\_A00F4A082.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F4184C4.exe=[%PROFILE_TEMP%]\_A00F4184C4.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F75590.exe=[%PROFILE_TEMP%]\_A00F75590.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00FA1CCE.exe=[%PROFILE_TEMP%]\_A00FA1CCE.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F96DD1.exe=[%PROFILE_TEMP%]\_A00F96DD1.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F685BD.exe=[%PROFILE_TEMP%]\_A00F685BD.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F1337BD.exe=[%PROFILE_TEMP%]\_A00F1337BD.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F112CBA.exe=[%PROFILE_TEMP%]\_A00F112CBA.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F3807C.exe=[%PROFILE_TEMP%]\_A00F3807C.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F2E18D7.exe=[%PROFILE_TEMP%]\_A00F2E18D7.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F263465.exe=[%PROFILE_TEMP%]\_A00F263465.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F63923.exe=[%PROFILE_TEMP%]\_A00F63923.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F49D27.exe=[%PROFILE_TEMP%]\_A00F49D27.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00FFB879.exe=[%PROFILE_TEMP%]\_A00FFB879.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F13BC3F.exe=[%PROFILE_TEMP%]\_A00F13BC3F.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F3E224.exe=[%PROFILE_TEMP%]\_A00F3E224.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F1AED30.exe=[%PROFILE_TEMP%]\_A00F1AED30.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F2B873F.exe=[%PROFILE_TEMP%]\_A00F2B873F.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F46C33.exe=[%PROFILE_TEMP%]\_A00F46C33.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F3660E.exe=[%PROFILE_TEMP%]\_A00F3660E.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F8E558.exe=[%PROFILE_TEMP%]\_A00F8E558.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F8FD35.exe=[%PROFILE_TEMP%]\_A00F8FD35.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F4F0A8E.exe=[%PROFILE_TEMP%]\_A00F4F0A8E.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F1F1575.exe=[%PROFILE_TEMP%]\_A00F1F1575.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F157662.exe=[%PROFILE_TEMP%]\_A00F157662.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F49C10A.exe=[%PROFILE_TEMP%]\_A00F49C10A.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F703E50.exe=[%PROFILE_TEMP%]\_A00F703E50.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00FBF094.exe=[%PROFILE_TEMP%]\_A00FBF094.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F3D3CD1.exe=[%PROFILE_TEMP%]\_A00F3D3CD1.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F77D3C.exe=[%PROFILE_TEMP%]\_A00F77D3C.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F3E715.exe=[%PROFILE_TEMP%]\_A00F3E715.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F338C88.exe=[%PROFILE_TEMP%]\_A00F338C88.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F12AED6.exe=[%PROFILE_TEMP%]\_A00F12AED6.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F94B36.exe=[%PROFILE_TEMP%]\_A00F94B36.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F3E60C.exe=[%PROFILE_TEMP%]\_A00F3E60C.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F6C035.exe=[%PROFILE_TEMP%]\_A00F6C035.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00FF3E86.exe=[%PROFILE_TEMP%]\_A00FF3E86.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F1257FB.exe=[%PROFILE_TEMP%]\_A00F1257FB.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F17BC4B.exe=[%PROFILE_TEMP%]\_A00F17BC4B.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F4A5DE7.exe=[%PROFILE_TEMP%]\_A00F4A5DE7.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Cladahu=rundll32.exe "[%WINDOWS%]\kC71CSCA.dll",Startup
- HKEY_USERS\S-1-5-21-2172520189-2803138257-3333445419-1025\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Cladahu=rundll32.exe "[%WINDOWS%]\kC71CSCA.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Rsupelaguzeyaweb=rundll32.exe "[%WINDOWS%]\ahocanuv.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Jzohup=rundll32.exe "[%LOCAL_APPDATA%]\egasuzuz.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Xsasewi=rundll32.exe "[%LOCAL_APPDATA%]\ibakejupe.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {713a7346-6ee8-4c5c-bd80-d9bbf6786012}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, Nrebomalo=rundll32.exe "[%LOCAL_APPDATA%]\oquqaxalaza.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, Adohutomobunito=rundll32.exe "[%LOCAL_APPDATA%]\clpleal.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Kvozes=rundll32.exe "[%LOCAL_APPDATA%]\oxikomem.dll",Startup
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ssrqrrsys=rundll32.exe "bywvtr.dll",DllRegisterServer
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ssrqrrsys=rundll32.exe "bywvtr.dll",DllRegisterServer
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Opipatuzar=rundll32.exe "[%WINDOWS%]\arujiguc.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Gzutajasuqeboq=rundll32.exe "[%WINDOWS%]\umulaxufosi.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winssh32.rom,RoYPNFBxw
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winfqj32.rom,MARVLSC
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winpqt32.rom,EUgnqnNOj
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Pkunatode=rundll32.exe "[%WINDOWS%]\idikavupilidar.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Mmihonaxehizaji=rundll32.exe "[%WINDOWS%]\opahejonuqucadot.dll",Startup
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Dqanodurexu=rundll32.exe "[%WINDOWS%]\petexp.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winees32.rom,kGzeGWLcfHpI
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winpnq32.rom,SpXapbF
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winhwb32.rom,eGVzgEW
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wineww32.rom,UqahEmC
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winyxe32.rom,KfxhcVAftAtL
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winrjr32.rom,AERvIuARsvhA
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Izasediq=rundll32.exe "[%WINDOWS%]\ocabanov.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Onuhufaxawir=rundll32.exe "[%LOCAL_APPDATA%]\idusoyaqoxisi.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Imacux=rundll32.exe "[%LOCAL_APPDATA%]\uniqoref.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM0b4d4c6d=Rundll32.exe "[%SYSTEM%]\rayeboke.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 087e7ff1=rundll32.exe "[%SYSTEM%]\kovabova.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, fejuvalaru=Rundll32.exe "[%SYSTEM%]\wahewozi.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winapr32.rom,jCpelwsCik
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwcu32.rom,TAOHcUQCZtl
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Rfuqarikomemapi=rundll32.exe "[%LOCAL_APPDATA%]\icegapoj.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Xjidojihumevixi=rundll32.exe "[%WINDOWS%]\eremesumiwumezi.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Mkoloxado=rundll32.exe "[%LOCAL_APPDATA%]\adabugidixen.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Rpizicabenuwiq=rundll32.exe "[%WINDOWS%]\iyeyuwamoxob.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wineys32.rom,ljWDYftBiCaN
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winswo32.rom,oSQpSfRW
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winhes32.rom,HRSrCRQv
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, fedatavok=Rundll32.exe "[%SYSTEM%]\wugeruti.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Whuhitad=rundll32.exe "[%WINDOWS%]\ejufaney.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winhcj32.rom,dNOGUZiLbKSD
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wingkc32.rom,KmzVqvQ
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Uxolakenakohodo=rundll32.exe "[%LOCAL_APPDATA%]\agebicog.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Mwogijokiqova=rundll32.exe "[%WINDOWS%]\owiculenela.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winrta32.rom,oqfXAotpjNzZ
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winhdk32.rom,jkXgtj
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Dcuwimifix=rundll32.exe "[%WINDOWS%]\onecufoti.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ltebunagecaguh=rundll32.exe "[%LOCAL_APPDATA%]\elamatoyaq.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winvna32.rom,rKiKbKZvM
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wintvo32.rom,WvkPmuo
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winrnp32.rom,mWlJwwxOA
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Egasi=rundll32.exe "[%LOCAL_APPDATA%]\ojocakih.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Jbazubucamoti=rundll32.exe "[%WINDOWS%]\albmpli.dll",Startup
- HKEY_USERS\S-1-5-21-514087121-287684499-2548846814-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Jbazubucamoti=rundll32.exe "[%WINDOWS%]\albmpli.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwcu32.rom,SjsUjdiFs
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winqyu32.rom,JNoaJLTQO
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winzyt32.rom,mxJcLCzAksi
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winnbw32.rom,BVOSQr
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winsax32.rom,LKwKTnKCI
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Rfuqarikomemapi=rundll32.exe "[%LOCAL_APPDATA%]\afihemofivutamu.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winaco32.rom,INdMTbvw
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, khebxvsys=rundll32.exe "bywtqr.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, Jcadare=rundll32.exe "[%WINDOWS%]\ineteqariwi.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Khutudo=rundll32.exe "[%WINDOWS%]\awudixenibekepem.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ayice=rundll32.exe "[%WINDOWS%]\rapipn.dll",Startup
- HKEY_USERS\S-1-5-21-3464217689-1272090529-3925698974-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ayice=rundll32.exe "[%WINDOWS%]\rapipn.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {DC192567-65F9-4AB6-ADB7-E13575F81726}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winkzh32.rom,YxweBJ
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Rfuqarikomemapi=rundll32.exe "[%LOCAL_APPDATA%]\akihugil.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winnaj32.rom,hGwrLYNQs
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Xjobay=rundll32.exe "[%WINDOWS%]\egujanecatevih.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winckn32.rom,MDpUMweR
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wineii32.rom,WXQRmBOF
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ekaqubohojafabi=rundll32.exe "[%LOCAL_APPDATA%]\amugibav.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Tsoqabexob=rundll32.exe "[%WINDOWS%]\efojivuluyetof.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winqyu32.rom,clpWGR
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Yqogazijulucas=rundll32.exe "[%WINDOWS%]\apucimayobiquyep.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ykugesabe=rundll32.exe "[%WINDOWS%]\enojocif.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Tniyaxi=rundll32.exe "[%WINDOWS%]\exozumah.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ipupelayotev=rundll32.exe "[%LOCAL_APPDATA%]\izaxonug.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winqre32.rom,yMDqyiHjMxr
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwpr32.rom,vPbpYFvrN
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Skemucefuhelico=rundll32.exe "[%WINDOWS%]\ufezaxeqeta.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wintvo32.rom,fNeVDRvAcDri
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Vzaqe=rundll32.exe "[%LOCAL_APPDATA%]\abubeqovu.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winuiw32.rom,psddYlqzA
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Eqoratoyaqo=rundll32.exe "[%LOCAL_APPDATA%]\enuludos.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Cnavopuv=rundll32.exe "[%LOCAL_APPDATA%]\akaxaboko.dll",Startup
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, neyenumeli=Rundll32.exe "[%SYSTEM%]\gipunowe.dll",s
- HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, neyenumeli=Rundll32.exe "[%SYSTEM%]\gipunowe.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Gzejamujoyex=rundll32.exe "[%LOCAL_APPDATA%]\KBDatoex.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Dfapotuqolezib=rundll32.exe "[%LOCAL_APPDATA%]\aquzeleq.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winqre32.rom,wnrhoc
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wincir32.rom,CVnFxAuEyu
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Tsoqabexob=rundll32.exe "[%WINDOWS%]\uhagokidonotudok.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {aced1c9f-2718-4512-9f69-f4e28c1f484f}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Itidum=rundll32.exe "[%WINDOWS%]\ukimowapupiy.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winlku32.rom,UjIuqDXnHBk
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winfqj32.rom,DPLArgomjCBX
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Gsewa=rundll32.exe "[%WINDOWS%]\onixesabe.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winulo32.rom,ChtYafgYEPj
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run, Cgecebazobifuyiw=rundll32.exe "[%WINDOWS%]\wmsrex.dll",Startup
- HKEY_USERS\S-1-5-21-1674474272-1757353255-3474320687-1130\SOFTWARE\Microsoft\Windows\CurrentVersion\run, Cgecebazobifuyiw=rundll32.exe "[%WINDOWS%]\wmsrex.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Bdoxaradew=rundll32.exe "[%WINDOWS%]\uhipizulufujufux.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winhii32.rom,uKhkhibOI
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winlwq32.rom,fCBuZsv
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wintfn32.rom,qSsmsKZYE
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, Ktilaxe=rundll32.exe "[%LOCAL_APPDATA%]\eponozab.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {474C31C5-578B-4192-8562-2E474578DC27}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winqnj32.rom,VvEvNkHeLPZ
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Bvageririfejel=rundll32.exe "[%WINDOWS%]\ubosikuno.dll",Startup
- HKEY_USERS\S-1-5-21-989008809-132513784-1446212845-1019\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Bvageririfejel=rundll32.exe "[%WINDOWS%]\ubosikuno.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Msunawetidalumih=rundll32.exe "[%WINDOWS%]\iwoqitihumenesan.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Vpimejej=rundll32.exe "[%LOCAL_APPDATA%]\ihilazexizuxaw.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wineww32.rom,aryFmyENuk
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Idoribot=rundll32.exe "[%WINDOWS%]\oyuzakax.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wineoy32.rom,gtToTdCzHXVI
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Tsoqabexob=rundll32.exe "[%WINDOWS%]\olefutufum.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ltebunagecaguh=rundll32.exe "[%LOCAL_APPDATA%]\agitiqaquheti.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Bkowu=rundll32.exe "[%WINDOWS%]\aticuhayaticu.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winrmj32.rom,eonLdA
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winhcj32.rom,VjMWmnhjyE
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Tsoqabexob=rundll32.exe "[%WINDOWS%]\emuzajovanileco.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winrta32.rom,UwOzLJVsc
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Cbimixuqotol=rundll32.exe "[%WINDOWS%]\adivukub.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winugx32.rom,JorQbq
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winlta32.rom,PIAgdiiW
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winiue32.rom,WimoaFV
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {e908a6a7-026c-4fbe-93a9-96020beead53}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winsgq32.rom,qouaLvOTc
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winlku32.rom,bzvfXYd
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wingkc32.rom,hdVPHxYxM
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winrji32.rom,eKzMwVyCt
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Tbunudikugomuked=rundll32.exe "[%WINDOWS%]\anifaveleri.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Sqopugug=rundll32.exe "[%LOCAL_APPDATA%]\iyamutok.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winiqd32.rom,zEWhPEqG
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Bvageririfejel=rundll32.exe "[%WINDOWS%]\ubosikuno.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Tkega=rundll32.exe "[%LOCAL_APPDATA%]\umohaqevemi.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winxpa32.rom,tDtHEPQFJf
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwss32.rom,DPLArgomjCBX
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Pxisiyes=rundll32.exe "[%WINDOWS%]\otoqudolema.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Kfovomixefenoy=rundll32.exe "[%WINDOWS%]\onujuxug.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Thidi=rundll32.exe "[%WINDOWS%]\ivenucij.dll",Startup
- HKEY_USERS\S-1-5-21-1715567821-2146947141-725345543-501\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Thidi=rundll32.exe "[%WINDOWS%]\ivenucij.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {cf55dd2e-1e2c-44f7-8514-a94864ac2990}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {d7f9df29-7a42-4910-9481-b8838cfdd266}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Exazinodusexuyod=rundll32.exe "[%LOCAL_APPDATA%]\hoertart.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Jbizufolifas=rundll32.exe "[%WINDOWS%]\ameponaduqiruh.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winfcb32.rom,RCoOdks
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Nsenozabulamuf=rundll32.exe "[%WINDOWS%]\exilorom.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Cqenigegopepubit=rundll32.exe "[%LOCAL_APPDATA%]\okobiber.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ukaveco=rundll32.exe "[%LOCAL_APPDATA%]\ixatabej.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwvy32.rom,cZrEWwPlHo
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\fofufenu.dll,[%SYSTEM%]\pofetemo.dll
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winxkg32.rom,JGAmqU
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Bfayulipizulu=rundll32.exe "[%LOCAL_APPDATA%]\acewidumuhifopa.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {00DBDAC8-4691-4797-8E6A-7C6AB89BC441}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar, {74dd705d-6834-439c-a735-a6dbe2677452}=00
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Twira=rundll32.exe "[%LOCAL_APPDATA%]\igahegucobojeb.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Gsebexi=rundll32.exe "[%LOCAL_APPDATA%]\kbcecs16.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Sheveviguluse=rundll32.exe "[%WINDOWS%]\ehajihaf.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winzpm32.rom,IspeQMjducr
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwgk32.rom,pndYCzEFkwJB
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Kwujitemekoku=rundll32.exe "[%LOCAL_APPDATA%]\enenerulatoqez.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winith32.rom,XkwebtVrHJ
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ufezibumerujom=rundll32.exe "[%LOCAL_APPDATA%]\ateficawaju.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ppudojiy=rundll32.exe "[%WINDOWS%]\ozuvolub.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Twira=rundll32.exe "[%LOCAL_APPDATA%]\igahegucobojeb.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winhdk32.rom,CAMDpWsOAIO
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winevl32.rom,ZABtVsJpwX
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winqzb32.rom,iPJySobaDYyS
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winopy32.rom,dnCgiKQIAdj
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winigi32.rom,KRtDNEHuTlbs
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winhwb32.rom,qDMIkBQbWWUE
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, efddbaaudio=rundll32.exe "qommmm.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pmlmmjaudio=rundll32.exe "qommmm.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, efcaaxsys=rundll32.exe "urpnnl.dll",s
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, khighhsys=rundll32.exe "urpnnl.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, khighhsys=rundll32.exe "urpnnl.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ljkhggaudio=rundll32.exe "ssttrs.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, iihghgaudio=rundll32.exe "rqppqo.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ljiijkaudio=rundll32.exe "iifffg.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ljgefcaudio=rundll32.exe "ssttrs.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cbxxuraudio=rundll32.exe "dddcba.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mlmkkjaudio=rundll32.exe "dddcba.dll",s
- HKEY_USERS\S-1-5-21-1390067357-789336058-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, vtrrsqaudio=rundll32.exe "pmkkhf.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, vtrrsqaudio=rundll32.exe "pmkkhf.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, fccbyvaudio=rundll32.exe "pmkkhf.dll",s
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hggddaaudio=rundll32.exe "pmkkhf.dll",s
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gedcddsys=rundll32.exe "urpnnl.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hggddaaudio=rundll32.exe "pmkkhf.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gedcddsys=rundll32.exe "urpnnl.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winsfe32.rom,BexQhmyl
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ldomoqihojis=rundll32.exe "[%WINDOWS%]\atirovom.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Pxayubub=rundll32.exe "[%LOCAL_APPDATA%]\iyaferos.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winuvz32.rom,hOObne
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Gxuyiwake=rundll32.exe "[%LOCAL_APPDATA%]\uvusulejacoyusi.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winauj32.rom,MflPTKWG
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winuji32.rom,caxhijaJ
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Dwahotuketo=rundll32.exe "[%LOCAL_APPDATA%]\umejonatuqicace.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winrdz32.rom,twmXQhftAM
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Tsoqabexob=rundll32.exe "[%WINDOWS%]\iniwoyuliwol.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Thidi=rundll32.exe "[%WINDOWS%]\uwolipizulufujuf.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winvuw32.rom,ftozSBcz
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winuvz32.rom,tTYncGJeI
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Yjeyajasuqeboqut=rundll32.exe "[%WINDOWS%]\alulineter.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winqcc32.rom,VsWuWd
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nowukadopi=Rundll32.exe "zobudome.dll",s
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nowukadopi=Rundll32.exe "zobudome.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nowukadopi=Rundll32.exe "zobudome.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winldd32.rom,ttJVCAj
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Gzurasowovon=rundll32.exe "[%LOCAL_APPDATA%]\eforiveh.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Djeseyeyog=rundll32.exe "[%LOCAL_APPDATA%]\KBDPle.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wingas32.rom,ODsgrafwUdHA
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Gjifubaderotegi=rundll32.exe "[%WINDOWS%]\iganitesuzup.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Htuqa=rundll32.exe "[%LOCAL_APPDATA%]\osacilucip.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Onahaponam=rundll32.exe "[%LOCAL_APPDATA%]\ojisuwaq.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, Oguyerevafid=rundll32.exe "[%LOCAL_APPDATA%]\iqigejopevogani.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Oguyerevafid=rundll32.exe "[%LOCAL_APPDATA%]\iqigejopevogani.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwax32.rom,yhqAsSIlIaH
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winjsf32.rom,ZABtVsJpwX
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winvyn32.rom,NpFtIhaZO
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Kjudugavopi=rundll32.exe "[%WINDOWS%]\afeyalog.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {68a91f35-47db-44d7-9d28-e67984e6dd79}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwiz32.rom,wmPvQhSBceI
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Cjedojebuqag=rundll32.exe "[%WINDOWS%]\ivigigududibot.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winrom32.rom,kyOEbVUNL
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Sbofiqohuwudehi=rundll32.exe "[%WINDOWS%]\msclaxl.dll",Startup
- HKEY_USERS\S-1-5-21-2915651634-2076467117-3735499733-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Sbofiqohuwudehi=rundll32.exe "[%WINDOWS%]\msclaxl.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winina32.rom,dkbaYJAf
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winbjd32.rom,CEpReXfnXjA
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Pzirofusoca=rundll32.exe "[%WINDOWS%]\edupoheb.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wintlw32.rom,mlMZDDtta
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ylobibazuk=rundll32.exe "[%WINDOWS%]\aduwapup.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winfgz32.rom,eleNeWCyIbu
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winllf32.rom,NiZLWOA
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ikelonerava=rundll32.exe "[%WINDOWS%]\irojeroyoka.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Skemucefuhelico=rundll32.exe "[%WINDOWS%]\everuwuyana.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winjmo32.rom,qHTMRQX
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winhwn32.rom,cXFcxQOxV
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, Odiqehobiqobac=rundll32.exe "[%LOCAL_APPDATA%]\ugixitivumejabi.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winugx32.rom,jfnKbCWlXSOY
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Qtinopevog=rundll32.exe "[%LOCAL_APPDATA%]\ahevubeq.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ekijuvuwoxutapim=rundll32.exe "[%LOCAL_APPDATA%]\sjervt.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, geefdeaudio=rundll32.exe "hggeee.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, urppoosys=rundll32.exe "byvwxv.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Afobos=rundll32.exe "[%LOCAL_APPDATA%]\ukacejoxodokake.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ldovi=rundll32.exe "[%LOCAL_APPDATA%]\ukanokecikotad.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winggf32.rom,gLrFXoj
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winbyq32.rom,ZEnsVrCWGQ
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Gjifubaderotegi=rundll32.exe "[%WINDOWS%]\ixudowubucu.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wineci32.rom,YLYNoZewHpe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winlta32.rom,IcNfQAFIozTH
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winjmo32.rom,juiktmr
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Jvamopego=rundll32.exe "[%WINDOWS%]\axisijihafewoq.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winnfi32.rom,gfrjhWNvttVT
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, dcb45ad6=rundll32.exe "[%SYSTEM%]\lhiaoxmn.dll",b
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe windnb32.rom,SjOCaFjsRso
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Wsanoni=rundll32.exe "[%WINDOWS%]\adiraxonugidel.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Wsanoni=rundll32.exe "[%WINDOWS%]\adiraxonugidel.dll",Startup
- HKEY_USERS\S-1-5-21-799574871-3404044805-1977614485-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Wsanoni=rundll32.exe "[%WINDOWS%]\adiraxonugidel.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Bmoxerujo=rundll32.exe "[%WINDOWS%]\asuxawirozil.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ltebunagecaguh=rundll32.exe "[%LOCAL_APPDATA%]\iyupogaxeyu.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Uturoweraxij=rundll32.exe "[%WINDOWS%]\uciwixorigeg.dll",Startup
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hemihemore=Rundll32.exe "[%SYSTEM%]\wefifeno.dll",s
- HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hemihemore=Rundll32.exe "[%SYSTEM%]\wefifeno.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cbxxyvaudio=rundll32.exe "urpmjj.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, xxxxwwaudio=rundll32.exe "urpmjj.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nnkkhgsys=rundll32.exe "xxvvuv.dll",s
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, awttqpsys=rundll32.exe "xxvvuv.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, awttqpsys=rundll32.exe "xxvvuv.dll",s
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, zetuhayifi=Rundll32.exe "[%SYSTEM%]\yurahovo.dll",s
- HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, zetuhayifi=Rundll32.exe "[%SYSTEM%]\yurahovo.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ihudub=rundll32.exe "[%LOCAL_APPDATA%]\eseriqowaqi.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Wvulabokogikewej=rundll32.exe "[%LOCAL_APPDATA%]\CExylg.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR186.exe=[%SYSTEM%]\YUR186.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR179.exe=[%SYSTEM%]\YUR179.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR17E.exe=[%SYSTEM%]\YUR17E.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR17B.exe=[%SYSTEM%]\YUR17B.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR187.exe=[%SYSTEM%]\YUR187.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {182c7ed7-e56d-4509-9d9b-ac49318d9895}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Kmacegigudu=rundll32.exe "[%WINDOWS%]\ojubuzogazin.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Pkacerecom=rundll32.exe "[%WINDOWS%]\ayifenoyivoq.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMc3f6ccea=Rundll32.exe "[%SYSTEM%]\gilopisa.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, c0c5ff76=rundll32.exe "[%SYSTEM%]\nokamido.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, viwanafiwe=Rundll32.exe "[%SYSTEM%]\tumibule.dll",s
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, viwanafiwe=Rundll32.exe "[%SYSTEM%]\tumibule.dll",s
- HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, viwanafiwe=Rundll32.exe "[%SYSTEM%]\tumibule.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winsgz32.rom,pKVkSiK
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Rwuzuqufuna=rundll32.exe "[%LOCAL_APPDATA%]\uzuguvek.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winigi32.rom,AoYohnaARh
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Opipatuzar=rundll32.exe "[%WINDOWS%]\apizomufave.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Afiheraxi=rundll32.exe "[%LOCAL_APPDATA%]\izidohug.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Sguquqepiconih=rundll32.exe "[%WINDOWS%]\okafokib.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winxpo32.rom,ssApjopcUF
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Bretucejalafoqi=rundll32.exe "[%WINDOWS%]\ejatiholur.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 3c3bb5ab=rundll32.exe "[%SYSTEM%]\cggcxqhh.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR17A.exe=[%SYSTEM%]\YUR17A.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURA5D.exe=[%SYSTEM%]\YURA5D.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURA5C.exe=[%SYSTEM%]\YURA5C.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwiz32.rom,RMlUZzf
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ruboziravi=Rundll32.exe "[%SYSTEM%]\wavemile.dll",s
- HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ruboziravi=Rundll32.exe "[%SYSTEM%]\wavemile.dll",s
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, vimuyideyo=Rundll32.exe "[%SYSTEM%]\diperede.dll",s
- HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, vimuyideyo=Rundll32.exe "[%SYSTEM%]\diperede.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winuzg32.rom,pRupdvC
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Wmumiyozoxuje=rundll32.exe "[%LOCAL_APPDATA%]\ukulasiw.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, Vmiruzitowayewe=rundll32.exe "[%LOCAL_APPDATA%]\afafiqej.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, Tteganuveruqa=rundll32.exe "[%LOCAL_APPDATA%]\csebjim.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Eminox=rundll32.exe "[%WINDOWS%]\erexusumocare.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ycusufo=rundll32.exe "[%LOCAL_APPDATA%]\inizanijudu.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winldd32.rom,pibktzFhe
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mefojagawe=Rundll32.exe "[%SYSTEM%]\huluvavi.dll",s
- HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mefojagawe=Rundll32.exe "[%SYSTEM%]\huluvavi.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winqse32.rom,PQtAhcDhX
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winkcz32.rom,gYjCNlg
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {d3b3c51e-8d11-4667-85b9-0930f519bed7}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Kwujitemekoku=rundll32.exe "[%LOCAL_APPDATA%]\exoritucivire.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winoqv32.rom,RlOvRLP
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winpqf32.rom,vjYvFcea
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winkxs32.rom,CJTyZXX
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winohf32.rom,EejpWGaf
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Mdole=rundll32.exe "[%WINDOWS%]\upeniqivuxegeqe.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ysadibis=rundll32.exe "[%LOCAL_APPDATA%]\eripiser.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe windhr32.rom,SChNhbo
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winlku32.rom,onMlqJY
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winfqj32.rom,iowyvGwPnpLi
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ccetixoretub=rundll32.exe "[%WINDOWS%]\ijolirik.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Eyurovesebeva=rundll32.exe "[%LOCAL_APPDATA%]\ujujabivebaxiti.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ptumamumu=rundll32.exe "[%WINDOWS%]\omisaqitih.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Jtorovaxe=rundll32.exe "[%LOCAL_APPDATA%]\enohujehokonip.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Nmumije=rundll32.exe "[%LOCAL_APPDATA%]\wiantpig.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winggf32.rom,hJQCSNfxtwkW
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winqzb32.rom,QgEzWkRDE
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wincir32.rom,rHpPKiF
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winack32.rom,ljWDYftBiCaN
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winuiw32.rom,foCTwkOCQaL
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ppudojiy=rundll32.exe "[%WINDOWS%]\awoputuy.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe windym32.rom,HQXJsjB
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {5f11d5d5-3fb2-4add-84ad-d69bc9a5d312}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {be7e4ce1-8cba-44a6-956f-462a667d3286}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Czasiwey=rundll32.exe "[%LOCAL_APPDATA%]\osasuleboduyevi.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Czasiwey=rundll32.exe "[%LOCAL_APPDATA%]\osasuleboduyevi.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMebf14185=Rundll32.exe "[%SYSTEM%]\fehamito.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, e8c27219=rundll32.exe "[%SYSTEM%]\wimesabi.dll",b
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe windkm32.rom,QqOXGbSpmuvB
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winbgo32.rom,GcTLBgCbe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Dmuzovomasivikiy=rundll32.exe "[%WINDOWS%]\exukerev.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wvtrqosys=rundll32.exe "khigge.dll",DllRegisterServer
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sstqoosys=rundll32.exe "khigge.dll",DllRegisterServer
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, xxvwtsdrv=rundll32.exe "efddab.dll",s
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ssrqondrv=rundll32.exe "efddab.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ssrqondrv=rundll32.exe "efddab.dll",s
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, tuvwttsys=rundll32.exe "khigge.dll",DllRegisterServer
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, tuvwttsys=rundll32.exe "khigge.dll",DllRegisterServer
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winugy32.rom,WvylOnQZ
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winmbz32.rom,oRcuQm
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winiym32.rom,pshljgbflLeW
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wineez32.rom,NzFhMnF
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winipx32.rom,keaDMDrekI
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\vtUnkhfC.dll,c
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Vmifekibe=rundll32.exe "[%LOCAL_APPDATA%]\itinocopologoce.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Nxuvedukicuhuho=rundll32.exe "[%WINDOWS%]\isuqesaci.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winrnp32.rom,vtuBjaDnQQvb
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Nbufowaqifihufeh=rundll32.exe "[%WINDOWS%]\uzohapaximibahu.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ilonopituci=rundll32.exe "[%WINDOWS%]\iwifetel.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Tsusukuku=rundll32.exe "[%WINDOWS%]\asuzuvov.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {8071e65a-3f56-4426-8372-8667cd213057}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, qomkkhaudio=rundll32.exe "cbbxxu.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, urpnonaudio=rundll32.exe "cbbxxu.dll",s
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wvttstaudio=rundll32.exe "cbbxxu.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wvttstaudio=rundll32.exe "cbbxxu.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Tdexuquxojaponad=rundll32.exe "[%WINDOWS%]\ezaludosayeroxeh.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Gducihag=rundll32.exe "[%WINDOWS%]\eposuram.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winylr32.rom,YCuEQJNE
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winapf32.rom,DYtzyeZrXR
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winrwv32.rom,BgkRIBXJkL
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wintcm32.rom,eqUAwCsjRtjQ
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Glotifexemexizod=rundll32.exe "[%WINDOWS%]\owitiwuv.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winoej32.rom,GtburjtWKXo
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winmty32.rom,LNnEzQSbkT
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Olasapi=rundll32.exe "[%WINDOWS%]\ukezibahaqeve.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wintfb32.rom,MARVLSC
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Wribiqaquhet=rundll32.exe "[%LOCAL_APPDATA%]\usimiwumezimimi.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ghikosivo=rundll32.exe "[%WINDOWS%]\ecolebin.dll",Startup
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gugerejoye=Rundll32.exe "[%SYSTEM%]\wiwuzoza.dll",s
- HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gugerejoye=Rundll32.exe "[%SYSTEM%]\wiwuzoza.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winlhf32.rom,lwMXmhZzwt
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Obinumokekegasud=rundll32.exe "[%WINDOWS%]\uyixoqir.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winioa32.rom,sGcYWDQE
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Gkuzomazizufe=rundll32.exe "[%WINDOWS%]\abopubop.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winllj32.rom,wcvtlCvou
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winojr32.rom,ZopjVQwvE
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winohf32.rom,DUloDttFWB
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winxhs32.rom,fjqKaQu
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winnaj32.rom,eMJWngJRVvv
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ecopokil=rundll32.exe "[%WINDOWS%]\obosepef.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, vtronnaudio=rundll32.exe "cbbxxu.dll",s
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sstssqaudio=rundll32.exe "cbbxxu.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sstssqaudio=rundll32.exe "cbbxxu.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Jfoqiviyiyimevo=rundll32.exe "[%WINDOWS%]\uyojorecewekife.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winbed32.rom,CxbzLpRZ
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winssh32.rom,lXpKReVc
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Hpecacaxoj=rundll32.exe "[%LOCAL_APPDATA%]\ihonorapu.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {8e3fbde2-7dbd-4040-85d9-29bbc559c129}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winamv32.rom,XLEpODOFaY
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Lhokocozi=rundll32.exe "[%LOCAL_APPDATA%]\ikajonat.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wincny32.rom,rFnUhMnZv
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Bvukozuvovepur=rundll32.exe "[%LOCAL_APPDATA%]\ibevikikikodu.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winxje32.rom,cntUOC
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Igene=rundll32.exe "[%LOCAL_APPDATA%]\udiyanamisuno.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Unamow=rundll32.exe "[%LOCAL_APPDATA%]\aduxikayisuki.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, rqromlsys=rundll32.exe "tussqo.dll",s
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, jkklihsys=rundll32.exe "tussqo.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, jkklihsys=rundll32.exe "tussqo.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winvna32.rom,ZABtVsJpwX
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Yfepubeqixiwuhu=rundll32.exe "[%WINDOWS%]\ogedecod.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winmjm32.rom,icVhXvNSFvF
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winggf32.rom,ZAnnMofHRx
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winxfp32.rom,hBwOLDoiCvG
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winbiy32.rom,KGVDXCk
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwss32.rom,AVZcAgohDt
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winkhn32.rom,znJFaHS
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Bvudicozi=rundll32.exe "[%WINDOWS%]\iqulohawu.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winjrj32.rom,UqahEmC
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winmjm32.rom,OfjfVTEdvh
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winssh32.rom,hXCItoUfxP
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winrso32.rom,YtwomiST
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Gpoqexuc=rundll32.exe "[%LOCAL_APPDATA%]\efujulucasicuzo.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe windly32.rom,yXmCpCijS
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Bcofiduce=rundll32.exe "[%WINDOWS%]\utahabuc.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winkhn32.rom,LdQOjHPu
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winvaf32.rom,IyMAeV
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe windhr32.rom,ddEBCZkEMce
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winsgz32.rom,bPtlmXPGbOC
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Dfeyegozavo=rundll32.exe "[%LOCAL_APPDATA%]\ajomemapiqiyonox.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Igene=rundll32.exe "[%LOCAL_APPDATA%]\efekecik.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe windco32.rom,PkbZSGwZggdW
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winiot32.rom,txVoPRdAUZc
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winnxv32.rom,QXedXbL
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winvkl32.rom,lkZHQc
Scan your system registry for FREE
CURIOLAB S.M.B.A., Amagertorv 15, 2, 1160 Copenhagen K, Denmark, +45.36965533