Top 10 virus alerts
Latest 10 malware files
Testimonials
You guys are freakin' awesome, love the program, love the personalized service, and my pc loves it too :D
Justin S.
Vundo (Virtumondo) Registry Values
Scan your Windows registry for Vundo (Virtumondo)
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {113399f0-0065-4f40-bca8-f7001b46d6a8}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, vijupufew={113399f0-0065-4f40-bca8-f7001b46d6a8}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, higupamojo=Rundll32.exe "luhizafa.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, mepapirol=Rundll32.exe "[%SYSTEM%]\rekajawi.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mepapirol=Rundll32.exe "[%SYSTEM%]\huhevita.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {75a25821-090e-406b-9eeb-8bcddebb4564}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, govapugaw={75a25821-090e-406b-9eeb-8bcddebb4564}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, iinjug=RUNDLL32.EXE [%SYSTEM%]\msilojzb.dll,w
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, zetuliwud=Rundll32.exe "[%SYSTEM%]\muzupera.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {e907149a-65ff-43f8-8933-8721c23a6682}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, rajuroyew={e907149a-65ff-43f8-8933-8721c23a6682}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\ljJAPFXO.dll,c
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, weketilef=Rundll32.exe "[%SYSTEM%]\harupeza.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, jajetiveji=Rundll32.exe "puzohilo.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Kwimaw=rundll32.exe "[%WINDOWS%]\ezomatumoyesicog.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, f0420e7b=rundll32.exe "[%SYSTEM%]\vcdfiwpy.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, BMf3713de7=Rundll32.exe "[%SYSTEM%]\bokcjlrt.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {bf0ca4fc-6378-4062-b546-3cde8a28b1e0}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Xyuxeweki=rundll32.exe "[%WINDOWS%]\itapaguheyekiten.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, MSSMSGS=rundll32.exe winhlt32.rom,vAmXjLAcsgvU
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kodiyokaj=Rundll32.exe "[%SYSTEM%]\regikoko.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Qnibekulem=rundll32.exe "[%WINDOWS%]\ohilivih.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winnuj32.rom,tpdGhLcanvV
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Pzuvayotevo=rundll32.exe "[%WINDOWS%]\obabulez.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Bnatuhidonoke=rundll32.exe "[%WINDOWS%]\ujetobabuyutomo.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gotekerit=Rundll32.exe "[%SYSTEM%]\vihegawu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kupiyiweza=Rundll32.exe "zobayoha.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, vukekirot=Rundll32.exe "[%SYSTEM%]\yikujode.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {5352fb08-ce13-4cfc-a845-6cd3e1dc5218}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, kagulejov={5352fb08-ce13-4cfc-a845-6cd3e1dc5218}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, rayalirow=Rundll32.exe "[%SYSTEM%]\kisijegu.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sudaluzora=Rundll32.exe "bakefuni.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pawinepij=Rundll32.exe "[%SYSTEM%]\vudokeye.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {365208d0-199f-4929-a7be-7602cf4b45e6}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, fiwiwiyog={365208d0-199f-4929-a7be-7602cf4b45e6}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {AF209DB6-29BB-4F8B-84E8-2056EA999610}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {ca4f0d8d-5f2b-4f16-838a-8d52249eab21}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {a98d0065-7326-41b5-b8d9-c5b692cdb82f}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {E8DEC8EA-8D80-4ec6-AF6B-190A765F1D2F}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pubizetar=Rundll32.exe "[%COMMON_APPDATA%]\tumigike\tumigike.dll",a
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F16721.exe=[%PROFILE_TEMP%]\_A00F16721.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ilobazijuluca=rundll32.exe "[%WINDOWS%]\afitafabiz.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Rxecesuxid=rundll32.exe "[%WINDOWS%]\ivofanivago.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wuzayiloj=Rundll32.exe "[%SYSTEM%]\valavuja.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BM8fb72cff=Rundll32.exe "[%SYSTEM%]\ftrcvhkv.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gireduzaw=Rundll32.exe "[%SYSTEM%]\bupogoli.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {801fe6be-71bb-487b-861d-e0bece6bcc5d}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, lugosepah={801fe6be-71bb-487b-861d-e0bece6bcc5d}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winjak32.rom,JQvLxVada
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winqez32.rom,MqLwkzkSTg
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Jfaserahe=rundll32.exe "[%WINDOWS%]\udifamana.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winllf32.rom,iZioAmHRN
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Bvanibiqorefub=rundll32.exe "[%WINDOWS%]\atinosobuzit.dll",Startup
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=evjzkg.dll,[%SYSTEM%]\mijezana.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ganojozatu=Rundll32.exe "[%SYSTEM%]\gikosiha.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Idegow=rundll32.exe "[%WINDOWS%]\ilurocohuvil.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, bodomafig=Rundll32.exe "[%SYSTEM%]\buvujano.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ccPrxy.exe=ccPrxy.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {9ebf5c54-224c-48a2-bc86-a5eda9f8abf9}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Tcirov=rundll32.exe "[%WINDOWS%]\ovifenifijorece.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Rzugaquvacaxojux=rundll32.exe "[%WINDOWS%]\eriwareheguri.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Oliromewomewo=rundll32.exe "[%WINDOWS%]\ilizobes.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, zukizedam=Rundll32.exe "[%SYSTEM%]\sibomado.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {5c734ae4-bceb-428a-b592-8ecc6ca2fd94}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, rusunehej={5c734ae4-bceb-428a-b592-8ecc6ca2fd94}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Anuwukukub=rundll32.exe "[%WINDOWS%]\apenocop.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ubimevedec=rundll32.exe "[%WINDOWS%]\awohipenoxokexaq.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hetegukay=Rundll32.exe "[%SYSTEM%]\toyigeru.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {2d06a197-8c4f-471f-a355-04f3d905f203}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, zugenabab={2d06a197-8c4f-471f-a355-04f3d905f203}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gibimefod=Rundll32.exe "[%SYSTEM%]\diyahema.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {1de05912-a998-48b1-be7f-0edb25a5b594}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, makinelak={1de05912-a998-48b1-be7f-0edb25a5b594}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, vuhigatup=Rundll32.exe "[%SYSTEM%]\nosakopu.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {58f600bc-a5b6-4f34-870e-e21e58e47e94}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, begokiwaf={58f600bc-a5b6-4f34-870e-e21e58e47e94}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yukiloyul=Rundll32.exe "[%SYSTEM%]\jigonuwa.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {9e119cdc-64d4-4081-a99e-583fb911442d}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, sutididis={9e119cdc-64d4-4081-a99e-583fb911442d}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, huroyunuko=Rundll32.exe "gibetara.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, zukizedam=Rundll32.exe "[%SYSTEM%]\nusuzefa.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, zukizedam=Rundll32.exe "[%SYSTEM%]\fibikavi.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, jenolofewu=Rundll32.exe "ditehahe.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {36fdb6dc-5237-43bc-b3e3-ab31fd356fbb}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, zifopojis={36fdb6dc-5237-43bc-b3e3-ab31fd356fbb}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Bwitecebepa=rundll32.exe "[%WINDOWS%]\etibihebajoganis.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kumesibak=Rundll32.exe "[%SYSTEM%]\bukohule.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {1423f9b5-429c-4098-b690-01af2f5262fa}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, mutuwofiy={1423f9b5-429c-4098-b690-01af2f5262fa}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Yloculipizuluf=rundll32.exe "[%WINDOWS%]\uxurihesogol.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kodiyokaj=Rundll32.exe "[%SYSTEM%]\pawehuhe.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Bnawo=rundll32.exe "[%WINDOWS%]\aruvuwoxutapimo.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {2c80ead3-74cd-4700-83a4-aa878cd1c03c}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {bc7d8de8-ef3d-4f44-8b54-03759fac1367}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, narenh=RUNDLL32.EXE [%SYSTEM%]\msgygnsb.dll,w
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, jolaridav=Rundll32.exe "[%SYSTEM%]\nunayeta.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gimawuhuy=Rundll32.exe "[%SYSTEM%]\yokamuye.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMb788e7c0=Rundll32.exe "[%SYSTEM%]\bikabufe.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, b4bbd45c=rundll32.exe "[%SYSTEM%]\yafutotu.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, moduzogavo=Rundll32.exe "[%SYSTEM%]\kejajumo.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winpdc32.rom,kSylTYDZU
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Rxizif=rundll32.exe "[%WINDOWS%]\opemuyosamavabow.dll",Startup
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {214fb02a-266f-49ca-8cc8-74e29d8aa802}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, mekarijaj={214fb02a-266f-49ca-8cc8-74e29d8aa802}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mawolutuh=Rundll32.exe "[%SYSTEM%]\tugojogu.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {aa6d9022-84ca-4ce4-8a62-9f885bcaa811}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, fenekolem={aa6d9022-84ca-4ce4-8a62-9f885bcaa811}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, buzipewib=Rundll32.exe "[%SYSTEM%]\royomuya.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {0ba617f8-fe10-4185-9bd1-ba4548c75208}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, mebayekak={0ba617f8-fe10-4185-9bd1-ba4548c75208}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winfcb32.rom,oTqHYbqggsJ
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winpdc32.rom,JZZpHZR
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kumesibak=Rundll32.exe "[%SYSTEM%]\seyohebi.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {b5d96575-af5e-4b9c-9641-8279a7959033}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, rotajejuy={b5d96575-af5e-4b9c-9641-8279a7959033}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Qfoqa=rundll32.exe "[%WINDOWS%]\eratehokofa.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Odepadazayujupil=rundll32.exe "[%WINDOWS%]\iwunonuc.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, donisozay=Rundll32.exe "[%SYSTEM%]\delineyo.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {5187187b-97eb-401a-8fcc-88c3169b9cf9}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, pulirevof={5187187b-97eb-401a-8fcc-88c3169b9cf9}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {b09e0f0b-28fe-4a7e-90f6-6d09e4234852}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {699bb593-b339-4939-aa8f-b166d72b1faf}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, jhlaos=RUNDLL32.EXE [%SYSTEM%]\msfrzjcj.dll,w
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, dudumesiv=Rundll32.exe "[%SYSTEM%]\kehitulo.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, unmymp=RUNDLL32.EXE [%SYSTEM%]\msaxptjk.dll,w
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, rscqdr=RUNDLL32.EXE [%SYSTEM%]\mssheatr.dll,w
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Yjiceq=rundll32.exe "[%WINDOWS%]\irumanitesuz.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Rlinerul=rundll32.exe "[%WINDOWS%]\azovugiyarikom.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, mubelotuy=Rundll32.exe "[%SYSTEM%]\lunepudi.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 70f8e9fd=rundll32.exe "[%PROFILE_TEMP%]\qktwanar.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Pbonadisay=rundll32.exe "[%WINDOWS%]\atupurifum.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winpfi32.rom,JQvLxVada
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ryozifob=rundll32.exe "[%WINDOWS%]\ecubadisuvu.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, zukizedam=Rundll32.exe "[%SYSTEM%]\begajetu.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winqxv32.rom,NVaxfLd
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM03cb2093=Rundll32.exe "[%SYSTEM%]\hodisuto.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winina32.rom,kaisxTfBZp
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, azmqkb=RUNDLL32.EXE [%SYSTEM%]\msbkcmph.dll,w
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, helohohube=Rundll32.exe "jurumoku.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {32341e7e-c319-46de-91d0-e30bb1a3caba}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {fc9f68da-8485-41aa-9ea3-fa7c639dc486}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kamupojum=Rundll32.exe "[%SYSTEM%]\kaziloku.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {a3980576-a60d-485b-b982-8120f3117d37}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, fofavopup={a3980576-a60d-485b-b982-8120f3117d37}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, b4c9b05a=rundll32.exe "[%SYSTEM%]\iituqtot.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BMb7fa83c6=Rundll32.exe "[%SYSTEM%]\dsgvgvqo.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Lxivubijaxesa=rundll32.exe "[%WINDOWS%]\omoraxon.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, vwcfkn=RUNDLL32.EXE [%SYSTEM%]\mspslkux.dll,w
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sofozetoz=Rundll32.exe "[%SYSTEM%]\wituloru.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winpij32.rom,utKywtIdm
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, huyalolupo=Rundll32.exe "rarunuku.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winkml32.rom,CxWMkiG
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Uyotuhe=rundll32.exe "[%WINDOWS%]\uxupuyuqiyuk.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM973ba713=Rundll32.exe "[%SYSTEM%]\zubadira.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 9408948f=rundll32.exe "[%SYSTEM%]\wadavuro.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, vorujobeyi=Rundll32.exe "[%SYSTEM%]\fonemike.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Dmopubij=rundll32.exe "[%WINDOWS%]\utalokahubo.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Khuzulucas=rundll32.exe "[%WINDOWS%]\igawukaz.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run, femipiwog=Rundll32.exe "[%SYSTEM%]\kumiberu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yalisefiba=Rundll32.exe "nagomone.dll",s
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yazelapiri=Rundll32.exe "[%SYSTEM%]\pegeseyi.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yazelapiri=Rundll32.exe "[%SYSTEM%]\pegeseyi.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, bumefegez=Rundll32.exe "[%SYSTEM%]\tiyupotu.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {310266f4-6258-4d49-a1b9-ba0a8d29833a}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, hidoruteb={310266f4-6258-4d49-a1b9-ba0a8d29833a}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Fduguhoxajedecod=rundll32.exe "[%WINDOWS%]\aguseqovaruyuqi.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Kwimaw=rundll32.exe "[%WINDOWS%]\ohevegub.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Bnawo=rundll32.exe "[%WINDOWS%]\ogahigus.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {f86b11f3-0ce1-475f-9541-5329bf7b3597}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hezazilum=Rundll32.exe "[%SYSTEM%]\loyodipo.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hifizikod=Rundll32.exe "[%SYSTEM%]\jasapule.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {d556a47f-ac73-4545-899d-b6a34b1cfd37}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, heketutip={d556a47f-ac73-4545-899d-b6a34b1cfd37}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 5c45f932=rundll32.exe "[%SYSTEM%]\hqybtanp.dll",b
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yabusadima="Rundll32.exe" "[%COMMON_APPDATA%]\pubulasi\pubulasi.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Wjivug=rundll32.exe "[%WINDOWS%]\iyewemul.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Olububitu=rundll32.exe "[%WINDOWS%]\orapekamos.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ivivejizuqufuna=rundll32.exe "[%WINDOWS%]\oqamujoyexa.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Tlaho=rundll32.exe "[%WINDOWS%]\ekobosuy.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, MSServer=rundll32.exe [%PROFILE_TEMP%]\awtsPGVp.dll,#1
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, cmds=rundll32.exe [%PROFILE_TEMP%]\hgGabYRH.dll,c
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, BM7f0c2689=Rundll32.exe "[%PROFILE_TEMP%]\ifyxnngb.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kumesibak=Rundll32.exe "[%SYSTEM%]\saperiho.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {46a88135-c698-4042-852a-713067b954d2}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, zeberuzed={46a88135-c698-4042-852a-713067b954d2}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {fe381b81-42df-4c9e-af32-70f31e3f2e5d}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, fihonajep={fe381b81-42df-4c9e-af32-70f31e3f2e5d}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {4c6ebbce-05d8-4bda-b1be-6dc6b1aba51b}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, fonarukuk={4c6ebbce-05d8-4bda-b1be-6dc6b1aba51b}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\geBstrSj.dll,#1
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 54a58e5f=rundll32.exe "[%PROFILE_TEMP%]\fdqcgdcl.dll",b
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cmds=rundll32.exe [%PROFILE_TEMP%]\efcBUKBq.dll,c
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winkcz32.rom,qGTPJyx
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Klituqi=rundll32.exe "[%WINDOWS%]\ukuraxon.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMff131e69=Rundll32.exe "[%SYSTEM%]\togigazo.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, fc202df5=rundll32.exe "[%SYSTEM%]\niyihese.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kizotoliwo=Rundll32.exe "[%SYSTEM%]\tomavita.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gubenolav=Rundll32.exe "[%SYSTEM%]\jeribejo.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {fae12580-e071-4647-93a7-a5657e2a8815}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, tojanigov={fae12580-e071-4647-93a7-a5657e2a8815}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {7d3c7fa8-2270-4e6e-8758-87f33b8b3721}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {f6725edc-93ff-479b-a98b-c5b9e3c44864}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, akycos=RUNDLL32.EXE [%SYSTEM%]\msybexig.dll,w
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, vkqzej=RUNDLL32.EXE [%SYSTEM%]\msjuehus.dll,w
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {affb51c0-f241-46fb-a643-468b849b53e2}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, rubigotej={affb51c0-f241-46fb-a643-468b849b53e2}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ajosepaz=rundll32.exe "[%WINDOWS%]\acagixor.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nusitenog=Rundll32.exe "[%SYSTEM%]\duvapame.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Hmatasudevibe=rundll32.exe "[%WINDOWS%]\epadabex.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hawelalos=Rundll32.exe "[%SYSTEM%]\tabisape.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {0a9481a9-11a8-4c60-82c3-faa7dc7d6156}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, zufepeneh={0a9481a9-11a8-4c60-82c3-faa7dc7d6156}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {b53c09ac-a483-4db3-86b8-dde752284468}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, vawefisom={b53c09ac-a483-4db3-86b8-dde752284468}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Yvovolib=rundll32.exe "[%WINDOWS%]\iqugesagubinago.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BM33911e52=Rundll32.exe "[%SYSTEM%]\cpnynygg.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 34998f23=rundll32.exe "[%SYSTEM%]\ivhvewic.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yojuyosip=Rundll32.exe "[%SYSTEM%]\sizugomu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Qzojoway=rundll32.exe "[%WINDOWS%]\ivodozox.dll",Startup
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {214fb02a-266f-49ca-8cc8-74e29d8aa802}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, ruvolapam={214fb02a-266f-49ca-8cc8-74e29d8aa802}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gowufowij=Rundll32.exe "[%SYSTEM%]\pupuzuri.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {e2a26a32-95bf-483d-bcf9-a7f0adbad951}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, takizagah={e2a26a32-95bf-483d-bcf9-a7f0adbad951}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hifizikod=Rundll32.exe "[%SYSTEM%]\jikuloso.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {841be07c-1329-4091-bf29-7e3b3bc1dccc}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, rofobehib={841be07c-1329-4091-bf29-7e3b3bc1dccc}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, noyokolup=Rundll32.exe "[%SYSTEM%]\hubewapo.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {8c39dbb1-06f7-4a69-8108-cd6d8e212709}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, tizomiyah={8c39dbb1-06f7-4a69-8108-cd6d8e212709}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kumesibak=Rundll32.exe "[%SYSTEM%]\towohevi.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {be62ceb8-73cc-43c0-9bf0-e3da55d135aa}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, dafidedez={be62ceb8-73cc-43c0-9bf0-e3da55d135aa}
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00FC0CE7.exe=[%PROFILE_TEMP%]\_A00FC0CE7.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, liyipavom=Rundll32.exe "[%SYSTEM%]\japadesu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, zafiwefazo=Rundll32.exe "mikasova.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {9f52bcd9-81c5-4580-ba09-6162be66efd9}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, jihiwogeg={9f52bcd9-81c5-4580-ba09-6162be66efd9}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winbfc32.rom,GNhAhFZIbC
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F2A0032.exe=[%PROFILE_TEMP%]\_A00F2A0032.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winffq32.rom,EtNffDZj
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1.exe=[%SYSTEM%]\YUR1.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1.exe=[%SYSTEM%]\YUR1.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2.exe=[%SYSTEM%]\YUR2.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2.exe=[%SYSTEM%]\YUR2.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR31.exe=[%SYSTEM%]\YUR31.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2E.exe=[%SYSTEM%]\YUR2E.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2F.exe=[%SYSTEM%]\YUR2F.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR31.exe=[%SYSTEM%]\YUR31.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2E.exe=[%SYSTEM%]\YUR2E.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2F.exe=[%SYSTEM%]\YUR2F.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR4.exe=[%SYSTEM%]\YUR4.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3.exe=[%SYSTEM%]\YUR3.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR4.exe=[%SYSTEM%]\YUR4.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3.exe=[%SYSTEM%]\YUR3.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR5.exe=[%SYSTEM%]\YUR5.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR5.exe=[%SYSTEM%]\YUR5.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR30.exe=[%SYSTEM%]\YUR30.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR30.exe=[%SYSTEM%]\YUR30.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR6.exe=[%SYSTEM%]\YUR6.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR6.exe=[%SYSTEM%]\YUR6.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR36.exe=[%SYSTEM%]\YUR36.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3E.exe=[%SYSTEM%]\YUR3E.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3E.exe=[%SYSTEM%]\YUR3E.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR36.exe=[%SYSTEM%]\YUR36.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {06E12C36-760F-4D92-8509-5E5DBF12C423}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {4f729499-7674-43e4-bfff-672e58777a39}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {a2587760-63ed-4ef5-b30d-a7c5b53ee597}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, qblkho=RUNDLL32.EXE [%SYSTEM%]\msztucot.dll,w
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, Wlulu=rundll32.exe "[%WINDOWS%]\umabesitef.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Wlulu=rundll32.exe "[%WINDOWS%]\umabesitef.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Oyigojotohunica=rundll32.exe "[%WINDOWS%]\azicuhuh.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Spaficoziqowukaz=rundll32.exe "[%WINDOWS%]\ohimesum.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ewaremiz=rundll32.exe "[%WINDOWS%]\uruqabezaxeqe.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Qsayoyivoqub=rundll32.exe "[%WINDOWS%]\otupikep.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kesetotev=Rundll32.exe "[%SYSTEM%]\fijiveni.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hofesavega=Rundll32.exe "gehudehe.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {5b7658d7-4143-489f-8bd6-e6c6d3106ae4}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, jiroguzas={5b7658d7-4143-489f-8bd6-e6c6d3106ae4}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pubizetar=Rundll32.exe "[%COMMON_APPDATA%]\waliriro\waliriro.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ffufi=rundll32.exe "[%WINDOWS%]\olozuzese.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Xjetetoxicedojod=rundll32.exe "[%WINDOWS%]\irabemojokesiy.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Kcukeseb=rundll32.exe "[%WINDOWS%]\iwesarevegubelix.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hofesavega=Rundll32.exe "gehudehe.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Fniviloxegirif=rundll32.exe "[%WINDOWS%]\evuhaqevemi.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Frikelikolakefup=rundll32.exe "[%WINDOWS%]\ujomiruxe.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Pxesax=rundll32.exe "[%WINDOWS%]\uqizavuyu.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ahurusudihoso=rundll32.exe "[%WINDOWS%]\iziyocadisayiko.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kumesibak=Rundll32.exe "[%SYSTEM%]\dikuwewu.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {cd93f571-b98d-41c9-98a3-024ed1d593c5}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, fitigikul={cd93f571-b98d-41c9-98a3-024ed1d593c5}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, liyipavom=Rundll32.exe "[%SYSTEM%]\mofewobi.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Rdafebiwel=rundll32.exe "[%WINDOWS%]\arocogir.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, reyumabisi=Rundll32.exe "[%SYSTEM%]\faviguzu.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nanobasot=Rundll32.exe "[%SYSTEM%]\volizita.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {4c49e759-4b97-4678-acaa-60dec3a96cd9}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, rabogukeh={4c49e759-4b97-4678-acaa-60dec3a96cd9}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {87e2236a-9089-4c4b-b0ad-75df6a77125d}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, gijejiraf={87e2236a-9089-4c4b-b0ad-75df6a77125d}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR312D.exe=[%SYSTEM%]\YUR312D.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR312D.exe=[%SYSTEM%]\YUR312D.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3AED.exe=[%SYSTEM%]\YUR3AED.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD44E.exe=[%SYSTEM%]\YURD44E.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR7E91.exe=[%SYSTEM%]\YUR7E91.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURE48.exe=[%SYSTEM%]\YURE48.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURE48.exe=[%SYSTEM%]\YURE48.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB00C.exe=[%SYSTEM%]\YURB00C.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2E5F.exe=[%SYSTEM%]\YUR2E5F.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURBEBC.exe=[%SYSTEM%]\YURBEBC.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURCC53.exe=[%SYSTEM%]\YURCC53.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURDD63.exe=[%SYSTEM%]\YURDD63.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURCA50.exe=[%SYSTEM%]\YURCA50.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURAF03.exe=[%SYSTEM%]\YURAF03.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB5.exe=[%SYSTEM%]\YURB5.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB5.exe=[%SYSTEM%]\YURB5.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUREA00.exe=[%SYSTEM%]\YUREA00.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUREA00.exe=[%SYSTEM%]\YUREA00.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURCE75.exe=[%SYSTEM%]\YURCE75.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD097.exe=[%SYSTEM%]\YURD097.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURAF41.exe=[%SYSTEM%]\YURAF41.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURC6E.exe=[%SYSTEM%]\YURC6E.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD384.exe=[%SYSTEM%]\YURD384.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD374.exe=[%SYSTEM%]\YURD374.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD374.exe=[%SYSTEM%]\YURD374.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURCC53.exe=[%SYSTEM%]\YURCC53.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD4DB.exe=[%SYSTEM%]\YURD4DB.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD4DB.exe=[%SYSTEM%]\YURD4DB.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR37B2.exe=[%SYSTEM%]\YUR37B2.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR37B2.exe=[%SYSTEM%]\YUR37B2.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB412.exe=[%SYSTEM%]\YURB412.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3571.exe=[%SYSTEM%]\YUR3571.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD42F.exe=[%SYSTEM%]\YURD42F.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURBFA6.exe=[%SYSTEM%]\YURBFA6.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB0CB.exe=[%SYSTEM%]\YURB0CB.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hmcisw=RUNDLL32.EXE [%SYSTEM%]\mskzuecw.dll,w
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Lzepayazada=rundll32.exe "[%WINDOWS%]\iqahukuru.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Gloqaxuwi=rundll32.exe "[%WINDOWS%]\okufawina.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, tujapayek=Rundll32.exe "[%SYSTEM%]\jiluneja.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {1bb2fd70-8030-4dc9-8006-37153649c485}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, puyotodes={1bb2fd70-8030-4dc9-8006-37153649c485}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pubizetar=Rundll32.exe "[%COMMON_APPDATA%]\gikosiha\gikosiha.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Sgapenoyiv=rundll32.exe "[%WINDOWS%]\eyekanugazixo.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, vkqzej=RUNDLL32.EXE [%WINDOWS%]\TEMP\msjuehus.dll,w
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sofozetoz=Rundll32.exe "[%SYSTEM%]\yifiroso.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {19c60c1c-639f-413e-8d4c-a2304bbe9600}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, yesimomad={19c60c1c-639f-413e-8d4c-a2304bbe9600}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Cziriqiyon=rundll32.exe "[%WINDOWS%]\udazitoh.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Hjoyerewehapa=rundll32.exe "[%WINDOWS%]\oxemuyix.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, vipopimija=Rundll32.exe "[%COMMON_APPDATA%]\matizava\matizava.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, vogevagup=Rundll32.exe "[%SYSTEM%]\neduwozi.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {fbdc237d-5462-44a9-8a03-0bb0977fae3d}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, vogibetid={fbdc237d-5462-44a9-8a03-0bb0977fae3d}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Olububitu=rundll32.exe "[%WINDOWS%]\efoyiniy.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gowufowij=Rundll32.exe "[%SYSTEM%]\wukanipo.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {4387d621-3427-4f0d-9ae4-c87fd3e022de}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, fivohifeg={4387d621-3427-4f0d-9ae4-c87fd3e022de}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, butarogad=Rundll32.exe "[%SYSTEM%]\wutupile.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {ae29f360-56bc-4363-8aac-3d06d0e9cf92}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, hehajoroj={ae29f360-56bc-4363-8aac-3d06d0e9cf92}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {a5f1f916-d70d-44f0-ad94-d374957c4dd8}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, fosobimas={a5f1f916-d70d-44f0-ad94-d374957c4dd8}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {c1094ce3-3726-480a-9f8b-4d8522ca72fa}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, yajifetef={c1094ce3-3726-480a-9f8b-4d8522ca72fa}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {85ab8adb-0757-4ac8-9d06-816713df10e1}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, pupapinop={85ab8adb-0757-4ac8-9d06-816713df10e1}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {eb662af6-d484-4aa7-9b19-d51e02f44ebd}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, lobevibul={eb662af6-d484-4aa7-9b19-d51e02f44ebd}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, butarogad=Rundll32.exe "[%SYSTEM%]\gukuyesa.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {9740f4c6-3cde-4ad8-a579-aa6df2b0e5a4}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, makikokoj={9740f4c6-3cde-4ad8-a579-aa6df2b0e5a4}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURCE75.exe=[%SYSTEM%]\YURCE75.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURDD63.exe=[%SYSTEM%]\YURDD63.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD42F.exe=[%SYSTEM%]\YURD42F.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURDDDF.exe=[%SYSTEM%]\YURDDDF.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1402.exe=[%SYSTEM%]\YUR1402.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURFD47.exe=[%SYSTEM%]\YURFD47.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURE0D2.exe=[%SYSTEM%]\YURE0D2.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR90A2.exe=[%SYSTEM%]\YUR90A2.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR4571.exe=[%SYSTEM%]\YUR4571.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR4E3E.exe=[%SYSTEM%]\YUR4E3E.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR6977.exe=[%SYSTEM%]\YUR6977.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURAA3A.exe=[%SYSTEM%]\YURAA3A.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR282C.exe=[%SYSTEM%]\YUR282C.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR60A6.exe=[%SYSTEM%]\YUR60A6.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD545.exe=[%SYSTEM%]\YURD545.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB8AE.exe=[%SYSTEM%]\YURB8AE.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2DE9.exe=[%SYSTEM%]\YUR2DE9.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB34A.exe=[%SYSTEM%]\YURB34A.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR8240.exe=[%SYSTEM%]\YUR8240.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURFB52.exe=[%SYSTEM%]\YURFB52.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR59F1.exe=[%SYSTEM%]\YUR59F1.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR24AF.exe=[%SYSTEM%]\YUR24AF.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURBFA6.exe=[%SYSTEM%]\YURBFA6.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURAF03.exe=[%SYSTEM%]\YURAF03.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2B7A.exe=[%SYSTEM%]\YUR2B7A.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1F0C.exe=[%SYSTEM%]\YUR1F0C.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB5E.exe=[%SYSTEM%]\YURB5E.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3AED.exe=[%SYSTEM%]\YUR3AED.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD44E.exe=[%SYSTEM%]\YURD44E.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURCA50.exe=[%SYSTEM%]\YURCA50.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD097.exe=[%SYSTEM%]\YURD097.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURC57F.exe=[%SYSTEM%]\YURC57F.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3DFC.exe=[%SYSTEM%]\YUR3DFC.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD384.exe=[%SYSTEM%]\YURD384.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURCCDF.exe=[%SYSTEM%]\YURCCDF.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURC976.exe=[%SYSTEM%]\YURC976.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR7E91.exe=[%SYSTEM%]\YUR7E91.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURC6E.exe=[%SYSTEM%]\YURC6E.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR8246.exe=[%SYSTEM%]\YUR8246.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR7F24.exe=[%SYSTEM%]\YUR7F24.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURFE10.exe=[%SYSTEM%]\YURFE10.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR51B7.exe=[%SYSTEM%]\YUR51B7.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR15C8.exe=[%SYSTEM%]\YUR15C8.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR92EF.exe=[%SYSTEM%]\YUR92EF.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURA12B.exe=[%SYSTEM%]\YURA12B.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR266D.exe=[%SYSTEM%]\YUR266D.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURCA54.exe=[%SYSTEM%]\YURCA54.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR4FA6.exe=[%SYSTEM%]\YUR4FA6.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD4E8.exe=[%SYSTEM%]\YURD4E8.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR5A3A.exe=[%SYSTEM%]\YUR5A3A.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURDF7C.exe=[%SYSTEM%]\YURDF7C.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR64CD.exe=[%SYSTEM%]\YUR64CD.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR6F42.exe=[%SYSTEM%]\YUR6F42.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR284E.exe=[%SYSTEM%]\YUR284E.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURAC68.exe=[%SYSTEM%]\YURAC68.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURBB43.exe=[%SYSTEM%]\YURBB43.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURBF3A.exe=[%SYSTEM%]\YURBF3A.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR79B2.exe=[%SYSTEM%]\YUR79B2.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURDDDF.exe=[%SYSTEM%]\YURDDDF.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1402.exe=[%SYSTEM%]\YUR1402.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURFD47.exe=[%SYSTEM%]\YURFD47.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURE0D2.exe=[%SYSTEM%]\YURE0D2.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR90A2.exe=[%SYSTEM%]\YUR90A2.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR4571.exe=[%SYSTEM%]\YUR4571.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR4E3E.exe=[%SYSTEM%]\YUR4E3E.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR6977.exe=[%SYSTEM%]\YUR6977.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURAA3A.exe=[%SYSTEM%]\YURAA3A.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR282C.exe=[%SYSTEM%]\YUR282C.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR60A6.exe=[%SYSTEM%]\YUR60A6.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD545.exe=[%SYSTEM%]\YURD545.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB8AE.exe=[%SYSTEM%]\YURB8AE.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2DE9.exe=[%SYSTEM%]\YUR2DE9.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB34A.exe=[%SYSTEM%]\YURB34A.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR8240.exe=[%SYSTEM%]\YUR8240.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURFB52.exe=[%SYSTEM%]\YURFB52.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR59F1.exe=[%SYSTEM%]\YUR59F1.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR24AF.exe=[%SYSTEM%]\YUR24AF.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2B7A.exe=[%SYSTEM%]\YUR2B7A.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1F0C.exe=[%SYSTEM%]\YUR1F0C.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB5E.exe=[%SYSTEM%]\YURB5E.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURC57F.exe=[%SYSTEM%]\YURC57F.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3DFC.exe=[%SYSTEM%]\YUR3DFC.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURCCDF.exe=[%SYSTEM%]\YURCCDF.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURC976.exe=[%SYSTEM%]\YURC976.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR8246.exe=[%SYSTEM%]\YUR8246.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR7F24.exe=[%SYSTEM%]\YUR7F24.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURFE10.exe=[%SYSTEM%]\YURFE10.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR51B7.exe=[%SYSTEM%]\YUR51B7.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR15C8.exe=[%SYSTEM%]\YUR15C8.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR92EF.exe=[%SYSTEM%]\YUR92EF.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURA12B.exe=[%SYSTEM%]\YURA12B.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR266D.exe=[%SYSTEM%]\YUR266D.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURCA54.exe=[%SYSTEM%]\YURCA54.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR4FA6.exe=[%SYSTEM%]\YUR4FA6.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD4E8.exe=[%SYSTEM%]\YURD4E8.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR5A3A.exe=[%SYSTEM%]\YUR5A3A.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURDF7C.exe=[%SYSTEM%]\YURDF7C.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR64CD.exe=[%SYSTEM%]\YUR64CD.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR6F42.exe=[%SYSTEM%]\YUR6F42.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR284E.exe=[%SYSTEM%]\YUR284E.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURAC68.exe=[%SYSTEM%]\YURAC68.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURBB43.exe=[%SYSTEM%]\YURBB43.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURE794.exe=[%SYSTEM%]\YURE794.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURFABE.exe=[%SYSTEM%]\YURFABE.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR8000.exe=[%SYSTEM%]\YUR8000.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR542.exe=[%SYSTEM%]\YUR542.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR8A75.exe=[%SYSTEM%]\YUR8A75.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2133.exe=[%SYSTEM%]\YUR2133.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURA666.exe=[%SYSTEM%]\YURA666.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2B98.exe=[%SYSTEM%]\YUR2B98.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB3E3.exe=[%SYSTEM%]\YURB3E3.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURBF3A.exe=[%SYSTEM%]\YURBF3A.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR79B2.exe=[%SYSTEM%]\YUR79B2.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Bnawo=rundll32.exe "[%WINDOWS%]\afabivepasuyax.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {DC192567-65F9-4AB6-ADB7-E13575F81726}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BMfb37e6c1=Rundll32.exe "[%SYSTEM%]\njfigvkd.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yiyarobuwa=Rundll32.exe "[%SYSTEM%]\votojoye.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mopanoboy=Rundll32.exe "[%SYSTEM%]\pebudeba.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {aea5f5a6-9e94-4144-a0a2-241954838f08}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, geramobil={aea5f5a6-9e94-4144-a0a2-241954838f08}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, zovafiyuf=Rundll32.exe "[%SYSTEM%]\zukepive.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {fc808754-fc32-4c14-8e4a-873f3f34137c}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, rogeyamid={fc808754-fc32-4c14-8e4a-873f3f34137c}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {2eadd8bd-1e3e-4841-bde5-70e274cd2eb4}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, hagebimis={2eadd8bd-1e3e-4841-bde5-70e274cd2eb4}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {f1dc1171-b033-4ef3-8474-a7b6eea169a6}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, tinetazol={f1dc1171-b033-4ef3-8474-a7b6eea169a6}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {1672f7bc-e404-44fe-81ba-e5ff2f661ea0}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, ditowoyij={1672f7bc-e404-44fe-81ba-e5ff2f661ea0}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, laneliwah=Rundll32.exe "[%SYSTEM%]\yerehute.dll",a
Scan your system registry for FREE
Comments
