Top 10 Alerts
Latest 10 Malware Files
Testimonials
You guys are freakin' awesome, love the program, love the personalized service, and my pc loves it too :D
Justin S.
Vundo (Virtumondo) Registry Values
Scan your Windows registry for Vundo (Virtumondo)
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Wsomawogepukogib=rundll32.exe "[%LOCAL_APPDATA%]\idefudocayewidu.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winzpm32.rom,ApyGnjzKuEAL
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Myilic=rundll32.exe "[%LOCAL_APPDATA%]\imuhifopawuqewi.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwts32.rom,bqPCjq
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Wlukok=rundll32.exe "[%WINDOWS%]\imoxacum.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Nvikuca=rundll32.exe "[%WINDOWS%]\irugubinagoguta.dll",Startup
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, jatukusefo=Rundll32.exe "[%SYSTEM%]\naziniku.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Opexaso=rundll32.exe "[%LOCAL_APPDATA%]\ofixamecusura.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Fhoci=rundll32.exe "[%LOCAL_APPDATA%]\line132.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winvna32.rom,OuhEiaFNfR
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ydemomixe=rundll32.exe "[%WINDOWS%]\urojopevo.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ffoqizicesojolo=rundll32.exe "[%LOCAL_APPDATA%]\ozifasoc.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winaco32.rom,ggunDw
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwss32.rom,nKVXLmAOJI
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Bcofiduce=rundll32.exe "[%WINDOWS%]\idizeqeq.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winzpm32.rom,YjPInnR
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winzyt32.rom,qICqGLRqdcJ
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Xsetuvacasatoxol=rundll32.exe "[%WINDOWS%]\atoribec.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {4fd130ae-d8d2-4137-a680-c5cf233be545}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {11241072-58bb-40ce-9171-0b2bdfb22e97}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winugy32.rom,cOieXcDUjOCM
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winhdk32.rom,LkTMnNl
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winlta32.rom,AOpalFYpVk
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winghk32.rom,lViVWpo
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winkep32.rom,puonmzZFB
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {a12d780a-5ba0-4418-ad5e-380dd70a7215}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winyza32.rom,FqlyYwBxrcoU
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Uvexiboxavowi=rundll32.exe "[%LOCAL_APPDATA%]\ehonelanavecazu.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winohf32.rom,yXmCpCijS
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Myilic=rundll32.exe "[%LOCAL_APPDATA%]\orenusij.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winlrl32.rom,XPIGwMho
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Kfecariz=rundll32.exe "[%LOCAL_APPDATA%]\uhafeyut.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winsdb32.rom,KFssEaFu
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wincuv32.rom,IFUKZGZ
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\kuvarilo.dll
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, lijisiteva=Rundll32.exe "[%SYSTEM%]\funeroga.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winuvz32.rom,QfdlwZYbB
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winjmo32.rom,vyYZzcSzgxT
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Dzijenezud=rundll32.exe "[%WINDOWS%]\uzamayobiquy.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Gmoxugupi=rundll32.exe "[%LOCAL_APPDATA%]\utepilid.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winodz32.rom,XIPRsUr
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwpf32.rom,YxWCSFi
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ngasi=rundll32.exe "[%LOCAL_APPDATA%]\ehulusasiy.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Nlaxopi=rundll32.exe "[%WINDOWS%]\usujacoyu.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winajk32.rom,qkYbbtyxETQz
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winhdk32.rom,SIFQKDzlgmW
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe windwl32.rom,acGZgYd
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wincaz32.rom,pldnMEpqXDRv
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wincaz32.rom,yqbTcBi
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winqyu32.rom,ctXtPkQLofIl
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Vnihuce=rundll32.exe "[%LOCAL_APPDATA%]\abituzaruqehi.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Kwiyovonegifopa=rundll32.exe "[%WINDOWS%]\ukiketom.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winees32.rom,LMdmWzbeWo
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Jhiziquw=rundll32.exe "[%LOCAL_APPDATA%]\uhomonusij.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {20e59ca2-78b0-4431-bfd0-d8b5adfc0056}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Clahovanilecolay=rundll32.exe "[%WINDOWS%]\uralesol.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winpbz32.rom,GAylmoLJVJl
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winzir32.rom,eZNrPRAqiNa
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \WinDE.exe=[%SYSTEM%]\WinDE.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \WinDD.exe=[%SYSTEM%]\WinDD.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \WinD9.exe=[%SYSTEM%]\WinD9.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \WinD8.exe=[%SYSTEM%]\WinD8.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \WinD7.exe=[%SYSTEM%]\WinD7.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \WinDE.exe=[%SYSTEM%]\WinDE.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \WinDD.exe=[%SYSTEM%]\WinDD.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \WinD9.exe=[%SYSTEM%]\WinD9.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \WinD8.exe=[%SYSTEM%]\WinD8.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \WinD7.exe=[%SYSTEM%]\WinD7.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Fwutonamevede=rundll32.exe "[%WINDOWS%]\srevfrev.dll",Startup
- HKEY_USERS\S-1-5-21-4029429515-3768809317-1917240626-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Fwutonamevede=rundll32.exe "[%WINDOWS%]\srevfrev.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winpan32.rom,KoiJCJaflre
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wineww32.rom,EzQpMLlMUnXK
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winhwb32.rom,aVtrdt
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwuq32.rom,XerGsP
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winhlt32.rom,VCzWsxnXsS
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {63ab48c9-01a8-495c-8194-a715db8a37a2}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winjsf32.rom,yltOQAfdCI
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winrmj32.rom,LpGhBXvaCFtk
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winlvh32.rom,ddxrlBAVUPpe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwgp32.rom,ppyCXlzVF
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winqvg32.rom,pmTziIUMrE
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winboy32.rom,GFUEMgfHTui
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winbgo32.rom,JuosDa
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winpqf32.rom,SrClAjVQNJ
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe windwl32.rom,XHcSqchveGW
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winbtn32.rom,EejpWGaf
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winfav32.rom,cyeokg
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winvfe32.rom,KDEDbAvHDPi
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wingaw32.rom,dBivVf
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winhsx32.rom,krGjZPka
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winruq32.rom,vyDRjaoUipa
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Csoyamujoyexamec=rundll32.exe "[%LOCAL_APPDATA%]\oqumewobeyi.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Kzuqotuqol=rundll32.exe "[%LOCAL_APPDATA%]\KBDatre.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Fhududepi=rundll32.exe "[%SYSTEM%]\config\systemprofile\AppData\Local\ukicopol.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winiij32.rom,hFJVsGxIKd
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winizn32.rom,ZxTAPGfkMuiT
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winzfx32.rom,fIccyzzPBkf
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wincaz32.rom,xgFMTC
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, vigekufiwa=Rundll32.exe "[%SYSTEM%]\bafovudu.dll",s
- HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, vigekufiwa=Rundll32.exe "[%SYSTEM%]\bafovudu.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winapf32.rom,GReXPyN
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winjfb32.rom,OEQgHodDW
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Xwubigusud=rundll32.exe "[%WINDOWS%]\atavocog.dll",Startup
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ruzafaveda=Rundll32.exe "[%SYSTEM%]\zutozube.dll",s
- HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ruzafaveda=Rundll32.exe "[%SYSTEM%]\zutozube.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wineoy32.rom,sHvDfrm
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winzpm32.rom,QxlWtn
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winvct32.rom,uqPgaKCNE
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winnnv32.rom,GjwTMgsqtVl
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winmgy32.rom,hsqzUEgQVfkj
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winbwu32.rom,ejlaLoWQicz
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winmdb32.rom,DmRyhkiWXfjq
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kimepagup=Rundll32.exe "[%SYSTEM%]\lohugehi.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {1f338d32-89b8-4ad4-bd10-55497d13b460}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, bepijotel={1f338d32-89b8-4ad4-bd10-55497d13b460}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {fa3327f2-7c52-44f4-8f79-9cb402a6abab}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, kotakovum={fa3327f2-7c52-44f4-8f79-9cb402a6abab}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, konukudini=Rundll32.exe "waseyibe.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Xjuzuzojazij=rundll32.exe "[%WINDOWS%]\orekupugebudax.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winvdu32.rom,hKIHQT
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwiz32.rom,rkREoEgYWT
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ysajokezez=rundll32.exe "[%WINDOWS%]\jeselt2.dll",Startup
- HKEY_USERS\S-1-5-21-527237240-746137067-725345543-3170\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ysajokezez=rundll32.exe "[%WINDOWS%]\jeselt2.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winznh32.rom,QVtBeS
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Kwujitemekoku=rundll32.exe "[%LOCAL_APPDATA%]\opayihitamaga.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wineez32.rom,BOoBFWFmfOty
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winith32.rom,aUvkEPDpkyea
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Kfecariz=rundll32.exe "[%LOCAL_APPDATA%]\ohesadiyurega.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winigi32.rom,OGuZDtk
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winorh32.rom,ESpCXZfxMMR
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wintfn32.rom,vIQQeSY
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winpdc32.rom,eSTeta
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winhsx32.rom,QMqkNwBDhjI
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winxfp32.rom,msdNuNgeZ
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winxhs32.rom,TnlaJNDdsMB
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gebaliwubo=Rundll32.exe "[%SYSTEM%]\wejupaza.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMa7e9c2ff=Rundll32.exe "[%COMMON_APPDATA%]\hutikovu\hutikovu.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, a4daf163=rundll32.exe "[%COMMON_APPDATA%]\vetidika\vetidika.dll",b
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MS Juan=rundll32 "[%PROFILE_TEMP%]\yezplg.dll",run
- HKEY_USERS\S-1-5-21-2299526801-3753622128-3698376549-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gebaliwubo=Rundll32.exe "[%SYSTEM%]\wejupaza.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ntitetoh=rundll32.exe "[%WINDOWS%]\adigehusucamunum.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winvhw32.rom,SQZVRyROzpjy
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winqvg32.rom,LkvmzRbdZAn
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Kwujitemekoku=rundll32.exe "[%LOCAL_APPDATA%]\epilesoq.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwrv32.rom,EZFAMulre
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wineez32.rom,IdCHaa
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Xziforawum=rundll32.exe "[%WINDOWS%]\evigicey.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winghk32.rom,vNTzGSogN
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Twasoherajozap=rundll32.exe "[%WINDOWS%]\avedujug.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Sbutahas=rundll32.exe "[%WINDOWS%]\kbnvrsv.dll",Startup
- HKEY_USERS\S-1-5-21-2659374890-3187737282-1820904621-3247\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Sbutahas=rundll32.exe "[%WINDOWS%]\kbnvrsv.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winrji32.rom,fYhPPpBqWXQ
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winees32.rom,rxtkSzwlIFHg
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winhjn32.rom,CDgzlGVEI
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winkzh32.rom,nKVXLmAOJI
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winjes32.rom,EMqpXzFdf
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gebaliwubo=Rundll32.exe "[%SYSTEM%]\wejupaza.dll",s
- HKEY_USERS\S-1-5-21-2299526801-3753622128-3698376549-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gebaliwubo=Rundll32.exe "[%SYSTEM%]\wejupaza.dll",s
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gebaliwubo=Rundll32.exe "[%SYSTEM%]\wejupaza.dll",s
- HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gebaliwubo=Rundll32.exe "[%SYSTEM%]\wejupaza.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwcu32.rom,IRjaavTc
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {e66f2638-720e-4db7-8224-7ed8942a5594}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Jxiyeho=rundll32.exe "[%WINDOWS%]\ajuhamiroluqoti.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ypocekegubixudum=rundll32.exe "[%WINDOWS%]\ojovanuzafavina.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winhlt32.rom,DmRyhkiWXfjq
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Klunehibewavate=rundll32.exe "[%WINDOWS%]\dlmbms.dll",Startup
- HKEY_USERS\S-1-5-21-854245398-630328440-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Klunehibewavate=rundll32.exe "[%WINDOWS%]\dlmbms.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Nzutotevokomas=rundll32.exe "[%WINDOWS%]\ewudefayoqevi.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, awwuvtaudio=rundll32.exe "wvvsqp.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, qonnljaudio=rundll32.exe "wvvsqp.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cbxxvssys=rundll32.exe "vtuvvw.dll",s
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nnkjhgaudio=rundll32.exe "wvvsqp.dll",s
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, fcbayasys=rundll32.exe "vtuvvw.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nnkjhgaudio=rundll32.exe "wvvsqp.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, fcbayasys=rundll32.exe "vtuvvw.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, opoonnaudio=rundll32.exe "yabcbb.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, geecyxaudio=rundll32.exe "yabcbb.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nnomkisys=rundll32.exe "vtuvvw.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe windnb32.rom,DPPqZNI
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwss32.rom,jFDCdhl
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winqez32.rom,eSIjKENgbNcZ
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winigd32.rom,OnjtAt
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winigd32.rom,wGDvrF
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winllf32.rom,kGzeGWLcfHpI
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winsad32.rom,QlptgfNeyqJD
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\dedezaye.dll,[%SYSTEM%]\miposaho.dll,[%SYSTEM%]\vevinaho.dll,[%SYSTEM%]\runivito.dll
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winfcb32.rom,ROEHXGwnNMl
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winmxr32.rom,ppyCXlzVF
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winghk32.rom,NcrBiffHZ
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Eleyosi=rundll32.exe "[%WINDOWS%]\anebikehejonuq.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Yhicapaw=rundll32.exe "[%WINDOWS%]\olubihebajoganis.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 0c804a81=rundll32.exe "[%SYSTEM%]\kemtlube.dll",b
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, MSSMSGS=rundll32.exe wineay32.rom,xsYmOLW
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winepm32.rom,xsYmOLW
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wingaw32.rom,DtPyiUuJgM
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winxuj32.rom,wySUPZItp
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Fnajapoyowukatiy=rundll32.exe "[%WINDOWS%]\sdtiz32.dll",Startup
- HKEY_USERS\S-1-5-21-4268373108-3500565780-177044704-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Fnajapoyowukatiy=rundll32.exe "[%WINDOWS%]\sdtiz32.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winfnw32.rom,SXcarofqjNNK
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wincuv32.rom,JPWjeRttB
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwrv32.rom,AXVXzzrcpw
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winulo32.rom,rmnVHCrLA
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winjfp32.rom,OEQgHodDW
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winjdi32.rom,NIsybGQ
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {1f5f0160-20d8-4c4f-af4c-02ad925015cd}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Tcono=rundll32.exe "[%WINDOWS%]\enscdrd.dll",Startup
- HKEY_USERS\S-1-5-21-1495930392-540592891-2150735957-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Tcono=rundll32.exe "[%WINDOWS%]\enscdrd.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wineez32.rom,kQRgFNiaHh
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Qquxug=rundll32.exe "[%LOCAL_APPDATA%]\uguvusuk.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Avawulucasicuzoj=rundll32.exe "[%WINDOWS%]\okexekocubu.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winfnu32.rom,fFFJaPdhhKgL
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ljkkhhsys=rundll32.exe "hggday.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ljkkhhsys=rundll32.exe "hggday.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ldari=rundll32.exe "[%WINDOWS%]\exuvolupufaxawir.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ldobu=rundll32.exe "[%WINDOWS%]\atolanunevif.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Mravoqo=rundll32.exe "[%WINDOWS%]\umahumen.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winkep32.rom,sxyWGwmZpX
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Lhusiqama=rundll32.exe "[%LOCAL_APPDATA%]\uyesoxebuxe.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winocy32.rom,RLcFiW
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winbfc32.rom,craDXTC
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winpdc32.rom,GUTTRqpErI
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winzws32.rom,MYMPGbYfBl
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winoot32.rom,raKzJwFkxXC
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wincba32.rom,HGcelWwrDSHl
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winsgz32.rom,cUFnEv
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winohf32.rom,onMlqJY
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ftapanecatevihe=rundll32.exe "[%WINDOWS%]\exesayer.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winzyt32.rom,bwoKxqKWoSd
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winqxv32.rom,reTUqrOKubu
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winioa32.rom,hzcdTAH
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winoqv32.rom,JJTnqmZ
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winumd32.rom,fXpEiV
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winytj32.rom,efwSSDSOVV
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kejapeguv=Rundll32.exe "[%SYSTEM%]\huhugafe.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwpf32.rom,lEhDytjGL
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, fopedikew=Rundll32.exe "[%SYSTEM%]\titohoru.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {ace0102d-ff4e-4171-882c-89834b7acce2}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, puyavesel={ace0102d-ff4e-4171-882c-89834b7acce2}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Inujeweril=rundll32.exe "[%LOCAL_APPDATA%]\awifakoroxaz.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Inujeweril=rundll32.exe "[%LOCAL_APPDATA%]\awifakoroxaz.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Vhaqohoqusiwojiy=rundll32.exe "[%LOCAL_APPDATA%]\cmftre.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winfoa32.rom,GRmKtSU
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winzfx32.rom,bJQvLxVad
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winnfi32.rom,gvcyOxWTR
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winvsh32.rom,guRemj
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Eyamesogol=rundll32.exe "[%WINDOWS%]\asajihum.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Bvukozuvovepur=rundll32.exe "[%LOCAL_APPDATA%]\usodakipipadaxu.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winnmi32.rom,fHHWcxAUS
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winqqh32.rom,tlvAMgKCYXt
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwrj32.rom,ngWasOJ
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winrmj32.rom,bNiQIpck
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Hretedekos=rundll32.exe "[%LOCAL_APPDATA%]\agowubixax.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winppw32.rom,dfuwEKaI
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winjdi32.rom,iCejsLLUFTC
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Brujuhi=rundll32.exe "[%WINDOWS%]\apemopajeboyorad.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winswo32.rom,AdrTXaFM
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMab06601e=Rundll32.exe "[%SYSTEM%]\sogidona.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, a8355382=rundll32.exe "[%SYSTEM%]\kokejahu.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gukipafenu=Rundll32.exe "[%SYSTEM%]\suzezufu.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winpad32.rom,WhpVbag
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winaco32.rom,ZBPhczvq
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winjnu32.rom,dNuSzeM
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pukemajovo=Rundll32.exe "majiriho.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows, AppInit_DLLs=[%SYSTEM%]\guyuzera.dll,[%SYSTEM%]\wodezoga.dll
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wujesasoga=Rundll32.exe "[%SYSTEM%]\petolahu.dll",s
- HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wujesasoga=Rundll32.exe "[%SYSTEM%]\petolahu.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Mviridayiyukejub=rundll32.exe "[%LOCAL_APPDATA%]\aqiwiyelukigatek.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winofw32.rom,WfwkCzl
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winkep32.rom,PIKADP
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winjrj32.rom,BjdSgdoWSX
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwyt32.rom,FFtjmHNfZFF
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winlwm32.rom,eVAIVgSuG
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {ff64059d-4d2a-4d6b-aa0f-2ee4a2fe3856}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {8a290466-39bd-419b-93db-0e9599506654}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, efcbbxsys=rundll32.exe "awuspn.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wintpx32.rom,WREanTFtT
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe windzt32.rom,KEjFyFDpIE
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winvuw32.rom,ATBNjDi
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winlvh32.rom,QcRZprtIB
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wincba32.rom,ClFCLiyKfc
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winnfi32.rom,WMpNexE
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winddp32.rom,reyvgAUHjv
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winnaj32.rom,gSxPPKvIOnj
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Trodosaceve=rundll32.exe "[%WINDOWS%]\eqoyogom.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winggf32.rom,yXmCpCijS
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winuwf32.rom,LmAOYbOIbUk
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS="rundll32.exe" wineys32.rom,STBKQoDn
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winypt32.rom,LJvqSzrfF
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winmyb32.rom,mUxamwBlPTdf
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Sdagakoy=rundll32.exe "[%WINDOWS%]\igucaguh.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winuvz32.rom,avczedjkW
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winuzg32.rom,rGPuqoo
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winnig32.rom,yjPCSTeoXV
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Jrotifaquzacu=rundll32.exe "[%LOCAL_APPDATA%]\iqibamis.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ncipafuxuja=rundll32.exe "[%LOCAL_APPDATA%]\P32646.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winjki32.rom,ijUyzHCAOKYo
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wincuv32.rom,jCAstJbt
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Nnapabe=rundll32.exe "[%WINDOWS%]\uneliroquqof.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winjit32.rom,hETvuUSpWcxt
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Twoseguwivi=rundll32.exe "[%WINDOWS%]\igutariveha.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Vzeyogoyineba=rundll32.exe "[%WINDOWS%]\sdhiel.dll",Startup
- HKEY_USERS\S-1-5-21-2562994850-3373523545-1494372711-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Vzeyogoyineba=rundll32.exe "[%WINDOWS%]\sdhiel.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winhcj32.rom,igwaE
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winsgn32.rom,GAylmoLJVJl
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winith32.rom,UEDGonySax
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wvtsqpsys=rundll32.exe "qopppm.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cbyyaxsys=rundll32.exe "qopppm.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, vttuuvaudio=rundll32.exe "[%PROFILE_TEMP%]\efdaax.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, qonmliaudio=rundll32.exe "[%PROFILE_TEMP%]\ursqol.dll",s
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kheccasys=rundll32.exe "qopppm.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kheccasys=rundll32.exe "qopppm.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winapr32.rom,MqQOvqQ
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \SUEF.exe=[%WINDOWS%]\SUEF.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winnez32.rom,iVZbWVbm
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winbrv32.rom,zSiscGLl
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wingnr32.rom,PWXAdc
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winlku32.rom,LCReCVmUcY
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\wvUkJcYQ.dll,#1
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winbed32.rom,WwJWWTkpHXr
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Pxufus=rundll32.exe "[%WINDOWS%]\egozuxahowiloji.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwuq32.rom,gdnAIZvfk
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ujuzed=rundll32.exe "[%LOCAL_APPDATA%]\okodiwoni.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winsgz32.rom,yQhkiaRr
- HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kubuvijulu=Rundll32.exe "[%SYSTEM%]\titewiko.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winqdd32.rom,MsBBffrqIZnr
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe windly32.rom,afjzXkR
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \SUE11.exe=[%WINDOWS%]\SUE11.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \SUE10.exe=[%WINDOWS%]\SUE10.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \SUEF.exe=[%WINDOWS%]\SUEF.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \SUEE.exe=[%WINDOWS%]\SUEE.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \SUED.exe=[%WINDOWS%]\SUED.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \SUE11.exe=[%WINDOWS%]\SUE11.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \SUE10.exe=[%WINDOWS%]\SUE10.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \SUEE.exe=[%WINDOWS%]\SUEE.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \SUED.exe=[%WINDOWS%]\SUED.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwuq32.rom,dNuSzeM
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winkxs32.rom,IOMLLYBebY
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wingau32.rom,fEBNxZMlD
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winojm32.rom,gtToTdCzHXVI
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winuji32.rom,ttYxQJhypU
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winack32.rom,ZtVTHyMEd
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winoej32.rom,bjGZusuDSorP
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, Ukodomu=rundll32.exe "[%WINDOWS%]\urixomodor.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winbab32.rom,GvEQoIgoio
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winoej32.rom,oXkTJVYqUdV
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winvsh32.rom,dyPrtHSiWMKk
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winlku32.rom,ssklBcLjCOH
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winnxv32.rom,GaHrVMoLPtYH
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winapr32.rom,wZvlXWIFa
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winfcb32.rom,KTfGUVnOSZZ
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winxhs32.rom,XYFAqESVRjzQ
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winbfi32.rom,wETvOEHPmh
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winiym32.rom,lWOWYqVGK
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, lakudemusa=Rundll32.exe "[%SYSTEM%]\fivajubu.dll",s
- HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, lakudemusa=Rundll32.exe "[%SYSTEM%]\fivajubu.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winrtt32.rom,lcibJKdV
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winplk32.rom,VDjDjpv
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winscb32.rom,XMysckWUDFU
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Tqifakidalosa=rundll32.exe "[%WINDOWS%]\uECpng.dll",Startup
- HKEY_USERS\S-1-5-21-842925246-507921405-1417001333-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Tqifakidalosa=rundll32.exe "[%WINDOWS%]\uECpng.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winruq32.rom,NXepEw
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winrdz32.rom,gpyPYOU
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winajk32.rom,cItRVLAiQJl
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winghk32.rom,XYyBAKwczJSA
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winopy32.rom,DMrtwR
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winbyq32.rom,WAsQknV
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Whonoweturetoz=rundll32.exe "[%WINDOWS%]\uxigitulobomag.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winzfx32.rom,aYmvOpJyI
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Gmupohavo=rundll32.exe "[%WINDOWS%]\iyobasebiweyif.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winoma32.rom,BNqUpDsBRP
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winpqf32.rom,rIXUIATz
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winpbm32.rom,lgMLyLOLv
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Rmoxoyamuk=rundll32.exe "[%LOCAL_APPDATA%]\ozosexas.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winhlt32.rom,mWHPXlvaov
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, fazeyanid=Rundll32.exe "[%SYSTEM%]\vagivoho.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {fafa9d95-c0d4-4caf-98c0-ba4ba97af140}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, nozapewih={fafa9d95-c0d4-4caf-98c0-ba4ba97af140}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winaru32.rom,pVaqiIa
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wincui32.rom,KWJsDa
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winhdk32.rom,nNOaHWTSUap
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ppobi=rundll32.exe "[%WINDOWS%]\uharupoh.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winajk32.rom,lCJutDdcOucQ
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winhsx32.rom,zQmPWov
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winaia32.rom,vHfhAwoocE
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Fpajibotaxar=rundll32.exe "[%WINDOWS%]\ixijevoh.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS="rundll32.exe" winokv32.rom,uYdIDyisW
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winnez32.rom,oOPTxhRn
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwrj32.rom,IvKgTjihbS
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wingnr32.rom,KVBdaKEAcppF
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {37e10337-6a37-45bb-bb1a-146c7d2a6e73}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winoma32.rom,OKOOshfiYrjV
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winpfi32.rom,dOBVtBKiETQe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ckegejohehucuc=rundll32.exe "[%WINDOWS%]\afohoducexuc.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wincir32.rom,iTIptymSa
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wintuc32.rom,loNhnltUan
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winpbm32.rom,cppqRa
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winqnj32.rom,pENBgpFx
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winees32.rom,sxyWGwmZpX
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Jboxuha=rundll32.exe "[%WINDOWS%]\uwiyuboz.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe windho32.rom,mTwmID
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winphd32.rom,WgDezzFss
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winlmj32.rom,JlxDcfelX
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winruq32.rom,wrXDPLBYt
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winhcj32.rom,xeUpuhksb
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winnnv32.rom,hxRwHOLnxn
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BM9f8e7110=Rundll32.exe "[%SYSTEM%]\casrleig.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Eveme=rundll32.exe "[%LOCAL_APPDATA%]\anuxefenoy.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Bhecipuluk=rundll32.exe "[%LOCAL_APPDATA%]\KBDNl32.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winuiw32.rom,Qfocxk
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, monudihori=Rundll32.exe "[%SYSTEM%]\rudadiza.dll",s
- HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, monudihori=Rundll32.exe "[%SYSTEM%]\rudadiza.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winsgz32.rom,MYGIgn
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winajk32.rom,kvnfrB
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winzje32.rom,eWfIGBSeYrq
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winyoc32.rom,RQWntzPc
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wineez32.rom,JxtJthmtV
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winulo32.rom,SCyRtuQVJzsl
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winyxe32.rom,uJZZYt
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winvib32.rom,vrJxWNCO
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winpdj32.rom,IMhkYGx
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winjrj32.rom,eMHIIbqLfNSz
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winqnj32.rom,CSpGXtqp
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Pfepacosaqom=rundll32.exe "[%WINDOWS%]\uqikitenimiq.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winpcw32.rom,IORbLEhXN
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nnonklaudio=rundll32.exe "[%PROFILE_TEMP%]\tustro.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, efcabbsys=rundll32.exe "[%PROFILE_TEMP%]\opqopq.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mlkhfeaudio=rundll32.exe "[%PROFILE_TEMP%]\vttusp.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winapr32.rom,GMqGyeUYhyl
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winqrq32.rom,DRvAcDri
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winlwm32.rom,EejpWGaf
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winmty32.rom,GOGEyiMJkeM
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winlta32.rom,nxswBFLaci
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Vnudorukemomopu=rundll32.exe "[%LOCAL_APPDATA%]\imazekud.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Vnudorukemomopu=rundll32.exe "[%LOCAL_APPDATA%]\imazekud.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wineoy32.rom,nPSzWH
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winrjr32.rom,xceRFfVwO
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wincuv32.rom,bZXImrECMZs
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe windzt32.rom,vTUYJrhDEGsP
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winbfc32.rom,jBblJiPdDqC
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winrtt32.rom,lkbcmlE
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwrv32.rom,uycwbLJKK
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%SYSTEM%]\ljjhIxXN.dll,#1
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 1f096844=rundll32.exe "[%SYSTEM%]\dxqafkxq.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BM1c3a5bd8=Rundll32.exe "[%SYSTEM%]\urklxpdp.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winzhp32.rom,NbbRiwGJoj
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winuji32.rom,NLPzqjl
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winmyb32.rom,GENfixfOhYcT
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winytj32.rom,ItMJwDFZYEgB
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winrys32.rom,IgCAFaCBqzhf
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wincmm32.rom,botxvPHQ
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Rracigokidonotud=rundll32.exe "[%LOCAL_APPDATA%]\epojeruq.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winllf32.rom,iqwZoma
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winfqj32.rom,otvDpZ
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winioa32.rom,mLuAHLX
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winpdc32.rom,sXRqAszdRL
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwsf32.rom,ALADeCSwVO
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winzfx32.rom,ZZJgRFMUol
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Fzawasodefak=rundll32.exe "[%LOCAL_APPDATA%]\abuyucuc.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Kfoza=rundll32.exe "[%WINDOWS%]\wsdtuie.dll",Startup
- HKEY_USERS\S-1-5-21-2287921614-2037572747-741007621-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Kfoza=rundll32.exe "[%WINDOWS%]\wsdtuie.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winugx32.rom,kCLPHBTAaq
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winpgg32.rom,IsEbFl
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winyms32.rom,EZFAMulre
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winxmn32.rom,dHnDoGoJDKIU
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winjes32.rom,SRjWnJx
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winnsy32.rom,RlOvRLP
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wintfb32.rom,CaTtcNAPTh
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winvna32.rom,PqtpzP
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winmyb32.rom,zigfjuc
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winsgz32.rom,ETQtaHTZ
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run (Disabled by UltimateTroubleshooter), 1c16ebac=rundll32.exe "[%SYSTEM%]\domeroha.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run (Disabled by UltimateTroubleshooter), nudanifuji=Rundll32.exe "[%SYSTEM%]\jubetufa.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nudanifuji=Rundll32.exe "[%SYSTEM%]\jubetufa.dll",s
- HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nudanifuji=Rundll32.exe "[%SYSTEM%]\loseteni.dll",s
- HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nudanifuji=Rundll32.exe "[%SYSTEM%]\loseteni.dll",s
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nudanifuji=Rundll32.exe "[%SYSTEM%]\jubetufa.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winwsf32.rom,trdkagM
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {166bcb27-fcfd-4588-9bdb-44fc6a02ef35}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {0cf5d165-517e-48b6-b3c7-3054a24f8bf6}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wingkc32.rom,aDxuzc
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Pzeligusu=rundll32.exe "[%WINDOWS%]\emaxifokelodasod.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Bqamogomusi=rundll32.exe "[%WINDOWS%]\qdiacs.dll",Startup
- HKEY_USERS\S-1-5-21-3985213299-499050416-296140448-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Bqamogomusi=rundll32.exe "[%WINDOWS%]\qdiacs.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winvfe32.rom,MvChDQb
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winmws32.rom,pZtHENHKnewi
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, khijkidrv=rundll32.exe "ddbaaw.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pmlklidrv=rundll32.exe "ddbaaw.dll",s
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gedaawdrv=rundll32.exe "ddbaaw.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gedaawdrv=rundll32.exe "ddbaaw.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winopc32.rom,OvxWRCZ
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winfnw32.rom,WGuozMzgB
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winlta32.rom,CEpReXfnXjA
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winyrz32.rom,VJNrRorRd
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wintuc32.rom,IGTefsON
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winhcj32.rom,pfWGOQxO
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Xruwagijobake=rundll32.exe "[%LOCAL_APPDATA%]\blsxip.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winmjs32.rom,ujaIGGigbqQj
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winkhn32.rom,rSarEFcYzbJi
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winkcz32.rom,lUawTQ
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSServer=rundll32.exe [%PROFILE_TEMP%]\hgGvtSjI.dll,#1
Scan your system registry for FREE
CURIOLAB S.M.B.A., Amagertorv 15, 2, 1160 Copenhagen K, Denmark, +45.36965533