Top 10 virus alerts
Latest 10 malware files
Testimonials
You guys are freakin' awesome, love the program, love the personalized service, and my pc loves it too :D
Justin S.
Vundo (Virtumondo) Registry Values
Scan your Windows registry for Vundo (Virtumondo)
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {1bb2fd70-8030-4dc9-8006-37153649c485}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, puyotodes={1bb2fd70-8030-4dc9-8006-37153649c485}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pubizetar=Rundll32.exe "[%COMMON_APPDATA%]\gikosiha\gikosiha.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Sgapenoyiv=rundll32.exe "[%WINDOWS%]\eyekanugazixo.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, vkqzej=RUNDLL32.EXE [%WINDOWS%]\TEMP\msjuehus.dll,w
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sofozetoz=Rundll32.exe "[%SYSTEM%]\yifiroso.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {19c60c1c-639f-413e-8d4c-a2304bbe9600}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, yesimomad={19c60c1c-639f-413e-8d4c-a2304bbe9600}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Cziriqiyon=rundll32.exe "[%WINDOWS%]\udazitoh.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Hjoyerewehapa=rundll32.exe "[%WINDOWS%]\oxemuyix.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, vipopimija=Rundll32.exe "[%COMMON_APPDATA%]\matizava\matizava.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, vogevagup=Rundll32.exe "[%SYSTEM%]\neduwozi.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {fbdc237d-5462-44a9-8a03-0bb0977fae3d}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, vogibetid={fbdc237d-5462-44a9-8a03-0bb0977fae3d}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Olububitu=rundll32.exe "[%WINDOWS%]\efoyiniy.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gowufowij=Rundll32.exe "[%SYSTEM%]\wukanipo.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {4387d621-3427-4f0d-9ae4-c87fd3e022de}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, fivohifeg={4387d621-3427-4f0d-9ae4-c87fd3e022de}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, butarogad=Rundll32.exe "[%SYSTEM%]\wutupile.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {ae29f360-56bc-4363-8aac-3d06d0e9cf92}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, hehajoroj={ae29f360-56bc-4363-8aac-3d06d0e9cf92}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {a5f1f916-d70d-44f0-ad94-d374957c4dd8}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, fosobimas={a5f1f916-d70d-44f0-ad94-d374957c4dd8}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {c1094ce3-3726-480a-9f8b-4d8522ca72fa}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, yajifetef={c1094ce3-3726-480a-9f8b-4d8522ca72fa}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {85ab8adb-0757-4ac8-9d06-816713df10e1}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, pupapinop={85ab8adb-0757-4ac8-9d06-816713df10e1}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {eb662af6-d484-4aa7-9b19-d51e02f44ebd}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, lobevibul={eb662af6-d484-4aa7-9b19-d51e02f44ebd}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, butarogad=Rundll32.exe "[%SYSTEM%]\gukuyesa.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {9740f4c6-3cde-4ad8-a579-aa6df2b0e5a4}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, makikokoj={9740f4c6-3cde-4ad8-a579-aa6df2b0e5a4}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURCE75.exe=[%SYSTEM%]\YURCE75.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURDD63.exe=[%SYSTEM%]\YURDD63.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD42F.exe=[%SYSTEM%]\YURD42F.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURDDDF.exe=[%SYSTEM%]\YURDDDF.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1402.exe=[%SYSTEM%]\YUR1402.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURFD47.exe=[%SYSTEM%]\YURFD47.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURE0D2.exe=[%SYSTEM%]\YURE0D2.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR90A2.exe=[%SYSTEM%]\YUR90A2.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR4571.exe=[%SYSTEM%]\YUR4571.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR4E3E.exe=[%SYSTEM%]\YUR4E3E.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR6977.exe=[%SYSTEM%]\YUR6977.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURAA3A.exe=[%SYSTEM%]\YURAA3A.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR282C.exe=[%SYSTEM%]\YUR282C.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR60A6.exe=[%SYSTEM%]\YUR60A6.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD545.exe=[%SYSTEM%]\YURD545.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB8AE.exe=[%SYSTEM%]\YURB8AE.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2DE9.exe=[%SYSTEM%]\YUR2DE9.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB34A.exe=[%SYSTEM%]\YURB34A.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR8240.exe=[%SYSTEM%]\YUR8240.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURFB52.exe=[%SYSTEM%]\YURFB52.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR59F1.exe=[%SYSTEM%]\YUR59F1.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR24AF.exe=[%SYSTEM%]\YUR24AF.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURBFA6.exe=[%SYSTEM%]\YURBFA6.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURAF03.exe=[%SYSTEM%]\YURAF03.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2B7A.exe=[%SYSTEM%]\YUR2B7A.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1F0C.exe=[%SYSTEM%]\YUR1F0C.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB5E.exe=[%SYSTEM%]\YURB5E.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3AED.exe=[%SYSTEM%]\YUR3AED.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD44E.exe=[%SYSTEM%]\YURD44E.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURCA50.exe=[%SYSTEM%]\YURCA50.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD097.exe=[%SYSTEM%]\YURD097.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURC57F.exe=[%SYSTEM%]\YURC57F.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3DFC.exe=[%SYSTEM%]\YUR3DFC.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD384.exe=[%SYSTEM%]\YURD384.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURCCDF.exe=[%SYSTEM%]\YURCCDF.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURC976.exe=[%SYSTEM%]\YURC976.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR7E91.exe=[%SYSTEM%]\YUR7E91.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURC6E.exe=[%SYSTEM%]\YURC6E.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR8246.exe=[%SYSTEM%]\YUR8246.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR7F24.exe=[%SYSTEM%]\YUR7F24.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURFE10.exe=[%SYSTEM%]\YURFE10.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR51B7.exe=[%SYSTEM%]\YUR51B7.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR15C8.exe=[%SYSTEM%]\YUR15C8.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR92EF.exe=[%SYSTEM%]\YUR92EF.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURA12B.exe=[%SYSTEM%]\YURA12B.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR266D.exe=[%SYSTEM%]\YUR266D.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURCA54.exe=[%SYSTEM%]\YURCA54.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR4FA6.exe=[%SYSTEM%]\YUR4FA6.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD4E8.exe=[%SYSTEM%]\YURD4E8.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR5A3A.exe=[%SYSTEM%]\YUR5A3A.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURDF7C.exe=[%SYSTEM%]\YURDF7C.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR64CD.exe=[%SYSTEM%]\YUR64CD.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR6F42.exe=[%SYSTEM%]\YUR6F42.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR284E.exe=[%SYSTEM%]\YUR284E.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURAC68.exe=[%SYSTEM%]\YURAC68.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURBB43.exe=[%SYSTEM%]\YURBB43.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURBF3A.exe=[%SYSTEM%]\YURBF3A.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR79B2.exe=[%SYSTEM%]\YUR79B2.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURDDDF.exe=[%SYSTEM%]\YURDDDF.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1402.exe=[%SYSTEM%]\YUR1402.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURFD47.exe=[%SYSTEM%]\YURFD47.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURE0D2.exe=[%SYSTEM%]\YURE0D2.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR90A2.exe=[%SYSTEM%]\YUR90A2.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR4571.exe=[%SYSTEM%]\YUR4571.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR4E3E.exe=[%SYSTEM%]\YUR4E3E.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR6977.exe=[%SYSTEM%]\YUR6977.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURAA3A.exe=[%SYSTEM%]\YURAA3A.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR282C.exe=[%SYSTEM%]\YUR282C.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR60A6.exe=[%SYSTEM%]\YUR60A6.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD545.exe=[%SYSTEM%]\YURD545.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB8AE.exe=[%SYSTEM%]\YURB8AE.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2DE9.exe=[%SYSTEM%]\YUR2DE9.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB34A.exe=[%SYSTEM%]\YURB34A.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR8240.exe=[%SYSTEM%]\YUR8240.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURFB52.exe=[%SYSTEM%]\YURFB52.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR59F1.exe=[%SYSTEM%]\YUR59F1.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR24AF.exe=[%SYSTEM%]\YUR24AF.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2B7A.exe=[%SYSTEM%]\YUR2B7A.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1F0C.exe=[%SYSTEM%]\YUR1F0C.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB5E.exe=[%SYSTEM%]\YURB5E.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURC57F.exe=[%SYSTEM%]\YURC57F.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR3DFC.exe=[%SYSTEM%]\YUR3DFC.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURCCDF.exe=[%SYSTEM%]\YURCCDF.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURC976.exe=[%SYSTEM%]\YURC976.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR8246.exe=[%SYSTEM%]\YUR8246.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR7F24.exe=[%SYSTEM%]\YUR7F24.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURFE10.exe=[%SYSTEM%]\YURFE10.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR51B7.exe=[%SYSTEM%]\YUR51B7.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR15C8.exe=[%SYSTEM%]\YUR15C8.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR92EF.exe=[%SYSTEM%]\YUR92EF.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURA12B.exe=[%SYSTEM%]\YURA12B.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR266D.exe=[%SYSTEM%]\YUR266D.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURCA54.exe=[%SYSTEM%]\YURCA54.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR4FA6.exe=[%SYSTEM%]\YUR4FA6.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURD4E8.exe=[%SYSTEM%]\YURD4E8.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR5A3A.exe=[%SYSTEM%]\YUR5A3A.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURDF7C.exe=[%SYSTEM%]\YURDF7C.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR64CD.exe=[%SYSTEM%]\YUR64CD.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR6F42.exe=[%SYSTEM%]\YUR6F42.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR284E.exe=[%SYSTEM%]\YUR284E.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURAC68.exe=[%SYSTEM%]\YURAC68.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURBB43.exe=[%SYSTEM%]\YURBB43.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURE794.exe=[%SYSTEM%]\YURE794.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURFABE.exe=[%SYSTEM%]\YURFABE.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR8000.exe=[%SYSTEM%]\YUR8000.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR542.exe=[%SYSTEM%]\YUR542.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR8A75.exe=[%SYSTEM%]\YUR8A75.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2133.exe=[%SYSTEM%]\YUR2133.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURA666.exe=[%SYSTEM%]\YURA666.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR2B98.exe=[%SYSTEM%]\YUR2B98.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURB3E3.exe=[%SYSTEM%]\YURB3E3.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YURBF3A.exe=[%SYSTEM%]\YURBF3A.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR79B2.exe=[%SYSTEM%]\YUR79B2.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Bnawo=rundll32.exe "[%WINDOWS%]\afabivepasuyax.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {DC192567-65F9-4AB6-ADB7-E13575F81726}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, BMfb37e6c1=Rundll32.exe "[%SYSTEM%]\njfigvkd.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yiyarobuwa=Rundll32.exe "[%SYSTEM%]\votojoye.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mopanoboy=Rundll32.exe "[%SYSTEM%]\pebudeba.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {aea5f5a6-9e94-4144-a0a2-241954838f08}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, geramobil={aea5f5a6-9e94-4144-a0a2-241954838f08}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, zovafiyuf=Rundll32.exe "[%SYSTEM%]\zukepive.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {fc808754-fc32-4c14-8e4a-873f3f34137c}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, rogeyamid={fc808754-fc32-4c14-8e4a-873f3f34137c}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {2eadd8bd-1e3e-4841-bde5-70e274cd2eb4}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, hagebimis={2eadd8bd-1e3e-4841-bde5-70e274cd2eb4}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {f1dc1171-b033-4ef3-8474-a7b6eea169a6}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, tinetazol={f1dc1171-b033-4ef3-8474-a7b6eea169a6}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {1672f7bc-e404-44fe-81ba-e5ff2f661ea0}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, ditowoyij={1672f7bc-e404-44fe-81ba-e5ff2f661ea0}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, laneliwah=Rundll32.exe "[%SYSTEM%]\yerehute.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Yjiceq=rundll32.exe "[%WINDOWS%]\ocajehuco.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kamupojum=Rundll32.exe "[%SYSTEM%]\zobayoha.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {c6169af7-3e71-4474-babf-5687dfbd96f6}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, gobavivoj={c6169af7-3e71-4474-babf-5687dfbd96f6}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {db9946ab-ed1a-4c07-99db-6366fc21355c}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, lumotagib={db9946ab-ed1a-4c07-99db-6366fc21355c}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, merisuyote=Rundll32.exe "nulohonu.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sofozetoz=Rundll32.exe "[%SYSTEM%]\bovenage.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {0ccb3d79-4c36-4f85-a656-f54ba2b4b0f9}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, jehonomus={0ccb3d79-4c36-4f85-a656-f54ba2b4b0f9}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ipenaxijumafuxu=rundll32.exe "[%WINDOWS%]\ovababuyu.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wiyutapab=Rundll32.exe "[%SYSTEM%]\lodiziye.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, walanufad=Rundll32.exe "[%SYSTEM%]\nufifini.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, lomivejehu=Rundll32.exe "todolaze.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yetajegep=Rundll32.exe "[%SYSTEM%]\yiyagefi.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {7c3ccc75-b549-4a77-8108-401ba23478ad}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, vehapotuf={7c3ccc75-b549-4a77-8108-401ba23478ad}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gowufowij=Rundll32.exe "[%SYSTEM%]\ravufuge.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {cbe667dc-9397-4e4c-bfa6-3c2107520461}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, podebunud={cbe667dc-9397-4e4c-bfa6-3c2107520461}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {d51a0e4b-891b-4b12-a1d5-cd92d637583e}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, fasafudog={d51a0e4b-891b-4b12-a1d5-cd92d637583e}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gowufowij=Rundll32.exe "[%SYSTEM%]\huwifibe.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {e9256318-31ab-4c14-b6ed-effb58377a31}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, popihumuy={e9256318-31ab-4c14-b6ed-effb58377a31}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Fjosohuv=rundll32.exe "[%WINDOWS%]\ikiyiyimevoco.dll",Startup
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00F80F124.exe=[%PROFILE_TEMP%]\_A00F80F124.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00FE7C93.exe=[%PROFILE_TEMP%]\_A00FE7C93.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, dumivasoz=Rundll32.exe "[%SYSTEM%]\yunukino.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {872154b1-11d1-4167-b707-a2c5611b3ad8}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, birayamib={872154b1-11d1-4167-b707-a2c5611b3ad8}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 74caf84a=rundll32.exe "[%SYSTEM%]\vedilune.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM77f9cbd6=Rundll32.exe "[%SYSTEM%]\yugovuji.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, tobikigabe=Rundll32.exe "[%SYSTEM%]\renazuvi.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, tzzsmt=RUNDLL32.EXE [%SYSTEM%]\msgxkyxg.dll,w
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, zusimoziy=Rundll32.exe "[%SYSTEM%]\bakovoti.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 0cbaf6e3=rundll32.exe "[%SYSTEM%]\dghfxsvy.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ymezikapawo=rundll32.exe "[%WINDOWS%]\itajejifigo.dll",e
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Pvorobecebepa=rundll32.exe "[%WINDOWS%]\Lporetakobilob.dll",e
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {f64959b8-1a3e-4dcd-8ff0-9a94ddb3d6f7}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run (Disabled by Starter), 20e885ea=rundll32.exe "[%SYSTEM%]\rujolxqs.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run (Disabled by Starter), BM23dbb676=Rundll32.exe "[%SYSTEM%]\dsfwmshm.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pubizetar=Rundll32.exe "[%COMMON_APPDATA%]\gihujasu\gihujasu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMcf1b5b02=Rundll32.exe "[%SYSTEM%]\bulopazo.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cc28689e=rundll32.exe "[%SYSTEM%]\duweweba.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, heyavubabo=Rundll32.exe "[%SYSTEM%]\dozepiwa.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mopanoboy=Rundll32.exe "[%SYSTEM%]\kalerazo.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {e5a82f38-4813-47eb-b054-4c7c7fb87aae}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, robivabin={e5a82f38-4813-47eb-b054-4c7c7fb87aae}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nubuhowik=Rundll32.exe "[%SYSTEM%]\kehitulo.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {0d72385e-7e89-4789-bdfd-9f3cc776a545}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, lotirofef={0d72385e-7e89-4789-bdfd-9f3cc776a545}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hituvivur=Rundll32.exe "[%SYSTEM%]\zuziberi.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {f30fa0cd-02d6-44ef-8149-1b7365a8b8e3}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, pivuwanib={f30fa0cd-02d6-44ef-8149-1b7365a8b8e3}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winrtt32.rom,vAmXjLAcsgvU
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sirikimow=Rundll32.exe "[%SYSTEM%]\vozutiso.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {e89394ce-55a2-4453-a4be-5d021d25ffda}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, beziyewoy={e89394ce-55a2-4453-a4be-5d021d25ffda}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Uhejufoqi=rundll32.exe "[%WINDOWS%]\exuhabucuyajas.dll",e
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kamupojum=Rundll32.exe "[%SYSTEM%]\viwuzule.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {559a7410-fb2c-4f47-a82a-db3974242921}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, vomehotep={559a7410-fb2c-4f47-a82a-db3974242921}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Fduguhoxajedecod=rundll32.exe "[%WINDOWS%]\eceyazadahigu.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pedokajiv=Rundll32.exe "[%SYSTEM%]\letaduwa.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Mvibaxeqe=rundll32.exe "[%WINDOWS%]\ilusocacezafiteq.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunAdvanced Uninstaller, kirikiwet=Rundll32.exe "[%SYSTEM%]\jojubasa.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kirikiwet=Rundll32.exe "[%SYSTEM%]\nuyajuku.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {131c63c0-5c8b-43a9-ad44-1a31d9a9d6fb}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, davupeles={131c63c0-5c8b-43a9-ad44-1a31d9a9d6fb}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR18B.exe=[%SYSTEM%]\YUR18B.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR18B.exe=[%SYSTEM%]\YUR18B.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR18C.exe=[%SYSTEM%]\YUR18C.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR18C.exe=[%SYSTEM%]\YUR18C.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1A3.exe=[%SYSTEM%]\YUR1A3.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR1A3.exe=[%SYSTEM%]\YUR1A3.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR18A.exe=[%SYSTEM%]\YUR18A.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR189.exe=[%SYSTEM%]\YUR189.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR18A.exe=[%SYSTEM%]\YUR18A.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, \YUR189.exe=[%SYSTEM%]\YUR189.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {dd153fdb-e2fb-40d2-8e36-f21c36b51dad}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {78ba8b42-aaa3-46af-90af-7f395a40c6e4}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cdrzli=RUNDLL32.EXE [%SYSTEM%]\msptfpxi.dll,w
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, rofimakup=Rundll32.exe "[%SYSTEM%]\nonabefa.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {067caf66-1e8e-4afe-95c7-32332eba086c}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, sibegaruj={067caf66-1e8e-4afe-95c7-32332eba086c}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wihinubuj=Rundll32.exe "[%SYSTEM%]\vozigoji.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {960f4540-447a-4ec3-93e9-c4cb5a52e63c}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, wominavoz={960f4540-447a-4ec3-93e9-c4cb5a52e63c}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Qbebicapaqek=rundll32.exe "[%WINDOWS%]\oliwogepukogibux.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, tosibodep=Rundll32.exe "[%SYSTEM%]\gikuzese.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ytovecag=rundll32.exe "[%WINDOWS%]\osiqudolemahedi.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mokotepad=Rundll32.exe "[%SYSTEM%]\tugekevo.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {5ada137c-6427-4666-8e6f-1501e479d7a8}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, fajajiduk={5ada137c-6427-4666-8e6f-1501e479d7a8}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, diganubog=Rundll32.exe "[%SYSTEM%]\rumikegu.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {ab4864ad-c005-45d1-a1f4-979e16b7cf8a}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, heketetaz={ab4864ad-c005-45d1-a1f4-979e16b7cf8a}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winrzy32.rom,QVtBeS
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hisorirat=Rundll32.exe "[%SYSTEM%]\zeginizo.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {972b18fa-2689-4381-83fe-0f5b17e5b4aa}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, dugubasew={972b18fa-2689-4381-83fe-0f5b17e5b4aa}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, dumivasoz=Rundll32.exe "[%SYSTEM%]\nadusifa.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {642de448-59b0-4464-9bf0-4a08705197ce}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, foduwotuy={642de448-59b0-4464-9bf0-4a08705197ce}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yebefevaf=Rundll32.exe "[%SYSTEM%]\subirahu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, zuzilajen=Rundll32.exe "[%SYSTEM%]\golayahu.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {dffb3342-d88d-480b-aec0-75c683aeac24}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, lutulisat={dffb3342-d88d-480b-aec0-75c683aeac24}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, masasovif=Rundll32.exe "[%SYSTEM%]\fefirifu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, duyosepayu=Rundll32.exe "wukahuro.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, duyosepayu=Rundll32.exe "wukahuro.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {c8783a17-226c-4bf2-ae0e-8b487e21f09a}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, bejesagen={c8783a17-226c-4bf2-ae0e-8b487e21f09a}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, jelitagov=Rundll32.exe "[%SYSTEM%]\subapade.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, tugegalibo=Rundll32.exe "jobagiyu.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, larariven=Rundll32.exe "[%SYSTEM%]\niyihese.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yazunabod=Rundll32.exe "[%SYSTEM%]\konowahu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yusasehab=Rundll32.exe "[%SYSTEM%]\zubufoba.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {63396dd5-a6db-4b52-b388-4103e56917a3}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, juyizirek={63396dd5-a6db-4b52-b388-4103e56917a3}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, tikawitog=Rundll32.exe "[%SYSTEM%]\rusavili.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {5ff554e7-45dd-49df-981c-fa72cdc6e298}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, dapuliluh={5ff554e7-45dd-49df-981c-fa72cdc6e298}
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run, A00FF93C.exe=[%PROFILE_TEMP%]\_A00FF93C.exe
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, __c004C470=rundll32.exe "[%PROFILE_TEMP%]\__c004C470.dat",B
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pavititava=Rundll32.exe "fakuzawe.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sofozetoz=Rundll32.exe "[%SYSTEM%]\zakawuli.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM59330064=Rundll32.exe "[%COMMON_APPDATA%]\rahuguzi\rahuguzi.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, satomepumo=Rundll32.exe "[%COMMON_APPDATA%]\titeyota\titeyota.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Fpeve=rundll32.exe "[%WINDOWS%]\eyazuzeq.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, nubuhowik=Rundll32.exe "[%SYSTEM%]\nezusena.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Etufo=rundll32.exe "[%WINDOWS%]\Qciduxegeqeluwen.dll",e
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hizupujino=Rundll32.exe "foyuroke.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {476ad59e-c6b1-4e59-8d0c-3179748345e5}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, gifoborit={476ad59e-c6b1-4e59-8d0c-3179748345e5}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, venugurah=Rundll32.exe "[%SYSTEM%]\zubadira.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, rilavozem=Rundll32.exe "[%SYSTEM%]\vavanoho.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {d291cdd0-d66d-4d04-85bf-be362bc72525}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, wagugadoy={d291cdd0-d66d-4d04-85bf-be362bc72525}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yumobahewo=Rundll32.exe "tavigowe.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gekuredew=Rundll32.exe "[%SYSTEM%]\yirunonu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Wceyijamehiga=rundll32.exe "[%WINDOWS%]\udefoqiw.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yezejivis=Rundll32.exe "[%SYSTEM%]\nolevodo.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {43ac3004-0420-4440-84cf-c83e7bab9078}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, lopamelap={43ac3004-0420-4440-84cf-c83e7bab9078}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, tuhejetav=Rundll32.exe "[%SYSTEM%]\japidahu.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {f406bba8-6660-45d1-be34-623f1b5d4da3}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, fubesiniy={f406bba8-6660-45d1-be34-623f1b5d4da3}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {53fe12c2-4429-488f-847b-7b285f8f6778}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {99972d1b-964e-49ec-92f4-1eb39f4810a5}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Nlae="[%PERSONAL%]\SKS~1\userinit.exe" -vt yazb
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ewaremiz=rundll32.exe "[%WINDOWS%]\oxeciquci.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, masasovif=Rundll32.exe "[%SYSTEM%]\kufoluru.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {2d714b64-001c-4fbe-8514-3d26edc9059c}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, jikefadil={2d714b64-001c-4fbe-8514-3d26edc9059c}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kohavosat=Rundll32.exe "[%SYSTEM%]\fivikeka.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {0bc63db7-2ac1-458e-87ba-5dde5dbca8fb}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, vinigebop={0bc63db7-2ac1-458e-87ba-5dde5dbca8fb}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kohavosat=Rundll32.exe "[%SYSTEM%]\gigivada.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {3e3c32e4-479d-4bbd-9549-8624396c4e2b}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, wisamajom={3e3c32e4-479d-4bbd-9549-8624396c4e2b}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, funeguley=Rundll32.exe "[%SYSTEM%]\saleluwo.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {15335dfa-f542-4e13-8972-6c8088d6d2b9}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, niridayip={15335dfa-f542-4e13-8972-6c8088d6d2b9}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, lebobanik=Rundll32.exe "[%SYSTEM%]\jijawomu.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {1c525da0-0c12-49ef-985a-ae92d3955954}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, fosumevuj={1c525da0-0c12-49ef-985a-ae92d3955954}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, vosojevep=Rundll32.exe "[%SYSTEM%]\wenijalu.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {a8315074-d616-4d05-9c05-56e25c94944c}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, nidugumav={a8315074-d616-4d05-9c05-56e25c94944c}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, bisikisow=Rundll32.exe "[%SYSTEM%]\ruwiraje.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, damalotom=Rundll32.exe "[%SYSTEM%]\lugesate.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {ec8ea5e1-ab4f-4a14-b7de-427917a523fe}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, lotovurul={ec8ea5e1-ab4f-4a14-b7de-427917a523fe}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winpdc32.rom,pnQFwTbZ
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ladojoyab=Rundll32.exe "[%SYSTEM%]\retaviye.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {84989cbc-d92a-4698-84e0-72cb1e2c84b3}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, fikevasat={84989cbc-d92a-4698-84e0-72cb1e2c84b3}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, lebobanik=Rundll32.exe "[%SYSTEM%]\deranodu.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {ddc79f67-77c1-4890-a02a-8b5325483688}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, fiforurep={ddc79f67-77c1-4890-a02a-8b5325483688}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, subugevem=Rundll32.exe "[%SYSTEM%]\kutinofa.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {6d389d7f-b603-4fca-a7c3-c69c6c3ffdcc}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, nakinetar={6d389d7f-b603-4fca-a7c3-c69c6c3ffdcc}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yevosahat=Rundll32.exe "[%SYSTEM%]\liluyazo.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, filoribapa=Rundll32.exe "tuvumuge.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {a3e9d4f4-48a8-4acb-9caf-87062b833aac}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, zulahewem={a3e9d4f4-48a8-4acb-9caf-87062b833aac}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {8298d98f-7b9d-4dfc-9ad8-f622cf4b705d}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, yihudetek={8298d98f-7b9d-4dfc-9ad8-f622cf4b705d}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {9865387d-b6b7-48f1-bc03-7b116230c88a}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, kuyanajop={9865387d-b6b7-48f1-bc03-7b116230c88a}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {23b3a649-e562-41c0-a911-57afc3843f84}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, nerehobur={23b3a649-e562-41c0-a911-57afc3843f84}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hapoyewaj=Rundll32.exe "[%SYSTEM%]\dajifuji.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, zulogagad=Rundll32.exe "[%SYSTEM%]\nipedehu.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {8f580e51-4412-4a0b-b776-1e8829dbcd5f}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, wivoyugab={8f580e51-4412-4a0b-b776-1e8829dbcd5f}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, zuzilajen=Rundll32.exe "[%SYSTEM%]\juneteyo.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {1765ea0d-da5b-4a97-b099-94dc678301c3}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, fasotapon={1765ea0d-da5b-4a97-b099-94dc678301c3}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wuvekipub=Rundll32.exe "[%SYSTEM%]\seduvumo.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wuvekipub=Rundll32.exe "[%SYSTEM%]\seduvumo.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wihinubuj=Rundll32.exe "[%SYSTEM%]\pewafahu.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {9c467e52-c15a-41df-9376-adc6d6a7bd2b}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, hofigopey={9c467e52-c15a-41df-9376-adc6d6a7bd2b}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, gosuvuyak=Rundll32.exe "[%SYSTEM%]\sapawoma.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, boyunirodi=Rundll32.exe "gojowahu.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {9881cc9c-ed0d-4323-b461-a09e4b99dda5}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, milevufom={9881cc9c-ed0d-4323-b461-a09e4b99dda5}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, zevuwenur=Rundll32.exe "[%SYSTEM%]\kihipapo.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {003fdc95-a24d-4a5a-bef8-265fbff12a32}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, fozesifup={003fdc95-a24d-4a5a-bef8-265fbff12a32}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pakonewih=Rundll32.exe "[%SYSTEM%]\sotuwino.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {1f585a2e-2822-45dd-98e8-b8ccc9bdc251}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, yenomomal={1f585a2e-2822-45dd-98e8-b8ccc9bdc251}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Bnawo=rundll32.exe "[%WINDOWS%]\ojiyegan.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winzws32.rom,yKvuuvaqBcM
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hisorirat=Rundll32.exe "[%SYSTEM%]\dejezibi.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {20da6959-314f-4527-8b4d-70c7425e706d}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, dodomutij={20da6959-314f-4527-8b4d-70c7425e706d}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPMe75a1427=Rundll32.exe "[%SYSTEM%]\johuloze.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, e46927bb=rundll32.exe "[%SYSTEM%]\hilavabi.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, potumumagi=Rundll32.exe "[%SYSTEM%]\zawomebe.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Ctivabafojocetu=rundll32.exe "[%WINDOWS%]\educiqus.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Plaxufo=rundll32.exe "[%WINDOWS%]\ulehaqitejigucin.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {9d0d1fd2-d1a2-40e7-94f3-a9db5e7672ea}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, tayujuhef=Rundll32.exe "[%SYSTEM%]\mikanazu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, 04eb2d23=rundll32.exe "[%SYSTEM%]\ehpkybin.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Olububitu=rundll32.exe "[%WINDOWS%]\oruxisigihajile.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, wevehinam=Rundll32.exe "[%SYSTEM%]\yinazeku.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, lomivejehu=Rundll32.exe "todolaze.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {e892e176-571b-4e0c-9724-9acdf4956f1c}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, papotuwoh={e892e176-571b-4e0c-9724-9acdf4956f1c}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pubizetar=Rundll32.exe "[%COMMON_APPDATA%]\rilalelu\rilalelu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, c4f69241=rundll32.exe "[%SYSTEM%]\liwoduki.dll",b
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sadurumiso=Rundll32.exe "[%SYSTEM%]\welakeko.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winpij32.rom,oemnRmllchwu
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, zulogagad=Rundll32.exe "[%SYSTEM%]\suluyeba.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {665f28e6-1ef7-458d-bd0b-ac7c3151f9ed}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, nugofuket={665f28e6-1ef7-458d-bd0b-ac7c3151f9ed}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, zulogagad=Rundll32.exe "[%SYSTEM%]\mewezilu.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {d216788e-9cc6-4445-8b6c-bfd618f771a1}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, jumemanow={d216788e-9cc6-4445-8b6c-bfd618f771a1}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winddp32.rom,mUirClVUKqd
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mabasepipa=Rundll32.exe "[%SYSTEM%]\bisepufi.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mabasepipa=Rundll32.exe "[%SYSTEM%]\bisepufi.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sapuniyaw=Rundll32.exe "[%SYSTEM%]\wawavara.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {5f948be4-217c-4aec-bf0d-32618d3fad23}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, fewakarag={5f948be4-217c-4aec-bf0d-32618d3fad23}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, difutimap=Rundll32.exe "[%SYSTEM%]\hojubipa.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {7e5dec38-1bae-47d0-933f-e2febdb7ecb8}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, yiduvupot={7e5dec38-1bae-47d0-933f-e2febdb7ecb8}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {64590b31-a693-43d5-94e1-5eb9accca390}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, nebawalov={64590b31-a693-43d5-94e1-5eb9accca390}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {5682d1e9-ee0c-448a-b62a-848a8f471427}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, bikimasiy={5682d1e9-ee0c-448a-b62a-848a8f471427}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Wlulu=rundll32.exe "[%WINDOWS%]\abumulig.dll",e
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {81b426cf-df25-4fbb-b4ac-1011a5bbc9a5}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, sapuniyaw=Rundll32.exe "[%SYSTEM%]\puhafewu.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {c4a4965e-f9f8-4999-a71c-36a450e030da}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, harasohow={c4a4965e-f9f8-4999-a71c-36a450e030da}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, lonipisev=Rundll32.exe "[%SYSTEM%]\lakutufo.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {d90e7b4c-833a-4313-a711-3e992f7d5bb6}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, bobahalek={d90e7b4c-833a-4313-a711-3e992f7d5bb6}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, yusasehab=Rundll32.exe "[%SYSTEM%]\libetuka.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {8faf303c-3937-42af-a9d5-ba47802c315c}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, bonudoboj={8faf303c-3937-42af-a9d5-ba47802c315c}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winzfx32.rom,XQwWxdPXfo
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, rehomuliz=Rundll32.exe "[%SYSTEM%]\begajetu.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {14a1c087-2877-4a3f-864a-adc649202b1a}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, nadozuvup={14a1c087-2877-4a3f-864a-adc649202b1a}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pubizetar=Rundll32.exe "[%COMMON_APPDATA%]\buyaneju\buyaneju.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Pgucuceja=rundll32.exe "[%WINDOWS%]\ogufureqijoloz.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hmcisw=RUNDLL32.EXE [%WINDOWS%]\TEMP\mskzuecw.dll,w
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, cdrzli=RUNDLL32.EXE [%WINDOWS%]\TEMP\msptfpxi.dll,w
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Jgibiyu=rundll32.exe "[%WINDOWS%]\egoruqapiwesonoc.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, odqlmj=RUNDLL32.EXE [%WINDOWS%]\TEMP\msfplkqs.dll,w
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Odepadazayujupil=rundll32.exe "[%WINDOWS%]\ohucagayusaqitih.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Pcocov=rundll32.exe "[%WINDOWS%]\uzotazet.dll",Startup
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, lapetoniv=Rundll32.exe "[%COMMON_APPDATA%]\fifusuve\fifusuve.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, dezolokisa=Rundll32.exe "[%COMMON_APPDATA%]\beyobusu\beyobusu.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, koyenafus=Rundll32.exe "[%SYSTEM%]\yejedotu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {f7b0f7b2-1b10-4240-b00b-354f3c04e3f5}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Qtaxatofokeyi=rundll32.exe "[%WINDOWS%]\osozececisuwaqiq.dll",e
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Jverizoki=rundll32.exe "[%WINDOWS%]\azazopesiqa.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kokimewagu=Rundll32.exe "rijavuza.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, tahafanir=Rundll32.exe "[%SYSTEM%]\merilaro.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {04bb5fa3-bd63-4428-a109-2f09e98c2aff}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, rutabufiy={04bb5fa3-bd63-4428-a109-2f09e98c2aff}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winldd32.rom,vAmXjLAcsgvU
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pubizetar=Rundll32.exe "[%COMMON_APPDATA%]\kofirawa\kofirawa.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winjfr32.rom,QMeVjh
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pagizizar=Rundll32.exe "[%SYSTEM%]\wiliroba.dll",a
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-, MSSMSGS=rundll32.exe winurk32.rom,uvGkcOWlwn
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, rehomuliz=Rundll32.exe "[%SYSTEM%]\zuvararo.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {6c3c873c-7ed3-40a5-9ed2-22d0ba17db58}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, fugafumiw={6c3c873c-7ed3-40a5-9ed2-22d0ba17db58}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winrso32.rom,DDyLQZak
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, CPM9b2108ec=Rundll32.exe "[%SYSTEM%]\jayuyugu.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, kisigevey=Rundll32.exe "[%SYSTEM%]\fabokenu.dll",a
- HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hatibariki=Rundll32.exe "[%SYSTEM%]\gajukilu.dll",s
- HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hatibariki=Rundll32.exe "[%SYSTEM%]\gajukilu.dll",s
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, fataniyez=Rundll32.exe "[%SYSTEM%]\kimakaru.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {d74e8c9b-1899-416f-b9dc-32ed2b6c535b}=mujuzedij
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, desozimam={d74e8c9b-1899-416f-b9dc-32ed2b6c535b}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, huyamusej=Rundll32.exe "[%SYSTEM%]\fepabavi.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Mqava=rundll32.exe "[%WINDOWS%]\osefuloruzifu.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, mezajeroge=Rundll32.exe "zasulege.dll",s
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, vibibejab=Rundll32.exe "[%COMMON_APPDATA%]\hebebubo\hebebubo.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Dquxatikun=rundll32.exe "[%WINDOWS%]\onodasodefakorox.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Axuyupo=rundll32.exe "[%WINDOWS%]\oqecifalutihol.dll",Startup
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, hugokebuf=Rundll32.exe "[%SYSTEM%]\fuyisajo.dll",a
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {e3ca95fd-3f4d-4e7b-9a89-fce0e4b92e69}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, zazuvowen={e3ca95fd-3f4d-4e7b-9a89-fce0e4b92e69}
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {f7f6584c-864b-411d-a410-bb2de0d33ca1}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {f53bafe5-ce7a-4e95-95ac-a3912efd3739}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {d7fd6c15-4927-4aae-bf12-fbdabd287eb1}=
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks, {3F9D0C61-737D-44D1-BD80-91AF857061CC}=
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe wintvo32.rom,opgcQN
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, odqlmj=RUNDLL32.EXE [%SYSTEM%]\msfplkqs.dll,w
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winzfx32.rom,lINFiCCYZ
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, pubizetar=Rundll32.exe "[%COMMON_APPDATA%]\firowazo\firowazo.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, walanufad=Rundll32.exe "[%SYSTEM%]\fupikoti.dll",a
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, liyuwuviho=Rundll32.exe "tomipojo.dll",s
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {28df8e7f-ae64-45ba-aeec-a4ab2a9fc0b6}=gahurihor
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, niripuyuy={28df8e7f-ae64-45ba-aeec-a4ab2a9fc0b6}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {1d278bcf-eca2-43a0-9761-9cdc6461f7d7}=jugezatag
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, pozofibos={1d278bcf-eca2-43a0-9761-9cdc6461f7d7}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {09708d7d-58e0-4914-b80e-663a82f0cd57}=kupuhivus
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, tudezapit={09708d7d-58e0-4914-b80e-663a82f0cd57}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {4e5d60f5-fb79-4345-833d-3f39efd4b729}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, tayajanuz={4e5d60f5-fb79-4345-833d-3f39efd4b729}
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler, {ca46731c-4618-43d2-a0bb-ee2a4c9f5eea}=tokatiluy
- HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad, banamugey={ca46731c-4618-43d2-a0bb-ee2a4c9f5eea}
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winhmp32.rom,wQUIZlKZ
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, MSSMSGS=rundll32.exe winguc32.rom,vAmXjLAcsgvU
Scan your system registry for FREE
Comments
