VirtuMonde Removal Report

VirtuMonde

By Domesticus in Rogue Anti-Spyware Program | 267 views

Rate it:

(No Ratings Yet)

Loading ...

Translate To:

Português

VirtuMonde Description

Virtumonde (also known under a variety of aliases as Virtu Monde, Virtu-Monde, VirtuMonde Adware, Adware.VirtuMonde, VirtuMonde Spyware, VirtuMonde Virus) is a software application that monitors your browser and keeps track of your browsing habits. VirtuMonde uses this specific information to send targeted advertisements based upon your web-surfing activities directly to your computer. Usually installed as a component of another program, VirtuMonde infects the following systems: Windows 95, Windows 98, Windows 2000, Windows Me, Windows NT, Windows XP and Windows Server 2003. VirtuMonde begins running as soon as your computer starts up, and since it operates in the background, it may often go unnoticed. Assisting this play of stealth is VirtuMonde’s capability of renaming itself during execution.

Type: Adware

How Can You Detect VirtuMonde?

Download SpyHunter’s Detection Scanner
to Detect VirtuMonde.

Can’t install SpyHunter? Click here to view possible causes of installation issues.

VirtuMonde Technical Report

As new VirtuMonde details are reported by our customers and findings from our Threat Research Center, we will update this section.

The following VirtuMonde files with its MD5s were created in the system:

File Name	File Size	MD5

tmpidamd.dll	70208	efaf3e853f800d5897d2cda807c423b3
keycpl.dll	92730	4e2054ae08dced53e3f493afba8212b8
ddcca.dll	243296	a8c3bb2a95e2c0c28b309bf4f0ff66cd
vtsss.dll	298080	57a476f763feb384f5272d441fab4597
dvigdtgi.dll	70208	4865a39fe1e6a148eb85a3a3918ba005
iowrrqbs.dll	70208	cef13d112246a02b01fdf20a5bbb7ec8
ivrrwfps.dll	70208	2fb9509f1b9134ae56fd535d4c4634f8
pmnnm.dll	298080	1a622cba5a89518cf4a511492db9d4f7
cbkllosv.dll	70208	75f86a0ccd4845cfa74b3ea9183278b5
mljkkhf.dll	31254	3eba5d5ee0d0833b75babc403c46f764
sstur.dll	231520	a8806fbb9a26110e9e67f7160f573c70
ddcyx.dll	285273	13a4630f5928d9380a668bdccf69286b
khfcdba.dll	43542	02fb66ff2648fb497a3a1998f4d0b844
ljjgedc.dll	43542	02fb66ff2648fb497a3a1998f4d0b844
rqrppon.dll	43542	02fb66ff2648fb497a3a1998f4d0b844
wvursqn.dll	43542	02fb66ff2648fb497a3a1998f4d0b844
xxyxwxv.dll	43542	02fb66ff2648fb497a3a1998f4d0b844
vtsts.dll	298080	c61a58b9b88999f40550bf6efd3a9a91
awtqqnl.dll	26694	a235f52ad905ec89f9c9632f9a94dbe8
sstrs.dll	266336	0c053e21700e83a163b50c18108268e1
mllkk.dll	266336	0b04c48ec47c70bba5d173bcaa61f58c
vtuspmn.dll	26637	59aef3b861b7a2a74ae97454628cfee9
nnnmmlk.dll	31254	cbe9e81aa9d4ff26dde8c35839c55fd0
cbxxywx.dll	29206	274007e7c2fef02eafd67c49f5f6bb56
ssqrs.dll	266336	2f73da71f31c691081a8b08ccad4e81c
opnnljj.dll	33302	29a0dbb047ea5167b5c0897902045718
ssttr.dll	263220	9f92318dd66ceed357fdb9e82e0b9dfa
pmnno.dll	262708	fe192ced601812e3f46825b3a094e729
ssttr.dll	262708	10b582828eaf28c34d23de94fb0f7c1b
urstr.dll	228960	fead1b9c31e22cd68fcce42ce891722a
jkhhf.dll	298080	da67e9a5676c0381c7d696011608a587
mllmm.dll	244832	22a9274ca7e69511cc29bec01a66894c
rqron.dll	228960	e15ce7b4780ad9f40d1a440b8ef2f060
byxurqq.dll	44054	275cbcbe24a20a1b5f89c16b3cad8907
rldmmyyb.dll	69184	4eb00dbd11d001b635ec0d4a2ac50bec
pmnlk.dll	244832	eae713e43e30ae2d5e9d0fe5f97998a2
vtuts.dll	244832	03125ebaf6ae26d5153e51ac1f15d88c
bunwhhmo.dll	69184	40ed74ae9ec8a6c305f4fddd43a888bb
keygen.exe	53773	b29d7eec069ad3bb874a99d3737e5b60
WindowsXP-KB929969-x86-ENU(original).exe	802104	7528341a3b31cace40e2c8d2a473f855
Windows_XP_SP2_Professional_Edition_Corporate_serial_number.txt[2].exe	168657	b8e0cf17674dc0d38320ce4d3dbe7c46
Nero_Burning_Rom_Ultra_Edition_6.6.0.6_serial_number.txt[1].exe	168589	0c0cecac345a6e41309e6d65489753dc
ksljdsle.dll	70208	2b08afb83e8ae77050b063ef9c2ef0a3
odgkhiaq.dll	11840	4c176113da7eb0700f2bd9a2b59a9e52
mljhghe.dll	31254	c7a272c553efe200e928310537a7a728
sstqq.dll	266336	7d745eb8c24ebd05f8357b452e095d28
jiinhuyb.dll	77376	48513f985265cf515be1fafdb46f4158
geeby.dll	244832	c7ed881353a0e902de96aaaef4b08cf1
awtqopm.dll	36352	2b262799cd238f8e99101470f172d8c1
bndsrsqo.dll	245760	1d5f61d151fcbb699c5d3e51312fbecb
qwmehqhv.dll	70208	2cd528092aca61315c6fe75e3da88ac4
jkkll.dll	31254	d34278b80c7f284b7a77e43ba2cb5301
jkkll.dll	228960	e9855b438ee5266bdd33a0883679e8d9
jkkll.dll	266336	3f42fc230df33c74f4631847fdd4bb4f
jkkll.dll	285273	58edd5dd1b4d336241cd49e7aed47ec0
jkkll.dll	266336	88ecb449408c93597a13013e1bf1d4a5
jkkll.dll	228960	ca83666dac734d2be692ecdf5e8fff9e
jkkll.dll	228960	859475cdab33ddaa4a5134715d875eac
jkkll.dll	228960	1485ef1e7c28347c418409b4fee869a3
jkkll.dll	228960	02157b6322afe220914b30e55c667b4c
mljjk.dll	228960	10d8686d3eec4bfb3a07ec0a2c4a6757
mljjk.dll	228960	ef17075bab9b686b220b5d75dc78c1f3
mljjk.dll	228960	a49ea37693c70216c0016693a0df1782
mljjk.dll	285273	6319e1c59d531d82e9f17c1261d29626
mljjk.dll	281172	7fa29276915103291c2b38abb3046b89
awtttqr.dll	44054	67f2bcd4263ff4f61764f600aeca8047
ssttr.dll	316000	f8f1a413bcb304ce52443590ca050302
pmnlj.dll	308832	305f95d475d271f59f97a61fca20309b
geebc.dll	263220	a78dcf34c93869b46d13f1abb7e1ca09
uynltcou.dll	77376	b024c806349071b38e47254e81f87abe
mllkk.dll	307808	36b02f875a5b995c4fb92fe41a3f7a58
hggdefc.dll	34304	ef8f2da9fa62e4624e643c429e7ee34d
ssqqn.dll	319584	80301c9557dfdbd74485762e052e59ea
ssqnolm.dll	36352	7c698dd3ce8973dd3777f9d5f5860b71
ssqpn.dll	326752	30b62459049d5309673058f14b971ecb
tuvvsrp.dll	36352	68bfcc5833616bcccdb4e6d3bfdb0c4f
wspxxtfw.dll	114688	f45372d3b83cd7e9f8c153b335406724
ddcaaxu.dll	38912	569d8140191d5a454ff665140ea6e30d
pmkjj.dll	298080	8bed6e305b017adb1a662f2abed6d503
nnlmn.dll	321120	ba23772716a35953cceb8d5534253f47
gebya.dll	331360	0bc9b5120a80483f868572632a6810fa
hgggdbx.dll	37376	5b6e77af55dce55ff64eeeb0a3ac7266
opnnlmn.dll	38912	76b37794a974e5fbcc08c9713d83dd17
awtqomn.dll	36352	00e6269b8a8de5276c67230c96b29a3e
jkhfe.dll	328704	7134e38e457520099c36e1b073481f95
byxvs.dll	316512	79b321ef5702201cda904a9a4e48bcf9
xxyvspp.dll	351744	2ed1c1e93b3917a587fa762ee5258d6c
byxxy.dll	335968	ca4b16645b62f767a183a2a848d9706d
geeby.dll	329824	cc00f0f6ff1455146ab769c7392ba620
mljgd.dll	322656	e7e4384da19a8cea4bdb7c96a48ad0e1
mljgh.dll	320096	9f5d77a8f8b769b1621a7a573f8911c9
ddaya.dll	340480	46fb3acceb4c34d1d13a89f821505c7c
ssqopqo.dll	24288	cb722ba8cd0b5ff62dc98d634fe6d5cc
mlljk.dll	314752	a874dfb0441096053e1cda0373eb6bc5
awtqo.dll	320096	3e65d4d37199f6eb1ff5bfe64e455218
geeba.dll	329824	402516aab74578163ad6859c28723e34
ssqpq.dll	336384	2535658e4f1a5103ef18676d8d791694
opnlm.dll	321120	fda553a5a55f9b2315761ff37f446dcc
urqollm.dll	24336	0fe566a5beaa37bdb39dff82299d4913
ssqpono.dll	24336	b783e387dd3b7921493c8cdfc4d0b6de
fccdbab.dll	40448	87e7132727c01355977382a750005b9d
nnlif.dll	320096	c9526133035b819f65f30dc35df41c4f
ddcawvv.dll	37888	e201cdf7a7b72b2942d0478bc25e451e
rqolkll.dll	24288	21c4541192e1f6767f6924973e9b3337
mljgh.dll	334848	8b99af0113f73eef0a1ebd9d52ab18af
vtutron.dll	23696	177f27ae5418ffe00f841267d429ef1f
gebxuvu.dll	38912	d20fcbf9f7cddd37039c7b53a003d0e0
mljiijh.dll	40448	ea08e08f2e5f17c7396b28610182c87b
ssqpq.exe	339968	ee2792a1b4c2ef54861c8f41eb1f91c0
geeba.dll	334848	03af322f3eb175225813257cc51979d1
geeba.dll	337920	39c686ab06c352ffe1011e8307723d43
hggeeee.dll	38400	e837835873f6837a92a9cffbfeea5f89
mljgh.dll	340480	492cbb03829c9308800cd2080ccf7d9f
mljiggd.dll	38400	3362bdf139f97681a44508674409ef11
opnnopq.dll	38400	5e1fe7cf3441d26a33efc04c6ba98dfa
yayxuus.dll	38912	76ff010478e20337ea1c3d066b2ff78d
ddayy.dll	332288	0d7959ca20ab352222260be03d5a418b
mljighf.dll	36864	5fbea941ae339c705e4fa9e7cafbe5d5
awtqo.dll	327680	61acabcf11fb29e27a4421b61978f413
awtqo.dll	334336	bdef8003b4539acd4232a292fca397cb
mljgf.dll	327168	fe6aea58ef9e0ae44d9bce50f4f1839c
ljjjklm.dll	34304	27869b57639ec3579356bf919234c5d3
efcawvu.dll	36352	8c531c5f2cce8286303ea63a9198b03c
skfckddr.dll	163904	ff0be908d928f647fb03169c0a07f336
tlljjhpd.dll	163904	ff0be908d928f647fb03169c0a07f336
ssttt.dll	331264	1214c65186286c792666551e4a8e93a7
vngfkoug.dll	94272	5c0146d7b979e5c88992c5c07511a434
awtsr.dll	314848	07c80e0f35b02ec9c77b2da57a2ecd43
geeba.dll	334336	1d2a6a10f6dc22577336089707ac4eb5
ljjhgee.dll	40960	2a1e8fe71e9d84a53a35ff0b7c47ed21
pmnnn.dll	263168	93ff365eef0e6f1c3879ad087d693c63
winsrc.dll	240128	efa50235a0e1531358732833f67a355d
opnlifg.dll	40448	ff346b9d7222ac45d8b981cb946134db
khfDtUno.dll	36352	d80c3aba5ef2c2d1c31f35885a42ace6
pmnkHBSK.dll	268288	c820dab591630afe09698b289e89a0d2
geBuTJde.dll	270336	fcae779e1b0cea967ef58ce46f7707d5
vtUkligh.dll	36864	699b193c1e69b01da216e76b3fb0c663
hgGyyvvS.dll	270336	03a27caf9b037a8eb47e16e334567d1d
byXNhffg.dll	37888	79a01c0b1fea509f94013e5f50a00f47
jkkLEUMf.dll	272896	3553b75c478d67996b6ec4ae7b56e599
xxyxUmJY.dll	38400	e2827129269d16da170555849afc14ca
ssqRHYoP.dll	268288	8d01fa14795945ee0fc7b56514734614
opnkjICv.dll	270336	436e0fba92708c2f5f71cbabc305d07b
opnMEvWQ.dll	268288	0f23d847a9b9d69dd5b1d20cae196218
vtUnopoP.dll	36352	8a6152e25346f5b7a19677653327eb17
yayvVNdE.dll	270336	0960260d370a7cfda02003dad6bbb71f
ddcCVPgG.dll	270336	6d629a709cb48a6782eda4a55f2c6134
yayXnmjK.dll	270336	b52c575c5da725d40eaa20f128c271fc
byXOfcda.dll	270336	11e24220760f6ffe83ae4548207041aa
ktoybejm.dll	122880	a8112a65115208df059c32fc298cbaf6
geBSjhfe.dll	270336	c8af335ab4ad8fe7deb5d03e0cb190bb
geBsSkIa.dll	36864	0ed33895c4e28be0a6059d9d63b954e3
nnnkjGAr.dll	270336	34da5cf838d8050aefd87e46e2c39963
fkbsadlt.dll	95808	1c628d265de5348e8ba05738a0e8ec47
fccba653-b7d9-e893-e536-5d37af36af24.dll	329216	ace52af76d0bee1f74babbd8bbbd0f9a
haedrsmq.dll	91712	02a13c21febb588f16da5e6348336e73
wvUmnMFy.dll	270336	e5d7fc37c78ad6c1f7619dec1c6137f4
gfowalhm.dll	53312	f939f6de6afaf355a3bd3b6edd0777ef
uqweicef.dll	91712	0da98feb2d3cb43877501865c1ce1238
jbdwlhix.dll	91712	6ca08f6f87b4b706a377c3af0c91387b
wvwxv.dll	273920	ded790992fe4eb6ab94c3280d71c235e
temlxopqgdk.dll	262144	0370b19f94519eb7dcf92cca4dc50fca
ojiqhhqj.dll	53312	7ab20a675f9ae5dfe69f1767a4e7dc7a
temlxopqgdk.dll	212992	983e9050561d22668b2c4e8e788ba734
nnnmnnoN.dll	273408	f6165c91a74431ca17d3aa1f6aa89599
urdqunxe.dll	85056	b8c6d9c19d5ffa698c74b21e3131cd6a
winsrc.dll	241664	b63d25684b582ce697762708b8c069eb
winsrc.dll	256000	cf4bcfb4290796a77552dab9f4188ce2
winsrc.dll	260608	ac9dad51e5ef95ce978195eadaec33ae
winsrc.dll	257536	242f71596ee956e9502834b92eeca75a
winsrc.dll	255488	cbc7af44e59ce1ab5bfa6625d8f89f6d
winsrc.dll	286208	4015d5605ebc26d1675bedb3eb360260
winsrc.dll	286720	e33a43d7f23528d771acc9917b104aab
winsrc.dll	258048	e6fb8ed057baa210562517a9cb4db66c
winsrc.dll	283648	f9da89d5a3036a197f3b3d50ead76307
winsrc.dll	285696	974345fa53259960681ba854aa506355
winsrc.dll	286720	f3d5ac9c6d6ae5ad725b47fd63a53cd5
winsrc.dll	255488	ed6eb57166e48d354653b50943d0b1de
winsrc.dll	285184	99fcd346c8463eaacb599415b5872bef
winsrc.dll	285184	f100b194b363111e93201b1d9d8be06d
winsrc.dll	284672	fb878915a29fb795eecc5e16e2e13e77
winsrc.dll	287232	24bb8b6a984c45c6acaed83c8cbf819d
winsrc.dll	290816	62921cf5581d760ec1f19ef8eb2abd67
winsrc.dll	290816	319c3d5d5b8cf3de65e678b133af0fb9
winsrc.dll	283648	e0cb3f10328370ca3e39599724ebc2c0
winsrc.dll	287744	13b45368fe961ae19e34d97023e91fcf
winsrc.dll	286720	d1016b590f4062ee5ddf973ec888416b
winsrc.dll	284672	53076ae96904a4703f960a62035fa6ef
ddcYpmkK.dll	29568	83ff62292c6bf91deaecaddc694583e7
geBtQhhI.dll	29568	83ff62292c6bf91deaecaddc694583e7
ytjknmcy.dll	89088	254daea47110b81436254dac4d6ae36d
urqQjkkL.dll	318208	718e79e5bda277a36e44f00d88b073b6
jkkHYsPF.dll	283648	4e9a613cca1fb10ec3a0eeb63853bb4d
1014[1].exe	61952	296799adf0921e0178d86db7ba4221de
asd0.exe	61952	296799adf0921e0178d86db7ba4221de
is[1].exe	46080	98951b2b36d9f4555fa1314b3c885581
jcjxhnsa.dll	81920	7f8096f2ab1418747b5337f645304f4b
xxyvvsSi.dll	31232	3bac67c84b5727c31a9f286cf109596a
nnnoPGXp.dll	31232	3bac67c84b5727c31a9f286cf109596a
tuvWoopm.dll	282624	d6389119e9c9ea676abc8e91f36a48d2
pjwtknhj.dll	82432	38cb1a1f25ad0446a90c99d211147df7
qgbxdqve.dll	93696	b7d65ae79968a212d0f31374d3f2fd60
fffsepye.dll	81408	79b37718344dff8220312d2472466487
1014[1].exe	52224	5f2a7d7d445dc8e751e1ebb693c8062d
dll[1].dll	295424	13fba8bb5caa59564b975e073d94d6ed
services.dll	295424	13fba8bb5caa59564b975e073d94d6ed
wvUnOIXO.dll	296448	770201f9ad0f0ea23f211e75601e3cad
ssdeqxsd.dll	99840	0cf7764f88034638e34699e5df44d735
jggvvrab.dll	108544	3b2c903b8f25b7cd8548c01a9ec74590
tftiep.dll	114688	e02b7d275efafb250cd18fe96db771a7
bjfcgrnb.dll	99456	a89989573f46b4bbe4a9f90e3ffbc447
qvslys.dll	104448	18656b2e50ea9afd19782560adc5385b
nvrxxael.dll	95744	b9dfd29cd80ca75375f611d60273aab9
uucadhvt.dll	70144	1ad38ea40dedd3b0a57e446472a5faa1
vkvhdvwt.dll	95744	f1e36fbee13b2951588d9a631a41d56b
cmsmysnc.dll	85504	d7b7867b92debb40d183e4fe10bf29d6
dderdnoc.dll	85504	319fecb35a1d1bbee5c40454141a2cae
ddccCVml.dll	283648	e1fb0c9a7745666e2e18023336f2ef8a
gbcopght.dll	95232	bf52c65acb75e1ef923cf729b8803d04
fuxcliro.dll	95232	bf52c65acb75e1ef923cf729b8803d04
awfrnaps.dll	85504	1f899173350b97bd2074a2a3eb34f14d
vqtvwlgw.dll	96256	f100f8ab5b0c3faa391ef52ae1314608
hhjfti.dll	111616	d270b10b275d76d1a8d5ff35fecd10e2
gxhfdktc.dll	88576	7726487b193ffe709927726192146bfc
buhkhsbk.dll	99328	4b8e92607a088a06a5f712f64ad9be77
plpecm.dll	112128	ae2bb4c74dec6cff600e57f70e1f9474
urqOIbcy.dll	45568	052c2c736d6a2e023fe7511378a8e100
xhyajmtc.dll	89088	712f55754d0ae9fa2ab516b22619b776
plcvkrgy.dll	97280	fcb346b92a42fe10b0e6d24412e88f37
eedfbf.dll	132224	7d9b5e760787c525ed287207cfa72b35
inlvolhc.dll	99456	6b9417b2bad289e6d25e59ee44a4282b
olwxnbbi.dll	90624	aa431474ff486e6c84cc07e0fd8f0950
osxocovx.dll	99328	e10962faffb3b1de349edffa10c56940
dmssgdrj.dll	99712	1eb39e01e2390c9d48bc0dd0bf933751
kkydlppr.dll	85504	34e77194dcfd6a2141fce5fd270918d5
iifcATkJ.dll	283648	0511501685a2aa1e91e3f78eaba3b43b
dbyjcbec.dll	95744	857d5c49395a4a86e13dcfb3e00d01ba
cilcadui.dll	103552	c87fa1bafa3cd9c518e6fb403dec1490
annjvs.dll	131328	d02adc1daf58e82d0d87d9a889655c3c
ohlhig.dll	130432	3f08749c70b647ba824bbea8f275b31b
nnnmnkll.dll	327264	833043e49adc2f3154059a3cbfe60550
wvUmjhIY.dll	31232	5eba8039cddc286da6427ba16ee6a36b
mlJYqPjj.dll	31232	5eba8039cddc286da6427ba16ee6a36b
khfCrPjh.dll	31232	612a284c6b78403d067202b0a8d1e4b9
xxyxYqnl.dll	31232	612a284c6b78403d067202b0a8d1e4b9
ddcCTliG.dll	68096	3a7d83493273036d1d71afd56ec1f3be
tuvtQJcb.dll	68096	3a7d83493273036d1d71afd56ec1f3be
ptomwc.dll	136320	dbc3498a756ef8f107626a3ea0f24d8d
pskldc.dll	115200	a8b6271b300d77ab20e201d4a15a77c1
wvUlKaYo.dll	34816	8aa414b14e6c10040d315a31b2c84514
sohfepgc.dll	97280	321ebf15ccb7050aaa78253781f9ec6b
tggpjg.dll	111616	8565489c7f64a820a1ab74ef8bd84434
iinksmot.dll	89600	00f8be35aa7dcc52976514632fb54553
ruqcqapf.dll	85504	af9a50ea9beb58566f7e48d447d1b610
xaqcknax.dll	85504	af9a50ea9beb58566f7e48d447d1b610
vrymwdtl.dll	105472	d69696f495de671b3a545b6fe227087a
bbbdnfiq.dll	105472	d69696f495de671b3a545b6fe227087a
stndjk.dll	115200	8efe98a847808b839b2934784f890f45
veiothod.dll	104064	ce1f7b658f31e8e822402004d2e50cee
fajjwfty.dll	73216	4cf3947c6344d440313da683172f3cfe
lhwidn.dll	116224	c1818580c9bb11f942c412a65991d148
dhafsgei.dll	95232	4071ed26f8236944b69912b524ab4c4c
sdafmvyx.dll	89600	e363c41f2e539e823d47cd135b689e2e
antadu.dll	135936	cca183374637b6f8432eb1429e748010
ajcmnk.dll	135936	20ba092514d50375d32b931a62db4d6d
zbfqvv.dll	136448	8a65e447f210b0dc30668cb209139f02
hhmvps.dll	136832	549cbc9c8e18c4cc57e7106e9701ac39
ffhwtocc.dll	136832	549cbc9c8e18c4cc57e7106e9701ac39
aplkyk.dll	136832	307b0993bb58f1c137003650a63e3fb3
ksdats.dll	115200	20b5fba54623afaf7072f530eec1cb63
kadpbbdr.dll	80000	54c3e2d606858ac4a0d402494b2f548e
unlspqjy.dll	95232	615b6e730f0af3a4bd3561e7f8956e4e
mxcyynyg.dll	78848	0134074c850e88ab7a69f20320648678
jdpfjwgb.dll	105984	a4033434a9791ed8ea5433dd6f0ccf81
hkytggfn.dll	80512	cc60a80a3f9219505f13bb924445e125
vtUmJBsS.dll	34304	1de6f27f375995e51ccd82bb88881df9
xxyywTMD.dll	34304	1de6f27f375995e51ccd82bb88881df9
byXOIyVm.dll	284160	7ef03aec018bfd3fec90a470210efba8
FreeApp[1].exe	51712	df93cfa76e5e9d7cb2ed6981ba923e67
vljdgnh.dll	139264	57c9bb2e12f131344b617a012854276b
geeda.dll	244832	b61a27251c620c822a1220c132cb4844
rojghd.dll	111616	c37d3cad01d761c4cad740f953175347
dlxbtwoy.dll	104448	1ad5ec6342f2e760af1c9822db66cfad
qaxiih.dll	110592	3725b3655e94fbcc144ad770de0dd587
quugqcti.dll	110592	3725b3655e94fbcc144ad770de0dd587
rajnes.dll	115200	6c3c8ab79b54571a01296c7d327d2307
ivlltt.dll	115200	6c3c8ab79b54571a01296c7d327d2307
opnkhifd.dll	34304	383b916f739811afc4f90ec2df250ac2
ypfuhntx.dll	104448	36c73bbe8399013a1a8fce0783e7897e
arsnxy.dll	111616	b76c26d04947636d3605d1b0a3516c8e
nodrnops.dll	76800	acf89cdd70efe61de0ea23a3250d532e
__c007eee9.jpg	21184	53850c58b6be753a359c853293833ec3
tjlqhi.dll	114688	df54849ae2f423823fc4622681fa5099
xkhcunoe.dll	101888	8b6ac3048f4b6fc5e63803e8782c0e17
qxqawd.dll	123904	616e5cc1a41e7156857895b7269a7010
__c00e3439.dat	25600	9e4a801a7ba21a6d379ae2a516af12ce
cfhyfi.dll	115200	fe5be1a557ebad43cf5e53292582cd45
tuvTkJyy.dll	29184	dda7b58dcf5384311872e82dc7a76b3d
tqelta.dll	128000	f5cacf24ca9c1a18cfb28fc4200b45b7
flojedot.dll	67072	e851cc79cc09081368b9228cf3e3e015
wccbmsbl.dll	123904	3ce895d155b3958ccf01a86361be22bc
ruesnr.dll	137344	af5d7f738dd40bcd29e4189d67b166b7
cbXPfFUn.dll	44032	efa12bbb91dbc7e5a2d1fe58130b1731
rnxbtsqk.dll	105472	0aa08f927adcf719fa728f8d646c0e68
eutuzi.dll	115200	26f4619eead0570c887c76293357455d
mrmpnr.dll	136832	21e2f0f424cb57817c0598c56ada5204
miwdmive.dll	80000	057ce28b21a1199146a721af6530daa4
c00FA17.mat	21184	05c1a3dd88588e9f7e2fdea1e97afc07
m0_glkp_011008.dll	21184	05c1a3dd88588e9f7e2fdea1e97afc07
bindnvej.dll	80512	59793d14c2d3f2a43671fee4cbea8a64
oaisli.dll	123904	e60e8717f54271970813f1b266243bd5
ehowpify.dll	80512	d0b7418bfeaf4964950981b46e99ffb2
ahjvks.dll	128000	d674d51182b69e9de8891673538c6f78
zpsdjn.dll	137216	bfd1badd1c8a38c1dcd217f606f4aad2
tzbgbt.dll	128000	6749f241d72c1936e8ba83baf57a9e1d
vsdfgdqx.dll	67584	aa83f3d32addcbbd973143a1d739d709
c00488D9.mat	21152	d85e20b80222c519e030b8797dabecff
mlJYpQjg.dll	104448	f9209b40883d089177b8280eb1c08e2f
mmwotqsl.dll	71680	8d07d2d89689adb330d733be96f04f08
bkcosq.dll	128000	1543727d383296a5bc5233288ef1e5ca
whqoukxw.dll	73216	798a76025ed66ca03b3aa51e7e364400
ggnrskqt.dll	73216	798a76025ed66ca03b3aa51e7e364400
fccbBRKD.dll	34816	2557857a9a395caaa2271dcf90f6186d
rqRIyWoo.dll	34816	2557857a9a395caaa2271dcf90f6186d
rqRhhhIA.dll	283648	fee69f145bd989abb95be9a275e91df2
yayxywtu.dll	62464	b604332cf0332ef266979b3b10aa3d7f
file[1].exe	135680	3194f097c9a5307e4e20051a4054a20b
khfGvuUm.dll	339456	f9942f41cd5d5f2bf23d8b043f4391ec
uvftmemm.dll	71680	b0c6f93b30a7cc5713c2c17c65f6fa66
pacttjdp.dll	71680	b0c6f93b30a7cc5713c2c17c65f6fa66
uigkpcys.dll	90688	d1f1da620c6083e1c6887b709d7b9d86
cbinwdfi.dll	93248	2d3f1f2951cdc7f0ab2802c217666811
roxftuek.dll	87104	bd112c7b4cc0fb3aa3d1948615bd1a5e
qommnlm.dll	36352	63703c066f03f530e93790a4dc8071e6
wlvtugca.dll	84544	98b17bf7ba734ad7f5ba9f6ba7464777
rwwibrra.dll	88640	5429f08fcf3601eb6c9a3a67d61c078e
tisiahqm.dll	106048	2c060b7a895ccfb7fe2e39145f84a664
yiilgnvq.dll	155712	1930042e0c962b6c7d2dba95dcb24862
kgbpdwus.dll	91712	35cad2a8e1e274ae68e77717abdd48ba
xfiuvcni.dll	86592	5f59147902bf937e94d7ed55045c61d7
ibrtgdml.dll	104000	49afa269a8e3b20f414b8e20d8a4ebf4
mlrrvmwg.dll	92224	75da586f0479557faebce4603b99688b
ghlpmjls.dll	121408	85333029ad8aa47b458fbc73d473588b
nhvtxpoe.dll	95296	915519ce364d254897d6da0115daf411
qbgnuhwf.dll	92736	87eae0bf17f1140700899d453e357c05
mlljk.dll	292352	0881e7478d860d4fc1b772b47fecaf84
dqcctdys.dll	94784	b211d43b7f2595441628d2a7fcc14aae
drczbq.dll	128000	be9cc04e697a9131a384298945714cc6
prnwlk.dll	136704	e1a4f75adce7482a68af782f3bbcccf6
jpzzqm.dll	137728	ff6c20373a3cf1a8efa039530e7436d6
vtUkjKba.dll	103936	e72149ed568e13449ed9e423b2174d47
pmnooOGY.dll	41984	709c3bb023c3d58cace4bdafeeba0aba
txlodo.dll	128000	3b8e6b26c4aaa43d3781525bc3a75c37
ojlacx.dll	101888	0d2de38d298d561bb162785d0cd94ee7
jihacv.dll	123904	d463b4c06f967cf5174098f6e1a1862d
ddcCtsqQ.dll	34304	1402cf1293534e9ff149d89bba378ea5
ucqrjj.dll	115200	5e8afbf2ebb86190c33b0c37d8c80aed
mgjdax.dll	101888	0d2de38d298d561bb162785d0cd94ee7
eauuah.dll	133120	23b879da752a06067f15ba4bdd3076ae
mppzqf.dll	133120	23b879da752a06067f15ba4bdd3076ae
lmvvgenc.dll	133120	23b879da752a06067f15ba4bdd3076ae
axqnlt.dll	131840	f343d8c60916df7c772c621132c3c4f5
tfvkod.dll	131328	2310e8967148c3d3444cce5218ab9e22
jsfoig.dll	132352	2570822bba50c58be6f61cc174367877
scpxmz.dll	131840	13cd24305d46ef8ccf901eeaa9dc5ca8
vsiots.dll	131840	bc5887449b9c67676b2c4c5069638dcc
uituyc.dll	131840	7a33159cdb1884d527cc65df4164995e
erqfnx.dll	131840	59d28054dc2af7cf530cc34ab94d8c6d
xmmjlipj.dll	75392	c71369c4de64e76f34b3cbb29bf21ef4
gtkbbs.dll	132608	4de1e3fb934bb82fb651feac0412a827
riuosl.dll	114176	1786da10f96c806e032633e455f56ddd
grzquz.dll	115200	a1a3f5dd4c7a1b36a4a01235c12f2b91
vrzbdi.dll	123904	0808bfdfab50b4e4a86147c15a830ebd
zatvky.dll	124928	bc654cab2b33697ef5f3cb8f69d04c08
exqwxcji.dll	75776	ef9078d8ba6b37bb16124409232bbfcf
ysdbsq.dll	113152	be5ad1a0a789464c481313a77b52e4e9
pmnmnLEX.dll	38912	63abfa224a354601766583c61a60159d
jajepkfx.dll	69120	c60dc76b110102ac55182e945e508fdc
emgnzr.dll	102400	cc2338f90bf9366b777b710a07205177
dsekqy.dll	123904	deb3f548d649223ab7283b525d7dc3ea
xxydwc.dll	101888	ff194e81c834ba35a7d0c0a6a36b5d97
bcmlvh.dll	123904	c8175d7976f4faf6c850756bfbd4b721
efccddCU.dll	34304	5e4d611583c4edacd28a8c9493414fb4
ufrxqr.dll	113152	281b043a1630fcd84f01305a27bb80d9
xxywWpqR.dll	29696	12aef2eafbb5ef96b4d2c052c37f6af3
skibqpxt.dll	155648	fe0c59466fada1ab7e86350305abe746
jtrwal.dll	102400	4866e6be87fe1c22c57075bf654c0245
edljqdbo.dll	69120	dfba1ca66d60bbae0ac49e49c3e5c321
tfpdhn.dll	128000	00185bbc6a20b43c197e75b5e409a136
iyfgdvyy.dll	71680	95a2e612c86ac625c0510783cb2d1ec4
jhvwulaq.dll	67584	4e1f2385243fc981b1502fee2a1503b2
ttyiplei.dll	69120	22e35806e0adb72a8314471830e5e9d8
file[1].exe	49152	1a4cb915ada5d4d5340f41b76131a9d2
vtUnLeDU.dll	32768	abcec32e7029c70bc8f1d56bdb4810a2
nnnmKDtU.dll	32768	abcec32e7029c70bc8f1d56bdb4810a2
ffmucwlj.dll	71680	f63a483842c6754d5312741930a20a38
cbXNHyAr.dll	281600	0e1afe20316e76a0012c760be3c08b8b
qkojjk.dll	132608	d5dfab3eb19fb1df67fd82ceb2643412
emwggtak.dll	116224	f10dfa05b31e462e728d974c65cf2b0f
ngcsqxjk.dll	68096	c4af6a6c3bd37159f6b4a7435321f586
efcDVnNG.dll	32768	b33bd2f644a371bbd55428aa9e3e9256
nosemdos.dll	155648	f6586b2369d98e3d53b32d782ab3e1e6
pifgzo.dll	104448	2f8f8a4bebca525607467d9cf27c6de9
ddcCSMdc.dll	35328	e5bddab53ffc5220349c3b3c8f219931
sdjomk.dll	123904	cae8de95944505956b271a80ffd4c7a8
vbtqveed.dll	68096	3905ff10cef37755164f9da5fa888707
qyyrxbhh.dll	70656	8c7c34391a90a8bced7dce01225e1439
mlJArpOh.dll	25600	aab2c8df4cc150bfd520f4d60e4d4909
mlJAsTll.dll	33280	000ca732ef5e4785ec8b31a78de0421e
nrlvkj.dll	124928	def62d27409fd2e7b89e653ce7994ed8
jfewhfce.dll	68096	6d7b9c5be89b8b19c73a2ad968617d16
rcggbwks.dll	103936	80b99abcb930e262b8fc1179d42aee3b
qkqtodyv.dll	70144	8e7b7506c55298b95f91824b795133ca
knkkeu.dll	113664	a2c392888077453983ad673d8339aa78
vqivmg.dll	103936	2bd8741423b20245707050c8576ce55a
aglydi.dll	102912	c250d489af11c1ed01910c6443ca589e
ferskkrw.dll	155648	369e6a96f2892c64d1d6791e0c07861f
dedyfg.dll	111616	4c3d5aff397712e90a651495da725e0a
sxvaedyd.dll	68096	9102c5d0175f358d77c1f3933718bbc6
efcCrRIy.dll	42496	6922d354e5012a39e92aba1a3c0a0600
geBuSLBt.dll	42496	6922d354e5012a39e92aba1a3c0a0600
file[1].exe	62464	ae0ffcfe97afe72fdd862de3d5a4b944
iiffCVPF.dll	328704	4a344155b2bea3529ed19daaa9778b5e
winsrc.dll	364032	ff33182f3bdf7804c29de4780b04bc4d
labkne.dll	124928	3f7748a518b2596b305654c70004ee78
bqjdrh.dll	124928	3368d88495514f70a5c6542e40b22359
awtsPJcA.dll	25600	d009e33c22acc2db2abede63b3b440de
yayxyvwx.dll	25600	fb552527400a926fffee06dcf57e7547
pfqjbewx.dll	68096	22e1ca37d2d427ea59c3027be7708235
nnnlkkhg.dll	25600	18856bcd7264f5230fd60cfd9ba7d5e4
rgkvne.dll	113664	3d3872b67fb0216940e283c4b3c680a7
ybhwxj.dll	104448	d6f2135dc562c7d4992cf2cea2166707
uxqpfk.dll	124928	8cc8f97f83e0dd39440cee5a75cd83cc
zgwlue.dll	115200	d5f1614153a2373ea5e227e5c203eb18
frcdmhox.dll	71168	f946f8c3de445d45c7eb34591bee037b
jpjehkmn.dll	104960	d474a25bacb75a721ae609225cda6c5b
vhsttu.dll	103424	fca1cac5c0347561ed1755fb1edb5135
wnhvnxjb.dll	68096	38c342a786a65fd59d04b19192774bd7
tbrxbxbw.dll	90160	e6fe44b010e21f173e890da44fadc7da
tqwtqs.dll	103936	638cc4b4342054e6dd0ef047f20295da
oxodam.dll	124928	2424bb8503c01e2cd51da077485ca306
mwktggcj.dll	68096	83939bcee8fb20f1e15c1e43e4911b63
fdswmgss.dll	68096	e6b50075d73ac77c4d9e37889f1c5407
__c00a2080.dat	25088	ccf335e14a90e306244d20afa18a6dd7
efcASmKd.dll	25600	2a434b1088c6bbb8a477cabad5ab83cf
vtUkhETm.dll	26112	478f3b2938149dde59b84d6a482096a2
wowoxx.dll	129024	3d5a5219997eec4e1243c99b6fecdde7
vtUmNGwX.dll	36352	c30f166e300a94517e42bbe036ac1d28
zntdkn.dll	104448	94488acc309f10a3c605d70caf8fa55a
vtUmmNFw.dll	32768	3198fd89ee050be02b24d9243a91d767
rqRIbArq.dll	32768	b12b763495e4d60ab267f23199faa865
__70.tmp	40960	4505c91fc26f826d61d8a36bbf2f5ec5
tqabkkhc.dll	72704	bb6c979af8739752b25b6c5760b128b4
cssifsik.dll	72704	38c0a4b075cb9dad7d1aa1134ca9fb77
rqRJDwvU.dll	25600	089178f1852625a7027fb4c380710d4c
dsnltn.dll	120960	ccae418e8ce8aa88c4e9e18d4d8282f5
pmnoMgEw.dll	25600	cc510517a87c04cdcf1a345e347725e5
iifefeBt.dll	40448	f169263cc3a329dc6cc1fcead555e4e6
mzqlig.dll	124928	1234314f1dea626bb2a9849b40d4b72c
byXQihed.dll	25600	8097c995d667ce01d81b467a382afc5b
jwijhtyf.dll	72704	90e30acf8e0ee9b47345e47a844d10b4
ddcbabx.dll	26678	19fb333000f260fd534c63945483994d
castlecops[1].exe	151174	5b8577deb819495ffa0c1e03501eab77
iifddby.dll	26694	2f287e9392c950158148779c9364e6a0
yaywttq.dll	26694	2f287e9392c950158148779c9364e6a0
vturspo.dll	26694	f5236876d4cd7c1f430b8de50b250701
SbCIe02b.dll	208896	908388713dc2e96068e2591ac67c54b7
ltyolghw.dll	72704	0634d0f7166a0d9fe7330e9a5ec3ffc8
zwpmbd.dll	123904	27d1640677d15fcab99b46345e05729f
qoMfdaWQ.dll	25600	f1559e1d51e9bf339f7704be2b1ad487
khfcBQjk.dll	34816	42343b4e3d4dc5044b5f96e4ab87c6ee
ssqrSMee.dll	25600	fe0c5710ba1a41981d9e0d548b268d83
aecggnuj.dll	72704	88df75d7fe20779e180f4271d7c6efe9
mojbopil.dll	72704	a759cc1ac8316ebae11541a288cff522
gcufkcko.dll	72704	094a22e01cac8adda80bbbcaeb59b8de
winsrc.dll	363520	d18ec55bb043c55b400e79915e8eebab
ptiuoi.dll	106496	535df52425b771c6b52f160d6eae43f2
winsrc.dll	363008	063a91d4be8f9bdaf68cca3129d81fb6
awtusqQk.dll	48128	09197b0a9e199ac62ed075f66ce4ec73
nnnmlLDu.dll	315392	b7e7f54bc657de4fce08f9446d9363f7
jkkhifec.dll	34816	b5f42991067df46add7778fd1bea2d5f
xxywVlLC.dll	302592	8ca1e7b8c74046e8d5e9e72bfc5c8463
ssjaug.dll	124928	ed9e704bc62edfaecca436c6f35c02dd
syadnduq.dll	75776	3110331f911e9e07ea2d16b0e1d33e93
hoxxogah.dll	73216	600c734affb25ba83c8b427d392a62c1
pcdkykes.dll	72704	3a1baa0e47f2015d8b202bf8ef6bebe1
cycsls.dll	129024	73b995264230f817b295a5aa57303be7
lemaba.dll	129024	6395dffcf29af938ea26e03e7cb904a7
efcBSMFY.dll	25600	44edefb00516f6e26f6594d687e50ef4
efcARkHA.dll	34816	1201db328b213337da604fa636d6fbf8
ubhkrk.dll	114688	d73856b5cbb897893b0299dbc8bfbed9
beuijety.dll	72704	1cf02d4e8ad78305922a9f9120d79e92
adrfzi.dll	124928	3e11928cc234bfed4b8b4ffd9c90ca37
yvkydy.dll	124416	cc352df32adf4d802c93528678887850
mroobnpg.dll	75776	bf576ae77ce5e5386eca0b7aa6a0e113
uuayib.dll	124416	06367ff53fcb0563353b3eb99867148c
nedotfwb.dll	72704	1ef76792a670cdafa4f636353fa46198
diriedfk.dll	75776	052b708b760401e6375c6bcab57b3d0a
winsrc.dll	336896	fc9dadd6cebc8e02402f17fe7268ca97
ojxpmd.dll	124416	a78ff1de2a89b7a25367ae374154c7fa
ugptyq.dll	129024	8d15973563d5959447820f3705c7c096
vakqbbpn.dll	67584	6f49d19fcca7f9e3bbe0d1b918eca97b
rkwoirys.dll	72704	3ac07db936cc7c7076010d8fbdbcfee6
frljnq.dll	103424	ec318957ef361601060320b183a88c26
tqywtr.dll	107520	00ee7c5c2a91561914ccf310d550e080
pbiduh.dll	107008	ef7d899f4e8857b7792569445783cfa5
trsjpbyp.dll	72704	a287045bee320db6df71dfea79762d7b
jitgrwvq.dll	68096	88433324fbd14e0c807ccc5e643fabe2
mudapy.dll	129024	d4a2471176f8e08e360c8a69ee6d6e5c
xxyaxvUN.dll	34816	4701764e86b5cabf2699483ac68d194a
kmsdglpm.dll	72704	cb3cd6ab05343866d11a049f053262e6
awtqoMfc.dll	36864	4c6ae5f4fd66ff360c5560ab9f58aa84
iesvcmon.exe	465920	14919a079d602c09134a2be23b710633
winsrc.dll	311304	89ccc01655d559cc3cab8b806434d676
winsystems.dll	309760	416921681538e18eb9365a6834a10ed9
winsystems.dll	311296	b0645feb02b5fea47728374937cd96c4
winsystems.dll	308736	986222672ab2d99226466265058174d8
winsystems.dll	309760	bb2ca1c749291fd94fa92c2d357b6d6f
winsrc.dll	330240	db1a557f6b4d8fe1a57025c0b2874431
winsrc.dll	331264	6e9969825af38e5f5dead0e60dd27eb2
winsrc.dll	308744	33256ed02cbe5d7cf1b600a5da342cc5
winsystems.dll	311808	9234d1b08dfaf7630c0f66a942e3cda6
winsystems.dll	151552	ae9ca3ee2f7af3f20281a2e2beff764a
winsystems.dll	310272	ee1df8b1380391f159cb73a94d9e82cf
winsystems.dll	296960	f36c9962565d528102027a45546d4735
winsystems.dll	298496	5475f86c881c1ab742cc2e5797c4c0aa
winsystems.dll	296448	4541dd26bd89c1e4fae638c0448b5655
winsrc.dll	311816	41d13a3a74a10f7f48bca4c4c207f732
vumer.dll	199698	ab8b5842dbfb162ac54a15f1ab08e3d9
vumer.dll	199698	ef2c06e134ad47f0ab6afdb853e6f657
winsystems.dll	300032	349bef2dc57b1621df03ec972688ec51
winsystems.dll	299520	3edaa6f82ff7e7f81edd5e53ff7aada1
winsystems.dll	297472	a692ab07a90dcda73c45f8735b2d11c0
winsystems.dll	298496	d388c0a961592c43ef3dd6d0e29b04f1
winsystems.dll	299520	ac0975242b4e14ff87e0d9cecb6be8e5
winsystems.dll	297472	64035a37b9908f813263d1f9be9fe139
vumer.dll	200208	bc096161ed92bf0add8625a00c901681
vumer.dll	199698	52654880a0d6e8b67a94170ea2ecdf78
vumer.dll	200210	70a437453c14f2b345a7bee177dd2734
vumer.dll	200210	7ec1c120ba512bfa0b78cf6d58f72cc7
winsystems.dll	299520	43ff100f2b26a6a6e963b4b7903d2f94
winsystems.dll	299008	75eb3334e4b79fe44ef63b1964f48747
winsystems.dll	300032	1f7f164c4a1f02334442d89f5bbd63f9
winsystems.dll	300544	649acdbe3ceff390d1c8c1841fc70597
winsystems.dll	300032	d5780709ea011b089498a4b725957906
winsystems.dll	300032	159077d2da35fb33adaea577bab342a1
jowemufu.dll	71168	965bcaa714ded991b167212b26d69b55
vumer.dll	200208	064b9b79eaf1e31e25645197094538cf
openhl32.dll	22780	a3237b0e898e16a5fc03f8931cb7959d
vumer.dll	200208	03bcce9ce20288926034f2494c549f18
holdpm.dll	129024	63c57086767dc108df2124cb6c711094
vumer.dll	200208	db8781ad40b3105d4600f23797033128
cmutils.dll	120576	1d16fad471ecc1c722be32342f7d2523
nmwwaqz.dll	104960	64adc5505376fee0470a1594c9696eea
surprise[1].exe	38400	9bd6a9cba442a88839a185eb47c2008c
_A00F7BA74.exe	38400	9bd6a9cba442a88839a185eb47c2008c
__c00CDF52.dat	26624	a4d6deb35087754921436c265a40d7f1
winsrc.dll	5047	501cbd3da171414c6df574422df86efc
urqrpqp.dll	35328	3c353965b47f91219f44014ef5938a22
mljijhi.dll	41472	5f40045792cd83b671e054a42404dd36
ssqnolm.dll	37376	fabe066bc103c1b61015ada58e781153
xxyyxur.dll	26048	362768e6afd97a288b4a0bebdb4efda9
mljiggd.dll	346112	03971499d8b1a48e59945a0a06ce0aed
xxywxxy.dll	38400	a8df1d39ea45217d4acffaab9f012a84
ykiijcvp.dll	110336	b615679e45460500fd640d07d8821f30
winsrc.dll	311816	6dc59cd4a45f96cc27b2a9d710f7abc2
hggfged.dll	34304	60a1e02a5ec8707405bd07d0f244de83
pmnlk.dll	307296	371b61b663d7b1ca0c69d5e4f320d013
vtuts.dll	320608	d4453218a781af7ec2a0c7153d8e4109
ssqrp.dll	307808	0f90394deda6937ac102fecb79745a7b
sstts.dll	313440	fcb4bd697964018ecb3d025db568118f
iifdcdb.dll	35328	56f180294d5d47128936f9a34318a83b
drvkuk.dll	103936	32bea5969a6e057042aa40a849478ded

VirtuMonde Removal Details

VirtuMonde has typically the following processes in memory:

quicken.exe
rulesak.dll
rasrun.exe
unknown.exe
pmnno.dll
SbCIe02b.dll
ddcbabx.dll
awtqqnl.dll
vtuspmn.dll
opnnljj.dll
sstur.dll
khfcdba.dll
vtsts.dll
ssqqomk.dll
ces005dr.exe
urstr.dll
rqron.dll
vtuts.dll
mljhghe.dll
geeby.dll
mljjk.dll
hggdefc.dll
gebyxuu.dll
khffefd.dll
tuvutus.dll
opnnlmn.dll
byxvs.dll
mljgh.dll
iifcyab.dll
opnlm.dll
fccdbab.dll
pmnlmnk.dll
iiffgfd.dll
yayxuus.dll
mljgf.dll
opnkjjg.dll
winsrc.dll
kadpbbdr.dll
%SYSTEMROOT%\system32\bkcosq.dll
%SYSTEMROOT%\system32\zpsdjn.dll
%SYSTEMROOT%\system32\ahjvks.dll
%SYSTEMROOT%\system32\vtUkjKba.dll
%SYSTEMROOT%\system32\ucqrjj.dll
%SYSTEMROOT%\system32\ddcCtsqQ.dll
%SYSTEMROOT%\system32\xxywWpqR.dll
%SYSTEMROOT%\system32\edljqdbo.dll
%SYSTEMROOT%\system32\jhvwulaq.dll
%SYSTEMROOT%\System32\emgnzr.dll
%SYSTEMROOT%\System32\bcmlvh.dll
%SYSTEMROOT%\system32\pmnmnLEX.dll
%SYSTEMROOT%\system32\riuosl.dll
%SYSTEMROOT%\system32\axqnlt.dll
%SYSTEMROOT%\system32\scpxmz.dll
%SYSTEMROOT%\system32\erqfnx.dll
%SYSTEMROOT%\system32\rcggbwks.dll
%SYSTEMROOT%\system32\vqivmg.dll
%SYSTEMROOT%\system32\dedyfg.dll
%SYSTEMROOT%\system32\mlJAsTll.dll
%SYSTEMROOT%\system32\efcDVnNG.dll
%SYSTEMROOT%\system32\ddcCSMdc.dll
%SYSTEMROOT%\system32\qyyrxbhh.dll
%SYSTEMROOT%\system32\ngcsqxjk.dll
%SYSTEMROOT%\system32\rgkvne.dll
%SYSTEMROOT%\system32\zgwlue.dll
%SYSTEMROOT%\system32\vhsttu.dll
%SYSTEMROOT%\system32\tqwtqs.dll
%SYSTEMROOT%\system32\bqjdrh.dll
%SYSTEMROOT%\system32\pfqjbewx.dll
%SYSTEMROOT%\system32\vtUkhETm.dll
%SYSTEMROOT%\system32\zntdkn.dll
%SYSTEMROOT%\system32\rqRJDwvU.dll
%SYSTEMROOT%\system32\iifefeBt.dll
%SYSTEMROOT%\system32\tqabkkhc.dll
%SYSTEMROOT%\system32\ltyolghw.dll
%SYSTEMROOT%\system32\khfcBQjk.dll
%SYSTEMROOT%\system32\mojbopil.dll
%SYSTEMROOT%\system32\cycsls.dll
%SYSTEMROOT%\system32\efcARkHA.dll
%SYSTEMROOT%\system32\jkkhifec.dll
%SYSTEMROOT%\system32\syadnduq.dll
%SYSTEMROOT%\system32\adrfzi.dll
%SYSTEMROOT%\system32\uuayib.dll
%SYSTEMROOT%\system32\ojxpmd.dll
%SYSTEMROOT%\system32\ugptyq.dll
%SYSTEMROOT%\system32\kmsdglpm.dll
%SYSTEMROOT%\system32\pbiduh.dll
%SYSTEMROOT%\system32\awtqoMfc.dll
cmutils.dll
winhost.exe
lspak.dll
nwonknu.exe
svci.exe
jtr0079me.dll
ssttr.dll
iifddby.dll
kopCFEWV.exe
mllkk.dll
cbxxywx.dll
mljkkhf.dll
ddcyx.dll
rqrppon.dll
xxyxwxv.dll
nnx22011.exe
vtsss.dll
mllmm.dll
rqrssro.dll
Nero_Burning_Rom_Ultra_Edition_6.6.0.6_serial_number.txt[1].exe
jiinhuyb.dll
bndsrsqo.dll
pmnlj.dll
ssqnolm.dll
cbxussr.dll
ddcaaxu.dll
hgggdbx.dll
jkhfe.dll
byxxy.dll
ssqopqo.dll
ssqpq.dll
ssqpono.dll
ddcawvv.dll
vtutron.dll
opnnopq.dll
ddcabya.dll
ljjhgee.dll
pmnnn.dll
temlxopqgdk.dll
%SYSTEMROOT%\system32\mmwotqsl.dll
%SYSTEMROOT%\system32\vsdfgdqx.dll
%SYSTEMROOT%\system32\ehowpify.dll
%SYSTEMROOT%\system32\jpzzqm.dll
%SYSTEMROOT%\system32\prnwlk.dll
%SYSTEMROOT%\system32\jihacv.dll
%SYSTEMROOT%\system32\ufrxqr.dll
%SYSTEMROOT%\system32\jtrwal.dll
%SYSTEMROOT%\system32\iyfgdvyy.dll
%SYSTEMROOT%\system32\jajepkfx.dll
%SYSTEMROOT%\System32\xxydwc.dll
%SYSTEMROOT%\system32\ysdbsq.dll
%SYSTEMROOT%\system32\zatvky.dll
%SYSTEMROOT%\system32\eauuah.dll, mppzqf.dll, lmvvgenc.dll
%SYSTEMROOT%\system32\jsfoig.dll
%SYSTEMROOT%\system32\uituyc.dll
%SYSTEMROOT%\system32\gtkbbs.dll
%SYSTEMROOT%\system32\knkkeu.dll
%SYSTEMROOT%\system32\ferskkrw.dll
%SYSTEMROOT%\system32\mlJArpOh.dll
%SYSTEMROOT%\system32\jfewhfce.dll
%SYSTEMROOT%\system32\pifgzo.dll
%SYSTEMROOT%\system32\vbtqveed.dll
%SYSTEMROOT%\system32\emwggtak.dll
%SYSTEMROOT%\system32\mwktggcj.dll
%SYSTEMROOT%\system32\uxqpfk.dll
%SYSTEMROOT%\system32\jpjehkmn.dll
%SYSTEMROOT%\system32\tbrxbxbw.dll
%SYSTEMROOT%\system32\labkne.dll
%SYSTEMROOT%\system32\yayxyvwx.dll
%SYSTEMROOT%\system32\efcASmKd.dll
%SYSTEMROOT%\system32\vtUmNGwX.dll
dsnltn.dll
%SYSTEMROOT%\system32\pmnoMgEw.dll
%SYSTEMROOT%\system32\rqRIbArq.dll
%SYSTEMROOT%\system32\jwijhtyf.dll
%SYSTEMROOT%\system32\qoMfdaWQ.dll
%SYSTEMROOT%\system32\aecggnuj.dll
lemaba.dll
%SYSTEMROOT%\system32\efcBSMFY.dll
%SYSTEMROOT%\system32\beuijety.dll
%SYSTEMROOT%\system32\ssjaug.dll
%SYSTEMROOT%\system32\pcdkykes.dll
%SYSTEMROOT%\system32\mroobnpg.dll
%SYSTEMROOT%\system32\diriedfk.dll
%SYSTEMROOT%\system32\rkwoirys.dll
%SYSTEMROOT%\system32\xxyaxvUN.dll
%SYSTEMROOT%\system32\tqywtr.dll
%SYSTEMROOT%\system32\jitgrwvq.dll
vumer.dll
windowsupd2.exe
editpad.exe
cidrules.dll
psdrv.exe
hrj6051se.dll
geebc.dll
pmnlk.dll
castlecops[1].exe
sstrs.dll
nnnmmlk.dll
khfcdaw.dll
tuvwuss.dll
ljjgedc.dll
wvursqn.dll
pmnnm.dll
ddcca.dll
jkhhf.dll
byxurqq.dll
Windows_XP_SP2_Professional_Edition_Corporate_serial_number.txt[2].exe
sstqq.dll
awtqopm.dll
awtttqr.dll
ssqqn.dll
tuvvsrp.dll
efcdaab.dll
nnlmn.dll
awtqomn.dll
xxyvspp.dll
ddaya.dll
efcbbcc.dll
urqollm.dll
nnlif.dll
gebabcd.dll
mljiggd.dll
ddayy.dll
mljighf.dll
opnlifg.dll
wvwxv.dll
%SYSTEMROOT%\system32\mlJYpQjg.dll
%SYSTEMROOT%\system32\tzbgbt.dll
%SYSTEMROOT%\system32\oaisli.dll
%SYSTEMROOT%\system32\bindnvej.dll
%SYSTEMROOT%\system32\drczbq.dll
%SYSTEMROOT%\system32\mgjdax.dll
%SYSTEMROOT%\system32\efccddCU.dll
%SYSTEMROOT%\system32\skibqpxt.dll
%SYSTEMROOT%\system32\tfpdhn.dll
%SYSTEMROOT%\system32\ttyiplei.dll
%SYSTEMROOT%\system32\dsekqy.dll
%SYSTEMROOT%\system32\exqwxcji.dll
%SYSTEMROOT%\system32\vrzbdi.dll
%SYSTEMROOT%\system32\grzquz.dll
%SYSTEMROOT%\system32\tfvkod.dll
%SYSTEMROOT%\system32\vsiots.dll
%SYSTEMROOT%\system32\xmmjlipj.dll
%SYSTEMROOT%\system32\qkqtodyv.dll
%SYSTEMROOT%\system32\aglydi.dll
%SYSTEMROOT%\system32\sxvaedyd.dll
%SYSTEMROOT%\system32\nrlvkj.dll
%SYSTEMROOT%\system32\nosemdos.dll
%SYSTEMROOT%\system32\sdjomk.dll
%SYSTEMROOT%\system32\qkojjk.dll
%SYSTEMROOT%\system32\oxodam.dll
%SYSTEMROOT%\system32\ybhwxj.dll
%SYSTEMROOT%\system32\frcdmhox.dll
%SYSTEMROOT%\system32\wnhvnxjb.dll
%SYSTEMROOT%\system32\nnnlkkhg.dll
%SYSTEMROOT%\system32\awtsPJcA.dll
%SYSTEMROOT%\system32\fdswmgss.dll
%SYSTEMROOT%\system32\wowoxx.dll
%SYSTEMROOT%\system32\vtUmmNFw.dll
%SYSTEMROOT%\system32\dsnltn.dll
%SYSTEMROOT%\system32\mzqlig.dll
%SYSTEMROOT%\system32\cssifsik.dll
%SYSTEMROOT%\system32\zwpmbd.dll
%SYSTEMROOT%\system32\ssqrSMee.dll
%SYSTEMROOT%\System32\gcufkcko.dll
%SYSTEMROOT%\system32\lemaba.dll
%SYSTEMROOT%\system32\ubhkrk.dll
%SYSTEMROOT%\system32\xxywVlLC.dll
%SYSTEMROOT%\system32\hoxxogah.dll
%SYSTEMROOT%\system32\yvkydy.dll
%SYSTEMROOT%\system32\nedotfwb.dll
%SYSTEMROOT%\system32\vakqbbpn.dll
%SYSTEMROOT%\system32\mudapy.dll
%SYSTEMROOT%\system32\frljnq.dll
%SYSTEMROOT%\system32\trsjpbyp.dll
%SYSTEMROOT%\system32\iesvcmon.exe

VirtuMonde creates the following files in the system:

cbgzgdqt
gf1.0.0.2
2chkdsk
904598c7

VirtuMonde creates the following registry entries:

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce\*winlogon
HKEY_LOCAL_MACHINE\software\microsoft\windowsnt\currentversion\winlogon\notify\psdrv
HKEY_LOCAL_MACHINE\software\targetsoft
Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\pmnno
Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ssttr
83B28A74-640D-48F4-9F51-E80EED7CC7E0
D38439EC-4A7F-42b4-90C2-D810D7778FDD
Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\iifddby
Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ddcbabx
662BB3E3-204F-44FA-A827-143B8AB4B036
9CF8EE9B-0B2E-464A-9700-D7B46142BD99
F73AF695-229D-4549-B1A0-20DA99A81F19
5A4A2D56-931A-4733-9121-033A2D95A274
05029E1B-4C41-4681-8F7F-2AEC346136F4
E4EEFFED-93CD-4CF0-A0F3-50D139121FEE
095514BB-363E-451D-9BAE-A054E51BD0B0
27534EA2-AF0A-4405-9143-8837572099BC
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\57D6708C-88E2-4CAB-9FA4-78BB8CA3A3C4
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\tuvwuss
44218730-94E0-4b24-BBF0-C3D8B2BCE2C3
1f9137dc-0b86-43e1-a596-8b2b49125124
5A04F1F7-C0A5-41A1-8C23-7A96894B9002
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\vtsss
Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\pmnlk
D6A00137-3F93-44D3-BBB8-A3BF01F57F0E
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\urstr
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\byxurqq
837B45D6-BF85-457D-AABF-6D2E7815F791
538DBDB9-C3BC-4ADA-AAA1-E6A6B3DB1E15
C4F4DBBD-4A4C-4B40-97DA-2FE06DBB2901
6980D6C1-F025-4067-B8B8-F12029EA0CD2
1B2E9329-C933-4A5D-908C-9A8251D1B7C6
DA0053C8-1501-48C6-BD86-167AA3DEC119
B1F4D9B0-7300-408A-B70A-677CC7276EF6
6730A59E-FBA3-4EEC-B564-5F05EF8EF39C
3385764C-85FC-45CC-B290-E97646306BB2
232D2677-68EE-4FA1-B988-279EBC8969ED
C408EC5B-CC5E-451D-B831-6DB83DA47244
01CD0B31-9154-45F2-9414-F5D64B74EAF6
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\gebyxuu
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\khffefd
A288996D-94BC-4C73-8CC7-A20F8A435A98
AEBF6926-DBA6-4100-A838-1CED0169AB78
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\ddcaaxu
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\hgggdbx
F9491793-47BB-4F3C-9B1A-08A8E4F88D0D
A47BD9A5-EF81-4E2D-B5D8-A5AF7099683E
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\iifdcdd
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\qommlii
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\ssqopqo
506602EA-3290-416C-84E7-B2B331D2DFA2
259B6215-70A2-4789-9978-64CD33632682
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\ssqpono
CBFA0E8E-7489-4A16-8D6E-0D58BFFB6134
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\wvuspmn
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\rqolkll
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\gebabcd
415D402F-A6FC-4CA2-927B-2323BAAFB966
7F96901E-BEB4-4316-B165-5C4F2D6314CA
F7608A7B-DB2D-4CF1-8930-708A32896876
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\hggeeee
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\iifdaxu
24C61C09-62C0-42ED-B640-53F7FEC9098A
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\ddcabya
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\awtrqon
7de1e3d1-c102-4dca-bd3d-43cbe8303ee5
E180F496-8A4B-44E2-9FE0-0364E345DB7F
571A01F0-FBF2-4411-A41B-BBB3CE6189E4
9543B1E1-5B66-4DFA-B579-0B392D0BB33C
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\ljjhgee
9FEA8F43-D4ED-458C-B727-B667025676A0
F2A65CD2-0CDE-4E63-B8F3-16D90EF77603
59FEDA57-3BE1-450E-B368-F93067B94C86
5550F659-4DE0-497D-B8A2-3E1AFB973784
3A0909EF-95E0-47B3-B117-FA03D9FDDBD1
90696A05-6C9A-488F-957D-4D4A3D5F61C2
24E9519B-3F70-429B-99BC-4B2B49B96F66
f4ececf2-73d0-474e-06da-11f818303327
3CAB59B4-55A3-4737-9FD5-B93C6430BF75
Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\khfDtUno
B1FFEAF8-F7C8-445D-98FE-9AD04897C6AE
956677BE-F493-4F74-ACD6-E5A0E62904A5
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\EEC73EA5-1367-49D1-93F4-CA1D8C22E9F9
CB5A3EDC-08DA-48D4-BD49-AC53308B64DC
Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ddcYpmkK
9936EFFC-4A2C-4F1B-BB68-DEDC6916EE19
4846D90B-B1ED-402A-A718-91E88C6E2839
a7ef6dba-8a53-4f52-bd9a-01a6a4e083c0
499E5F81-EBE0-4D08-818D-3E88B0A13542
cdfbb87c-0d5f-48b3-bf4a-2f5c3db9b0de
804B913C-F0BD-4FC0-8D86-2A8DE2F682B2
32D0CCCB-4D89-4510-BAF7-028BC11E60DB
0c294220-1a9d-476a-a918-53f2da2571e4
84178bfa-b729-48a8-af52-836f668dc7e8
SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\dtseqrxk
BB7EA5A7-A6AE-4575-96A3-098A577D4765
4EF267EE-D1A4-4C92-85A9-B51B58A53BE4
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\60EDCEE2-B6AF-4F2E-BB15-14F101364B47
0b27b1d3-b168-4d26-a135-9f44ae91793f
f6473971-cbf4-49ab-96a1-74b92d63f718
45e6b878-e844-4765-81dc-7bc1bc01b2b0
71fd4dba-7b71-4919-b15a-2ca0f68cd384
ec8020d0-89dc-4531-9200-c9cefe301e90
9E91EF7B-6846-45C3-A8AB-67CF7C900783
A51F62AE-D855-44B8-BB71-352C69FBF257
7252d783-5e03-4621-b9dc-29c2e6da8086
29681927-b22c-4eea-b7c0-4a34fb62529e
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\5FCD13AC-B899-4EF7-BD3E-C959EFBFB753
2AABD0C3-1B64-4DE0-AE17-BBBE806197F2
e2dd9458-f71a-42cf-8706-a694f147e8a8
f9f2d698-4bb7-4b32-9059-e9b7bb328337
55900762-469d-421f-9268-162d00bc2ab3
03b9c36c-139b-40df-a510-c3224aedf48f
3f30d137-f50e-4b40-927e-b40ec125a068
62D1390B-75E8-445C-A99D-3340E08FD4C5
11EDF9E4-A3CE-44B8-8DBB-64948F77B808
14315df3-d035-49e2-949b-ae8c2a23c739
519AD75B-6F4F-4E48-B7C9-3793CE64B509
B0B3393C-62D1-44D8-ABF5-08E0F067F29E
3c7e20d1-e787-4e3b-8dac-a7687d1899ff
01178AD0-E0BA-4624-A2A7-2FF828A80844
7DDB071D-FE54-4B5C-B577-380F3DDFF000
a2a4374d-86be-4a53-96aa-de8d5c353558
f29ac8c0-9bf7-49f6-89a6-56f4a920a9ac
a42c261d-6894-412d-a472-326f7d6208d9
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\E7683750-B89A-402F-8F22-EBF3DA3F70C2
5248db72-612a-4475-b7c8-275de6aec6cb
fb55919c-72fa-4b2c-8e11-c563d0268004
111479C2-D213-4ACA-899F-DDC6FE2A637B
084677b7-fc41-4e07-9c41-08d2d3697b0c
178d586e-b3d6-4548-b34c-7c1ffbfcdca7
965f4cc8-42a4-45e5-b0ed-8677fb675aa4
d8d0722e-445a-444e-a614-6dafb600d78b
0B014B81-4E12-46F9-806F-55867AF8FD3C
b2c92af1-09fe-4ef9-a6c3-5be47f3e7ec4
13589181-4f0d-4553-b9f8-b4b72172c139
HKEY_LOCAL_MACHINE\software\microsoft\windowsnt\currentversion\winlogon\notify\catw
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\*catw
1B34D3EC-4AC7-41EC-ACC8-C9A2C0CBA2E5
22B271AB-3D0A-4CCB-8AD9-DD08183C356A
Software\Microsoft\Internet Explorer\Explorer Bars\83B28A74-640D-48F4-9F51-E80EED7CC7E0
Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\pmnlk
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\6148028B-D532-4417-8C0B-5A4A0B745393
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\A05DA7E0-383C-4E99-A72A-742050A152A2
C78658B2-CDE5-4FD1-B73B-B9FF478DBE54
SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\ssttr
F00EFDF5-0042-4F5E-9F20-C688409CF918
3F82D203-999F-4FF4-9F07-5F9EBFCCE20F
01ABD624-98FE-4B37-81F2-4E5B41799B6B
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\nnnmmlk
82412A22-FFED-4A67-B37D-4127EBA1BB02
41D495B7-9E31-4637-A0AC-5BB4C4F4E8C9
57D6708C-88E2-4CAB-9FA4-78BB8CA3A3C4
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\mljkkhf
Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wvursqn
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\pmnnm
F9C57A10-3FFE-4E94-924E-264713738291
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\ddcca
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\gebbawt
F40114E6-51D4-4EE4-9F38-2E979AF84593
C3352FCD-CFE5-4F35-831A-19C68DDB7CF4
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\rqron
B7672BAF-E9A3-49B6-86B2-C81719A18A4C
89AD4D75-2429-462e-BD4E-443F233F6033
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\fccbccd
53ABEA8C-703F-4CC0-9EFB-97257CCB5E41
CBD708EF-2ADC-47F4-BC1C-50E1A7AA4265
A3DA48A6-8C7B-43CB-B31B-F28005EF8DFD
90375CC7-C153-4D5C-B81D-C4011A3C16D3
582C46EE-9E66-4DE0-92A5-34B971099C0C
Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\awtttqr
A93EE73A-8FEB-47CD-BDF1-E75A0B6BEF8C
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\hggdefc
AB30E818-2B0F-4336-BB29-35D245598EDB
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\ssqnolm
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\cbxussr
2ABAAC42-84DF-4C00-89DA-BC7EB2B0E70B
F95B14B7-B316-49DA-972C-1225025AFB7A
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\awtrsss
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\tuvutus
88741C23-A892-4B7E-8F89-4A69CB12DA67
326F7029-5B4F-4D02-8D77-F16322C282C1
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\awtqomn
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\byxxyay
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\opnlmjh
6A30EED0-7D3E-40AC-946D-CF769A3ACDF5
6A061FA1-352D-4902-94FB-46BD37FD7FAF
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\iifcyab
9DEC9A9D-E4F1-4081-A06E-76601F998EB4
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\fccdbab
1A4318F1-865F-43A0-88A6-22666DDB6F47
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\vtutron
CA28FAC6-6381-4F89-9090-F399BBAFC26C
98663E21-9CCE-4CF6-863C-911A9523A66F
D604A3C9-1BDF-48AA-8CB3-80C2752FB6C5
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\yayxuus
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\iiffgfd
7D7F29A5-8D07-44FE-89B6-A8F4DFFD03FB
DB7BB42E-456D-4203-ADCF-C0B999112DA0
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\iiigefg
FA6E43E6-F825-4317-BBCC-EC8462D1F3A5
Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\efcawvu
FFF29BE4-24AC-4E31-B99B-45238B764111
5A7CFD83-8907-460B-88C5-8CBAD95F1CF1
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\ddcbaxw
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\opnlifg
A98D0065-7326-41B5-B8D9-C5B692CDB82F
4C16CAB4-7053-2AD8-5166-2C00BAB3D8BE
B5FAC233-228C-4106-BB63-3031B84E2AB9
826A5ED9-1316-4EFD-87F8-AA400C5D551A
3BE9150C-E2ED-4294-8F70-4CCA872A7BB3
7FDF7614-0DF6-4A84-9041-2D873AB5C2C5
ea3f2b22-4a94-4b29-8101-881882e0d8b9
3DB7BCD6-5AB2-4224-9D5C-91596FDA31B9
0f70b574-9236-469c-bb21-9654dac1f67d
9B5D62CC-A31F-41E6-AB67-9D51D48B5C07
82B8E0B5-45F5-4779-966A-C474164F8F7F
EEC73EA5-1367-49D1-93F4-CA1D8C22E9F9
684BFE7F-F5B2-4AB3-A95E-EB5036A2D286
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\684BFE7F-F5B2-4AB3-A95E-EB5036A2D286
D0DC2547-DF58-4CF2-8FA2-25DEE29426F6
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\D0DC2547-DF58-4CF2-8FA2-25DEE29426F6
Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\awtrrsPH
77e00874-1b7e-41c6-ba97-43e2463efada
fc796ded-5fa6-4a4b-8473-3636b0fe9d1b
32E451A3-6C66-412C-8F6E-65778F016BC6
F24F5951-B29D-49B0-9BB3-BE6818CA6940
71e40ee5-71ae-4e0d-8324-949376d44774
04e6699f-53a0-4c02-aefd-7bfff3835ea2
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\135B4804-7728-4137-B6D8-5CC590110C9D
Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wvUmjhIY
5850d2e6-6e49-4d0a-bb2e-a49e8fa2eee6
0955079E-3A5E-4FF7-A7C9-2A65CAAE1EF2
7B0FCA45-023B-452A-B893-D007523A9ED8
4c23403e-346b-40b4-8fe8-b80516c8ada9
1764AF3F-400C-415E-9A92-67A7D55C2C71
90b7bdb9-8798-4b86-a3c7-c3ba8069b2eb
4caf47ba-df5a-4ebf-b5f5-9965d8060939
8a2fa032-bb09-4ef3-9ec0-bafb1412cb8e
AD72687B-CF83-4463-8E95-2CB3198CA5F6
FFA0E487-277F-4C2D-A509-EE12E51D03EC
866d26cd-56b2-4a3f-84ba-825ea199099b
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\AD72687B-CF83-4463-8E95-2CB3198CA5F6
Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wvUnNgGx
87bbb91d-3535-44ff-b209-91b49ca8e1fa
7a03a593-de50-4edb-b682-a5d5e9d3d967
5d89cb9c-f2a1-43a5-a6fd-bdbf3688747b
75ABCF92-9764-4DFA-A83F-5142C3905052
92f69757-bae4-4c71-9dae-3298ed7c11aa
237873d9-d1b9-42b6-987b-f086140b383e
49a5d05d-e4a9-4670-8c4d-4099031c1453
CB5DC5A5-F162-4B48-BBF6-3DDC62836285
C31C05B4-0A01-4DC2-8E5E-0315459F508E
7be88cbc-6d7b-4a98-857e-6c65523b813f
0524B01A-F7AF-4665-8BE1-BE460478A4FF
a6cefe49-8b87-471d-a1ce-495714b78b80
Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\nnnmKDtU
5102b002-845b-4545-8c80-fdf9cf4a910b
1326b103-1a17-4dcd-a1e9-d7444462b3f5
03ce200e-8abf-4048-a20e-fdec08f7c2b1
bef5aa5e-1743-4644-bc53-d9051958a72b
Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\efcCrRIy
AF209DB6-29BB-4F8B-84E8-2056EA999610
e8b78529-d710-4e8b-957e-897ecfda658d
87C4EC40-45E0-4795-8468-ED8F87056A59
ec201117-1dbc-441f-9b43-539c0d451d2e
472c09de-3502-414d-b39b-0afd6efa4bca
38637efe-db1a-483c-a98c-b94df9c8c130
88e08cea-356c-47ac-9c50-d5c82f50da13
Microsoft\Windows\CurrentVersion\Ext\Stats\0B014B81-4E12-46F9-806F-55867AF8FD3C
5AF36D53-E172-430C-931E-4A4C73998713
HKEY_CLASSES_ROOT\atlevents.atlevents
HKEY_CURRENT_USER\software\microsoft\windowsupd
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\windowsupd
D01C9902-73AF-47FF-B784-05FDB6604FCF
68616403-4FFB-4B19-B360-0B0B1F55D5EC
D714A94F-123A-45CC-8F03-040BCAF82AD6
2FCAB754-0535-470E-8F80-BACB6CA1ACC1
6148028B-D532-4417-8C0B-5A4A0B745393
A05DA7E0-383C-4E99-A72A-742050A152A2
B763C083-57E0-4993-B058-13008952DF68
SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\pmnno
B2030C9A-DE59-457D-A042-D827AD69C8F3
22E58089-6DB5-45D9-BF87-6C8975246D26
1FB63E52-4D6E-48C1-A08F-F630FE50F337
59B5C788-4D95-4610-B1ED-AD9DC7CD86E0
8410970E-714C-4F14-AA6B-B3B2F3246827
34FB86FC-74AC-4AC4-BACE-D9E929C6F9E3
28DD5FA9-7526-4463-A548-BD2877B2710A
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\khfcdaw
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\sstur
855879EC-968C-4480-976B-870669F5F95A
719C7140-463A-45CB-BA90-828B11FCF5A4
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\keycpl
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\tuvvtut
35B868E9-614B-47BA-81F7-841B8B055247
FA2C0BCD-918D-46C7-BD03-F96CAB3E164F
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\jkhhf
53D52C90-6F7B-49D9-8102-7E5CF7F5C14F
45B20293-5C68-4271-B4FD-F43A4075A2E3
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\awtqopm
4E35C785-B803-471E-AF03-74BDE42EA65A
2AD3123A-16FF-404E-92E5-47128E40D281
9DC8B477-C55C-4373-953D-8913334A8D8B
2D04C025-C1A3-4DC1-81D8-A10EFEAFA699
429E0606-5905-4CCD-998A-9D2C29DE6F33
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\837B45D6-BF85-457D-AABF-6D2E7815F791
90624170-D668-409E-A2F5-C0710044760F
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\geebc
634BBAB7-3F60-4426-944F-A62B9007F67F
200D0AAD-71B1-51C9-DDB0-092BA4662A54
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\tuvvsrp
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\efcdaab
46523B68-2656-4D4D-B415-20907B8E649A
9D88DD0F-5C78-417D-9E48-DDE4BCC53E9F
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\pmkjj
6551122A-4DEB-4949-8ABF-72972775F028
3FABB570-CFE9-43FB-82F4-F065466077B4
817A8844-1AF6-4093-B74A-DD91676A179E
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\xxyvspp
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\cbxvusr
DB1F1927-3FFC-4313-82AD-6A75758E5D32
81182B58-0DB8-4671-A345-BD9B20E6FC72
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\urqollm
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\efcbbcc
47A21439-A069-4BC1-BB70-54C9ED60691F
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\ddcawvv
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\pmnlmnk
5AAF23D8-4489-43D8-A064-319D1254ABCA
49D63E18-33B1-46F2-82C2-39431FB94794
C3A84C81-8E37-4EAA-8E6C-C4FF35A67F96
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\opnnopq
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\mljiggd
20EC205F-3300-4013-A537-69DDC176CF42
64C8EADA-5CDB-4A79-9213-F3F68E851D56
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\wvuuutt
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\mljighf
BCB279E3-2BB4-4A4B-90C5-3CEBACC6B15C
D81BE140-D159-4732-BCE8-185C9210E38E
037C7B8A-151A-49E6-BAED-CC05FCB50328
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\cbxyvwu
MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON\NOTIFY\opnkjjg
B0BCDD0D-1EC9-4EA4-A013-5642B9598271
63AB48C9-01A8-495C-8194-A715DB8A37A2
B82F29E4-8368-4B14-9C00-5138C0D94034
12C71A70-09ED-4515-A39C-99E973B8E9F7
AA8DFF57-1E4B-4A01-9681-AB25E1CF6532
2FEAE5F7-1F4D-A231-30D1-04759E1C1FCB
965585E8-9537-45FE-952F-DDE5BE10AE52
6bffbb42-ac73-4d2f-8109-562f11353e93
963db810-b29b-4595-aea0-649db6103abc
9F24CE12-437E-4413-BA41-0BF61D67EC80
a1e653d7-374b-4f3c-aa1d-fd259c751c11
9D9294A6-8FB0-4206-AD93-5E9A9EF0B517
Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\awtsRjhg
8B522498-4803-4A8D-A297-46AE273C44A6
59148BE8-B764-447A-9302-4AEB7187D3CB
03F408E7-0903-46E1-9284-EC56550C3597
Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\nnnoPGXp
60ABF6AC-BAE2-4400-8936-0593C3C9A8A8
71A4297F-F337-45B4-9B5C-4D6EE32AC45B
D7336D32-62F7-43B5-8B8C-3963C72CA498
135B4804-7728-4137-B6D8-5CC590110C9D
EB338DB6-EC2C-456B-B5AD-ED97FB489684
4CAFAF0C-C38F-43C1-8080-390E776254DE
f06718dd-b23e-4c0f-bcd8-24bcdc5e2df4
E2F6A304-81C0-4A91-A2A2-DBB4505FAEDC
b72df2c1-1205-4f44-b188-8dda6f84e30b
60EDCEE2-B6AF-4F2E-BB15-14F101364B47
Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\xxyywTMD
90a0468b-3120-48fc-8aa1-378d2a4228db
0a7a4957-9298-4605-9872-24da8a514db6
e43f6db8-d6dd-40b0-bfce-80a032475332
11ece6bb-8155-4e05-bacf-a452151107af
242fe30b-f264-49b8-9ac1-3095389fba03
35843B6D-FA05-42C7-BBF3-6343F011D444
A1C50067-D883-45F4-B991-D5FAAAA4CAB1
f55bcd71-47e0-4c7b-81ae-53e197293088
5FCD13AC-B899-4EF7-BD3E-C959EFBFB753
Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\fccbBRKD
e43f1b7c-71ac-4ecb-a398-36faf7513768
9b2bb67d-12d6-49b8-a186-2eec081a548e
4d58f285-10b4-48d5-a378-63102081359e
4b58dd09-080f-4417-8dc4-2d19bbe49fc7
93350c7e-163b-4a3b-96e5-154b58d33d6a
299B5FAC-2168-4A5D-A67D-AA4C8F8055DA
037E77C2-A153-4A29-8D9A-16A031629FFd
AFFCBA64-651F-43DD-97BC-684C179618A5
4cab59b4-55a3-4737-9fd5-b93c6430bf76
ca00c181-714f-4d26-acb0-b0f33c6439e5
A63E645F-13BD-45ED-B15F-6E8C1BD57279
505964f0-9ad9-41a7-9ffb-49c060d720ce
SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\AFFCBA64-651F-43DD-97BC-684C179618A5
E7683750-B89A-402F-8F22-EBF3DA3F70C2
f92a2961-c48e-48f9-94c4-9b16f66b2e05
b299062f-1444-40af-b413-1b0b0d774129
2c09d555-e7ea-44d7-aa02-77fa0c8c5637
Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\037C7B8A-151A-49E6-BAED-CC05FCB50328
b759fdbe-71e0-48b3-8d24-698371c66e6c
d76ea4c0-5b1b-4ceb-b265-140e51c6b012
17E9C4F4-43D5-41FF-9BE8-8847AFC260C4
ed43d6be-defb-4730-97c0-da140791547d
Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\awtusqQk
9d0e88ac-5012-43a4-8f3d-cfc5d9ad685d
3f6cf36c-f0e1-45e8-83f3-6b47bd627cdd
2502BBD0-D73B-11DD-B4EC-CEBF56D89593
A14F7F83-6C53-46E9-943B-67CDB7BC64F7

Important Article Disclaimer

This entry was last updated on 05/13/09 and posted on 02/14/07. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Note: Abusive comments are not allowed. Please do not post comments regarding technical support issues. ESG customers that have issues with SpyHunter should open a customer support ticket.