![nvsvc rundll32 exe nvsvc rundll32 exe](https://www.geniustechie.com/wp-content/uploads/2019/10/Rundll32-exe-3-265x198.png)
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe R3 - URLSearchHook: SearchHelper Class - C:\Windows\system32\browseui.dll R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
![nvsvc rundll32 exe nvsvc rundll32 exe](https://www.malware-traffic-analysis.net/2014/03/01/2014-03-01-Neutrino-EK-step-07.jpg)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exeĬ:\Program Files\Windows Defender\MSASCui.exeĬ:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exeĬ:\Program Files\Toshiba\Power Saver\TPwrMain.exeĬ:\Program Files\Toshiba\SmoothView\SmoothView.exeĬ:\Program Files\Toshiba\FlashCards\TCrdMain.exeĬ:\Program Files\Toshiba\ConfigFree\NDSTray.exeĬ:\Program Files\Toshiba\HDMICtrlMan\HDMICtrlMan.exeĬ:\Program Files\Toshiba\TRCMan\TRCMan.exeĬ:\Program Files\Alwil Software\Avast4\ashDisp.exeĬ:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exeĬ:\Program Files\Windows Media Player\wmpnscfg.exeĬ:\Program Files\Windows Sidebar\sidebar.exeĬ:\Program Files\TomTom HOME 2\TomTomHOMERunner.exeĬ:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exeĬ:\Program Files\Toshiba\HDMICtrlMan\HCMSoundChanger.exeĬ:\Program Files\Internet Explorer\iexplore.exeĬ:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exeĬ:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe