It would be extremely helpful in removing malware if TeaTimer would simply show the name of the executable or dll (started with rundll) that tried to change the registry.