GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2015-05-26 20:19:23 Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_HD103SJ rev.1AJ10001 931,51GB Running: jhnmqgsg.exe; Driver: C:\Users\Zbyszek\AppData\Local\Temp\axddipog.sys ---- Threads - GMER 2.1 ---- Thread C:\WINDOWS\system32\csrss.exe [3256:5772] fffff96000350558 Thread C:\WINDOWS\system32\csrss.exe [3572:272] fffff96000350558 Thread C:\WINDOWS\system32\csrss.exe [4232:5700] fffff960008132d0 ---- Services - GMER 2.1 ---- Service System32\drivers\dtsoftbus01.sys (*** hidden *** ) [SYSTEM] dtsoftbus01 <-- ROOTKIT !!! ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager@PendingFileRenameOperations \??\C:\Users\Jaros?aw\AppData\Roaming\Babylon\log_file.txt??\??\C:\Users\Jaros?aw\AppData\Roaming\VOPackage\VOPackage.exe??\??\C:\Program Files (x86)\Google\Chrome??\??\C:\Program Files (x86)\Google\Update\1.3.26.9??\??\C:\Users\Zbyszek\AppData\Local\Temp\~nsu.tmp\Au_.exe??\??\C:\Users\Zbyszek\AppData\Local\Temp\~nsu.tmp??\??\C:\Users\Zbyszek\AppData\Local\Temp\_iu14D2N.tmp?? Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed 1814323947 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01@Type 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01@Start 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01@ErrorControl 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01@Tag 91 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01@ImagePath \SystemRoot\System32\drivers\dtsoftbus01.sys Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01@DisplayName @oem42.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01@Group SCSI Miniport Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01@Owners oem42.inf? Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01@mask 0x74 0x78 0x38 0x2B ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01@AdapterStatus 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01@client 0xD2 0x71 0x99 0xB9 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit0 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit0@data 0xEE 0x6E 0xD1 0x33 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit1 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit1@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit10 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit10@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit100 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit100@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit101 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit101@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit102 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit102@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit103 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit103@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit104 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit104@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit105 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit105@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit106 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit106@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit107 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit107@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit108 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit108@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit109 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit109@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit11 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit11@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit110 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit110@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit111 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit111@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit112 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit112@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit113 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit113@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit114 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit114@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit115 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit115@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit116 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit116@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit117 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit117@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit118 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit118@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit119 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit119@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit12 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit12@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit120 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit120@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit121 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit121@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit122 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit122@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit123 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit123@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit124 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit124@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit125 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit125@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit126 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit126@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit13 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit13@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit14 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit14@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit15 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit15@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit16 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit16@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit17 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit17@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit18 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit18@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit19 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit19@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit2 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit2@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit20 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit20@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit21 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit21@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit22 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit22@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit23 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit23@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit24 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit24@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit25 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit25@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit26 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit26@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit27 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit27@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit28 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit28@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit29 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit29@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit3 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit3@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit30 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit30@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit31 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit31@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit32 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit32@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit33 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit33@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit34 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit34@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit35 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit35@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit36 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit36@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit37 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit37@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit38 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit38@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit39 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit39@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit4 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit4@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit40 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit40@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit41 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit41@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit42 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit42@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit43 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit43@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit44 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit44@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit45 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit45@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit46 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit46@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit47 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit47@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit48 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit48@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit49 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit49@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit5 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit5@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit50 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit50@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit51 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit51@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit52 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit52@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit53 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit53@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit54 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit54@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit55 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit55@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit56 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit56@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit57 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit57@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit58 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit58@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit59 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit59@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit6 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit6@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit60 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit60@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit61 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit61@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit62 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit62@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit63 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit63@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit64 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit64@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit65 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit65@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit66 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit66@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit67 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit67@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit68 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit68@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit69 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit69@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit7 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit7@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit70 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit70@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit71 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit71@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit72 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit72@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit73 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit73@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit74 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit74@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit75 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit75@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit76 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit76@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit77 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit77@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit78 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit78@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit79 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit79@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit8 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit8@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit80 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit80@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit81 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit81@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit82 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit82@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit83 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit83@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit84 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit84@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit85 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit85@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit86 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit86@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit87 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit87@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit88 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit88@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit89 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit89@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit9 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit9@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit90 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit90@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit91 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit91@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit92 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit92@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit93 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit93@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit94 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit94@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit95 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit95@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit96 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit96@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit97 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit97@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit98 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit98@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit99 Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01\unit99@data 0x3D 0x3E 0xE9 0xB0 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\dtsoftbus01 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{C34CD7A8-7CB5-4C16-B2C1-AAD00EE40FEB}@LeaseObtainedTime 1432659161 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{C34CD7A8-7CB5-4C16-B2C1-AAD00EE40FEB}@T1 1432662761 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{C34CD7A8-7CB5-4C16-B2C1-AAD00EE40FEB}@T2 1432665461 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{C34CD7A8-7CB5-4C16-B2C1-AAD00EE40FEB}@LeaseTerminatesTime 1432666361 Reg HKLM\SYSTEM\CurrentControlSet\Services\TrustedInstaller@Start 3 Reg HKLM\SYSTEM\CurrentControlSet\Services\TrustedInstaller Reg HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient@SpecialPollTimeRemaining time.windows.com,7cb5aed??????????? Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@Rw 0x64 0x62 0x03 0x00 ... Reg HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@RwMask 0x64 0x62 0x03 0x00 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer@GlobalAssocChangedCounter 223 Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{e3e1639c-664f-11e2-be68-50e5493c9ff3} Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{e3e1639c-664f-11e2-be68-50e5493c9ff3}@Drive Type 1048593 Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\Drives\Volume{e3e1639c-664f-11e2-be68-50e5493c9ff3}@IsImapiDataBurnSupported 0 Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\CD Burning\StagingInfo\Volume{e3e1639c-664f-11e2-be68-50e5493c9ff3}@Active 1 Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shutdown@CleanShutdown 1 Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\iexplore@Count 5 Reg HKCU\Software\Microsoft\Windows\CurrentVersion\ImmersiveShell\Grid@Logo100 %USERPROFILE%\AppData\Local\Microsoft\Windows\Explorer\TileCacheLogo--211422281_100.dat Reg HKCU\Software\Microsoft\Windows\CurrentVersion\ImmersiveShell\Grid@StartView80 %USERPROFILE%\AppData\Local\Microsoft\Windows\Explorer\TileCacheStartView--1542857953_80.dat Reg HKCU\Software\Microsoft\Windows\CurrentVersion\ImmersiveShell\Grid@Tickle80 %USERPROFILE%\AppData\Local\Microsoft\Windows\Explorer\TileCacheTickle--211422937_80.dat Reg HKCU\Software\Microsoft\Windows\CurrentVersion\UFH\SHC@7 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Tray Icon (Live Protection).lnk?C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe?? Reg HKCU\Software\Microsoft\Windows\Windows Error Reporting\Debug@StoreLocation C:\ProgramData\Microsoft\Windows\WER\ReportArchive\NonCritical_80070490_bcf099341f64f378ff284419bac499a171b18331_00000000_013ce489 Reg HKCU\Software\Microsoft\Windows\Windows Error Reporting\Debug\UIHandles@CheckingForSolutionDialog 0x36 0x02 0x02 0x00 ... ---- EOF - GMER 2.1 ----